@misc{rfc7873,
    series =    {Request for Comments},
    number =    7873,
    howpublished =  {RFC 7873},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC7873},
    url =       {https://www.rfc-editor.org/info/rfc7873},
    author =    {Donald E. Eastlake 3rd and Mark P. Andrews},
    title =     {{Domain Name System (DNS) Cookies}},
    pagetotal = 25,
    year =      2016,
    month =     may,
    abstract =  {DNS Cookies are a lightweight DNS transaction security mechanism that provides limited protection to DNS servers and clients against a variety of increasingly common denial-of-service and amplification/ forgery or cache poisoning attacks by off-path attackers. DNS Cookies are tolerant of NAT, NAT-PT (Network Address Translation - Protocol Translation), and anycast and can be incrementally deployed. (Since DNS Cookies are only returned to the IP address from which they were originally received, they cannot be used to generally track Internet users.)},
}