A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.
Title : Interoperable Domain Name System (DNS) Server Cookies
Authors : Ondrej Sury
Willem Toorop
Donald E. Eastlake 3rd
Mark Andrews
Filename : draft-ietf-dnsop-server-cookies-05.txt
Pages : 18
Date : 2021-01-13
Abstract:
DNS Cookies, as specified in [RFC7873], are a lightweight DNS
transaction security mechanism that provide limited protection to DNS
servers and clients against a variety of amplification denial of
service, forgery, or cache poisoning attacks by off-path attackers.
This document updates [RFC7873] with precise directions for creating
Server Cookies so that an anycast server set including diverse
implementations will interoperate with standard clients, suggestions
for constructing Client Cookies in a privacy preserving fashion, and
suggestions on how to update a Server Secret. An IANA registry
listing the methods and associated pseudo random function suitable
for creating DNS Server Cookies is created, with the method described
in this document as the first and as of yet only entry.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-server-cookies/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-dnsop-server-cookies-05.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-server-cookies-05
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
