Hi Petr,
On Aug 4, 2023, at 05:21, Petr Menšík wrote:
> Again, this proposal is not targeted to gigabit+ links connectivity. This is
> not indented to fight DDoS in data centers. It would be links, where data are
> still counted in kilobytes or megabytes. Satellite links or long range radios
On 8/4/23 10:46, Joe Abley wrote:
On 4 Aug 2023, at 10:12, Peter Thomassen wrote:
A hash over the RRset in question might work, assuming some canonical form is
used (e.g. as used for RRSIG calculation).
In fact, if the requirement is for a hash whose authenticity can be proven by a
relying
On 4 Aug 2023, at 10:12, Peter Thomassen wrote:
> A hash over the RRset in question might work, assuming some canonical form is
> used (e.g. as used for RRSIG calculation).
In fact, if the requirement is for a hash whose authenticity can be proven by a
relying party (which seems important in o
On 8/4/23 02:45, Ray Bellis wrote:
On 04/08/2023 00:29, Petr Menšík wrote:
What do you think, would such mechanism be useful even on classic
DNS? Are there already deployed alternatives? How useful something
similar might be? Does such mechanism contain significant drawback,
why it would not
On 8/4/23 01:29, Petr Menšík wrote:
I started thinking, what if we used EDNS0 extension sending version at the
client and asked the server if that has changed in the mean time. Lets call the
extension cache-refresh for example. It might use SOA version number, which I
think common authoritat
