Op 16-12-2020 om 19:55 schreef Martin Duke via Datatracker: > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > It seems to me the mechanisms in Section 5 would be simplified by using some > the reserved bit to have an identifier for the secret.
Thanks Martin for the suggestion, We actually considered this idea ourselves in an early stage of the document, but have rejected it, because it would require the identifier to be derived from the Server Secret somehow so that all servers in the anycast set associate the id with the same secret. Also, there is almost always just 1 Server Secret. Only when a Server Secret is updated (which should takes a limited amount of time), using an identifier for the Server Secret would be slightly more efficient. Cheers, -- Willem > > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
