On Tue, Jun 16, 2015 at 12:31 PM, <internet-dra...@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Domain Name System Operations Working > Group of the IETF. > > Title : Domain Name System (DNS) Cookies > Authors : Donald E. Eastlake > Mark Andrews > Filename : draft-ietf-dnsop-cookies-02.txt > Pages : 28 > Date : 2015-06-16 > > Abstract: > DNS cookies are a lightweight DNS transaction security mechanism that > provides limited protection to DNS servers and clients against a > variety of increasingly common denial-of-service and amplification / > forgery or cache poisoning attacks by off-path attackers. DNS Cookies > are tolerant of NAT, NAT-PT, and anycast and can be incrementally > deployed. > > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-cookies/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-dnsop-cookies-02 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-cookies-02 > > > Looks good. I am hoping that this becomes widely used.
Two minor typographical concerns in the new text: 5.2.1 No Opt RR or No COOKIE OPT option If there is no OPT record or on COOKIE OPT option present "on COOKIE" probably meant "no COOKIE" 5.3 Processing Responses (last sentence) further processing of the response proceedes normally. "proceedes" should be "proceeds"
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
