On Aug 4, 2015, at 1:22 AM, Zhiwei Yan <yanzhi...@cnnic.cn> wrote: > But I personally do not agree that the "cookies" will burden the server more > seriously. Look at DNSSEC, it costs more, but it was adopted because we have > requirements on it. Also on "cookies", it is better to find its advantages > and use it in the right place.
Forgive me, but you have not explained why you don’t agree with me. You’ve just said that you don’t agree with me. While I respect your disagreement, the mere fact that you disagree with me is not something that the working group chairs can (or at least should!) weigh as part of their consensus call. To recap, the reason that I think cookies are more expensive than DNSSEC in practice is that for cookies to be deployed in the real world, the DNS server implementing them will need to maintain state: the fact that a client has not presented a cookie cannot in itself be a reason to drop that client’s request. DNSSEC does result in larger packets being sent, it’s true, but this is a relatively small load for the server, since these packets can be served directly out of the database, and don’t need to be computed, nor does special per-client behavior need to be implemented. If you disagree with this analysis, could you please explain what I have gotten wrong?
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
