On 23.6.2018 19:09, Evan Hunt wrote:
> On Fri, Jun 22, 2018 at 10:26:55PM -0400, Warren Kumari wrote:
>> So, if I set both to use their (non-default) of SHA256 (and set the same
>> secret:-)) do they actually generate compatible cookies?
>> I'd guess / assume so, but I haven't tested this...
>
> T
On Fri, Jun 22, 2018 at 10:26:55PM -0400, Warren Kumari wrote:
> So, if I set both to use their (non-default) of SHA256 (and set the same
> secret:-)) do they actually generate compatible cookies?
> I'd guess / assume so, but I haven't tested this...
That's the intention. Mukund recently pointed
On Fri, Jun 22, 2018 at 10:26:55PM -0400, Warren Kumari wrote:
> I have not tried configuring cookie on Knot, but looking
> in alg_containers.c, I can configure:
> { 0, "FNV-64" },
> { 1, "HMAC-SHA256-64" }
>
> Under BIND:
> cookie-algorithm:
> Set the algorithm to be used when generating the serv
On Fri, Jun 22, 2018 at 8:29 PM Evan Hunt wrote:
> On Thu, Jun 21, 2018 at 11:19:55AM -0400, Warren Kumari wrote:
> > There are a number of anycast clusters which run different
> > implementations on the same IP.
>
> Sure, but as long as the algorithm is settable for each server in the
> anycast
On Thu, Jun 21, 2018 at 11:19:55AM -0400, Warren Kumari wrote:
> There are a number of anycast clusters which run different
> implementations on the same IP.
Sure, but as long as the algorithm is settable for each server in the
anycast so that all of them can match, then I don't think it matters
i
On 06/21/2018 05:09 PM, Mark Andrews wrote:
>
>> On 21 Jun 2018, at 5:21 pm, Daniel Salzman wrote:
>>
>> Hello Mark,
>>
>> On 06/20/2018 11:01 PM, Mark Andrews wrote:
>>>
On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
On 20.6.2018 16:10, Paul Wouters wrote:
> On Wed, 20 Jun
Hello Mark,
On 06/20/2018 11:01 PM, Mark Andrews wrote:
>
>> On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
>>
>> On 20.6.2018 16:10, Paul Wouters wrote:
>>> On Wed, 20 Jun 2018, Petr Špaček wrote:
>>>
it seems that current specification of DNS cookies in RFC 7873 is not
detailed enou
> On 22 Jun 2018, at 1:19 am, Warren Kumari wrote:
>
>
>
> On Thu, Jun 21, 2018 at 10:36 AM Mark Andrews wrote:
>
> > On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
> >
> > On 20.6.2018 16:10, Paul Wouters wrote:
> >> On Wed, 20 Jun 2018, Petr Špaček wrote:
> >>
> >>> it seems that curre
> On 22 Jun 2018, at 1:48 am, Mukund Sivaraman wrote:
>
> On Fri, Jun 22, 2018 at 01:09:14AM +1000, Mark Andrews wrote:
>>> So how should the DNS cookies be implemented? IMHO if one server uses
>>> https://tools.ietf.org/html/rfc7873#appendix-B.1
>>> and another server uses https://tools.ietf.
On Fri, Jun 22, 2018 at 01:09:14AM +1000, Mark Andrews wrote:
> > So how should the DNS cookies be implemented? IMHO if one server uses
> > https://tools.ietf.org/html/rfc7873#appendix-B.1
> > and another server uses https://tools.ietf.org/html/rfc7873#appendix-B.2,
> > then it's not interoperabl
On Thu, Jun 21, 2018 at 10:36 AM Mark Andrews wrote:
>
> > On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
> >
> > On 20.6.2018 16:10, Paul Wouters wrote:
> >> On Wed, 20 Jun 2018, Petr Špaček wrote:
> >>
> >>> it seems that current specification of DNS cookies in RFC 7873 is not
> >>> detailed
> On 21 Jun 2018, at 5:21 pm, Daniel Salzman wrote:
>
> Hello Mark,
>
> On 06/20/2018 11:01 PM, Mark Andrews wrote:
>>
>>> On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
>>>
>>> On 20.6.2018 16:10, Paul Wouters wrote:
On Wed, 20 Jun 2018, Petr Špaček wrote:
> it seems that cu
> On 21 Jun 2018, at 5:24 pm, Petr Špaček wrote:
>
> On 20.6.2018 23:01, Mark Andrews wrote:
>>> On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
>>>
>>> On 20.6.2018 16:10, Paul Wouters wrote:
On Wed, 20 Jun 2018, Petr Špaček wrote:
> it seems that current specification of DNS c
> On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
>
> On 20.6.2018 16:10, Paul Wouters wrote:
>> On Wed, 20 Jun 2018, Petr Špaček wrote:
>>
>>> it seems that current specification of DNS cookies in RFC 7873 is not
>>> detailed enough to allow deployment of DNS cookies in multi-vendor
>>> anycas
On 21.6.2018 14:38, Donald Eastlake wrote:
> Hi,
>
> As the first author of the DNS Cookies RFC, I would be happy to generate
> a draft to standardize this to improve inter vendor interoperability for
> anycast servers.
Good! Where do we start?
Right now I'm aware of couple requirements:
1. it h
Hi,
As the first author of the DNS Cookies RFC, I would be happy to generate a
draft to standardize this to improve inter vendor interoperability for
anycast servers.
Thanks,
Donald
On Thu, Jun 21, 2018 at 03:54 Ondřej Surý wrote:
> > On 21 Jun 2018, at 09:24, Petr Špaček wrote:
> > So let me
> On 21 Jun 2018, at 09:24, Petr Špaček wrote:
> So let me ask again:
> Are other vendors willing to work on sufficiently detailed
> specification? If not just say it!
+1 from ISC. I believe that we need to improve interoperability between the
implementation or people will not be willing to deplo
On 20.6.2018 23:01, Mark Andrews wrote:
>> On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
>>
>> On 20.6.2018 16:10, Paul Wouters wrote:
>>> On Wed, 20 Jun 2018, Petr Špaček wrote:
>>>
it seems that current specification of DNS cookies in RFC 7873 is not
detailed enough to allow deployme
> On 21 Jun 2018, at 12:25 am, Petr Špaček wrote:
>
> On 20.6.2018 16:10, Paul Wouters wrote:
>> On Wed, 20 Jun 2018, Petr Špaček wrote:
>>
>>> it seems that current specification of DNS cookies in RFC 7873 is not
>>> detailed enough to allow deployment of DNS cookies in multi-vendor
>>> anycas
On 20.6.2018 16:10, Paul Wouters wrote:
> On Wed, 20 Jun 2018, Petr Špaček wrote:
>
>> it seems that current specification of DNS cookies in RFC 7873 is not
>> detailed enough to allow deployment of DNS cookies in multi-vendor
>> anycast setup, i.e. a setup where one IP address is backed by multip
On Wed, 20 Jun 2018, Petr Špaček wrote:
it seems that current specification of DNS cookies in RFC 7873 is not
detailed enough to allow deployment of DNS cookies in multi-vendor anycast
setup, i.e. a setup where one IP address is backed by multiple DNS servers.
The problem is lack of standardi
Hello dnsop,
it seems that current specification of DNS cookies in RFC 7873 is not
detailed enough to allow deployment of DNS cookies in multi-vendor
anycast setup, i.e. a setup where one IP address is backed by multiple
DNS servers.
The problem is lack of standardized algorithm to generate
22 matches
Mail list logo
