On Sun, Sep 27, 2015 at 12:45:52AM +0530, Mukund Sivaraman wrote: > > Abstract: > > This document describes a method for a client to be able to verify > > that IP-layer PDU fragments of a UDP DNS message have not been > > spoofed by an off-path attacker.
The NONCE-COPY field seems redundant now as the checksum computation
includes the NONCE field. It was added in an earlier form of the draft
when the computation didn't include the nonce. Perhaps it can be removed
and the NONCE field doubled in size.
Mukund
pgppHHhqMrIbn.pgp
Description: PGP signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
