> From: Mark Andrews <ma...@isc.org> > Or one can use TSIG with a well known key to get a cryptograph hash of the > response. Below is how > how the servers for the Alexa to 1 Million handle unexpected TSIG. It’s well > under a day to add > this to a recursive server that supports TSIG already. It’s a couple of > minutes of configuration > time to add it to a authoritative server that supports TSIG already.
Do you mean adding new method like DNS Cookies ? I have a question. If a resolver want to take measures, does the resolver configure TSIG to communicate all authoritative servers ? -- Kazunori Fujiwara, JPRS <fujiw...@jprs.co.jp> _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
