On 08-12-16 00:04, Stephane Bortzmeyer wrote: > On Tue, Nov 29, 2016 at 09:10:02AM +0100, > Matthijs Mekking <matth...@pletterpet.nl> wrote > a message of 196 lines which said: > >>> This is operational choice, if we call that out do we also call >>> out that answer may depend on address, TSIG etc ? >> >> No, just TCP :) > > Why not also when cookies are used? Like TCP, they protect against > reflection attacks.
As Joe pointed out earlier, the document already does not prohibit you from doing so. But some of us would like to have that explicitly called out: that you can still implement this feature *and* do something else under some conditions. The example given is allowing original behavior when the transport protocol is TCP, but obviously it is not limited to just that one example. Best regards, Matthijs _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop