Masataka Ohta <mo...@necom830.hpcl.titech.ac.jp> writes: > Bjorn Mork wrote: > >>> Plain DNS with long enough message ID is secure enough. >> Hello! >> Can you please point me to the set of RFCs (or draft) which >> describes >> this "secure enough" alternative to DNSSEC? > > As I wrote "rely on DNS cookie or something like that", > an example is in rfc7873.
Sorry for being slow, but you'll have to explain a lot more than that if you want to convince me that DNS cookies and DNSSEC are equivalent alternatives. But maybe that wasn't your goal here? You're just happy that you have seen the light and don't care if I understand what it is? If so, then that's fine. I don't understand why the announcement was important though. I was asking specifically for your alternative BCP. "Go figure it out by yourself with DNS cookie or something like that" just doesn't make it. Bjørn _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop