Skip to main content

Algorithms for Domain Name System (DNS) Cookies construction
draft-sury-toorop-dns-cookies-algorithms-00

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Ondřej Surý , Willem Toorop
Last updated 2019-03-11
Replaced by draft-sury-toorop-dnsop-server-cookies
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-sury-toorop-dnsop-server-cookies
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

[RFC7873] left the construction of Server Cookies to the discretion of the DNS Server (implementer) which has resulted in a gallimaufry of different implementations. As a result, DNS Cookies are impractical to deploy on multi-vendor anycast networks, because the Server Cookie constructed by one implementation cannot be validated by another. This document provides precise directions for creating Server Cookies to address this issue. Furthermore, [FNV] is obsoleted as a suitable Hash function for calculating DNS Cookies. [SipHash-2.4] is introduced as a new REQUIRED Hash function for calculating DNS Cookies. This document updates [RFC7873]

Authors

Ondřej Surý
Willem Toorop

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)