nanog mailing list archives
Re: "trivial" changes to DNS (was: OpenNTPProject.org)
From: Valdis.Kletnieks () vt edu
Date: Thu, 16 Jan 2014 15:49:43 -0500
On Thu, 16 Jan 2014 13:35:00 -0600, Jimmy Hess said:
Then the client's UDP stack must construct and send a Hashcash proof of work, of sufficient difficulty based on the estimated query plus response size, up to the first full round trip; containing a message digest of the first UDP packet the client will send, before sending the packet, or it will be silently discarded.
An out-of-band reply will come back to the claimed source, that the client souce IP:Port has to acknowledge within 5 packets. Once the out-of-band reply is acknowledged, the source is confirmed not to be spoofed.
How is this any better than a TCP 3-packet handshake with syncookies?
Attachment:
_bin
Description:
Current thread:
- Re: "trivial" changes to DNS (was: OpenNTPProject.org), (continued)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Christopher Morrow (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Cb B (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Cb B (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Bjoern A. Zeeb (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Saku Ytti (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Cb B (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Jimmy Hess (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Valdis . Kletnieks (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Mark Andrews (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Jimmy Hess (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Mark Andrews (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Cb B (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Mark Andrews (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Jared Mauch (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Tony Finch (Jan 17)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Jared Mauch (Jan 22)
- Re: "trivial" changes to DNS (was: OpenNTPProject.org) Rubens Kuhl (Jan 16)