Yoav Nir <[email protected]> wrote: > One proposal that I kind of liked (and I’m sorry I’ve forgotten who > suggested it) was to relegate the puzzle to a second line of defense, > through the use of some kind of anti-dos ticket. The ticket would be a > bearer token (perhaps an encrypted timestamp) that would allow the > bearer to get by with a much easier version of the puzzle. The
Would this ticket be provided in a Notify, after AUTHentication, in a
previous PARENT-SA?
> In any case, I think the document should be adopted, and then we can
> change the puzzle algorithm according to the group’s preference and add
> a fast path for repeat visitors if we think that’s a good idea.
+1
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
pgpUcaL_6dADj.pgp
Description: PGP signature
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
