[DNSOP] I-D Action: draft-ietf-dnsop-server-cookies-04.txt
internet-drafts@ietf.org Thu, 19 November 2020 11:56 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 688313A0C17; Thu, 19 Nov 2020 03:56:15 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: dnsop@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.23.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dnsop@ietf.org
Message-ID: <160578697538.19676.14799529848860309797@ietfa.amsl.com>
Date: Thu, 19 Nov 2020 03:56:15 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/x_latRiO3UKzTpa4CyL3ig7oaqE>
Subject: [DNSOP] I-D Action: draft-ietf-dnsop-server-cookies-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2020 11:56:15 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.
Title : Interoperable Domain Name System (DNS) Server Cookies
Authors : Ondrej Sury
Willem Toorop
Donald E. Eastlake 3rd
Mark Andrews
Filename : draft-ietf-dnsop-server-cookies-04.txt
Pages : 16
Date : 2020-11-19
Abstract:
DNS Cookies, as specified in [RFC7873], are a lightweight DNS
transaction security mechanism that provide limited protection to DNS
servers and clients against a variety of denial-of-service and
amplification, forgery, or cache poisoning attacks by off-path
attackers.
This document provides precise directions for creating Server Cookies
so that an anycast server set including diverse implementations will
interoperate with standard clients.
This document updates [RFC7873] with
* suggestions for constructing Client Cookies in a privacy
preserving fashion,
* precise instructions for constructing Server Cookies deprecating
the methods described in [RFC7873], and
* suggestions on how to update a server secret.
An IANA registry listing the methods and associated pseudo random
function suitable for creating DNS Server cookies is created, with
the method described in this document as the first and as of yet only
entry.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-server-cookies/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-dnsop-server-cookies-04.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-server-cookies-04
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [DNSOP] I-D Action: draft-ietf-dnsop-server-cooki… internet-drafts