"cookies" as a
optional configuration: do not use it in the normal case, and open it under
attack. I mean it's better to use it when necessary as a light-weight guard for
the DDoS attack.
BR,
Zhiwei
发件人: Ted Lemon
发送时间: 2015-08-04 11:12:11
收件人: Zhiwei Yan
抄送: dnsop; Paul H
ry easy to diffentiate the
packets-with-cookies and packets-without-cookies, and the cost will be much
lower compared with the DNSSEC. in this point, "cookies" is a light-weight
scheme compared with DNSSEC.
-cache poison: DNSSEC is better to solve this problem compared with "cookies
27;s better for them to have a cooperation and
win-win relationship but not the simple "request/reply" interaction.
Zhiwei Yan
<>___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
