[DNSOP] I-D Action: draft-ietf-dnsop-server-cookies-05.txt

internet-drafts@ietf.org Wed, 13 January 2021 14:33 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 282E13A109B; Wed, 13 Jan 2021 06:33:22 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: dnsop@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.24.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dnsop@ietf.org
Message-ID: <161054840211.9855.15826016027793522887@ietfa.amsl.com>
Date: Wed, 13 Jan 2021 06:33:22 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/J55kwL7iH5XPong3jJ4fYfQKp6E>
Subject: [DNSOP] I-D Action: draft-ietf-dnsop-server-cookies-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2021 14:33:22 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.

        Title           : Interoperable Domain Name System (DNS) Server Cookies
        Authors         : Ondrej Sury
                          Willem Toorop
                          Donald E. Eastlake 3rd
                          Mark Andrews
	Filename        : draft-ietf-dnsop-server-cookies-05.txt
	Pages           : 18
	Date            : 2021-01-13

   DNS Cookies, as specified in [RFC7873], are a lightweight DNS
   transaction security mechanism that provide limited protection to DNS
   servers and clients against a variety of amplification denial of
   service, forgery, or cache poisoning attacks by off-path attackers.

   This document updates [RFC7873] with precise directions for creating
   Server Cookies so that an anycast server set including diverse
   implementations will interoperate with standard clients, suggestions
   for constructing Client Cookies in a privacy preserving fashion, and
   suggestions on how to update a Server Secret.  An IANA registry
   listing the methods and associated pseudo random function suitable
   for creating DNS Server Cookies is created, with the method described
   in this document as the first and as of yet only entry.

The IETF datatracker status page for this draft is:

There is also an HTML version available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: