Moin! On 5 Aug 2015, at 22:32, Stephane Bortzmeyer wrote:
> On Tue, Aug 04, 2015 at 06:15:43PM -0400, > Ted Lemon <ted.le...@nominum.com> wrote > a message of 312 lines which said: > >> because the client may be an open resolver that implements cookies, >> and indeed open resolvers that implement cookies will now be >> specially favored as attack vectors. > > The vast majority of open resolvers are broken CPE, with a poor and > limited implementation of DNS, or very old BIND not maintained for > years. I think it's unlikely they will be upgraded to support cookies. But most of this broken CPEs forward to ISP resolvers and these will eventually support cookies and forward the queries to the cookie enabled authorities. So long -Ralf _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
