Masataka Ohta <mo...@necom830.hpcl.titech.ac.jp> writes:

> Bjorn Mork wrote:
>
>>> Plain DNS with long enough message ID is secure enough.
>> Hello!
>> Can you please point me to the set of RFCs (or draft) which
>> describes
>> this "secure enough" alternative to DNSSEC?
>
> As I wrote "rely on DNS cookie or something like that",
> an example is in rfc7873.

Sorry for being slow, but you'll have to explain a lot more than that if
you want to convince me that DNS cookies and DNSSEC are equivalent
alternatives.  But maybe that wasn't your goal here? You're just happy
that you have seen the light and don't care if I understand what it is?

If so, then that's fine.  I don't understand why the announcement was
important though.

I was asking specifically for your alternative BCP.  "Go figure it
out by yourself with DNS cookie or something like that" just doesn't
make it.


Bjørn

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to