[168271] in North American Network Operators' Group
Re: "trivial" changes to DNS (was: OpenNTPProject.org)
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jan 16 15:51:04 2014
To: Jimmy Hess <mysidia@gmail.com>
In-Reply-To: Your message of "Thu, 16 Jan 2014 13:35:00 -0600."
<CAAAwwbVAXN+mgu6YAmMQp_O5ejBBWW6r8_fqJQxt1YzcDkeR_A@mail.gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 16 Jan 2014 15:49:43 -0500
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1389905383_2519P
Content-Type: text/plain; charset=us-ascii
On Thu, 16 Jan 2014 13:35:00 -0600, Jimmy Hess said:
> Then the client's UDP stack must construct and send a Hashcash proof
> of work, of sufficient difficulty based on the estimated query plus
> response size,
> up to the first full round trip;
> containing a message digest of the first UDP packet the client will
> send, before sending the packet, or it will be silently discarded.
> An out-of-band reply will come back to the claimed source, that the
> client souce IP:Port has to acknowledge within 5 packets.
> Once the out-of-band reply is acknowledged, the source is confirmed not
> to be spoofed.
How is this any better than a TCP 3-packet handshake with syncookies?
--==_Exmh_1389905383_2519P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBUthF5wdmEQWDXROgAQKguQ/+McrGG70qhTFAdNkJNZjAZa+89Z2dEbrc
WaDMwvYpAFIywvWXcGQGyKAIbd4hOSXqfgQ7Oan7gUzNNQuhoWOcGFLhhQts2Fw+
SlAqtn+SREj04z9+jPS67iTPjHqR1Rn3WEMb1r93b7SbJ7G6rdQNlizaam5ohQk0
L+zOlosOy9FnmDT8PqtkL3x8wyonAIK0v/1dGC4eRf01v+vK/r+DSSZENIIOW5YW
Ci+SYLBDyaQFrPJWIacLffjd9h+jqf/84rUXx2eux/c+bQUmWUOsRHJiUDazyMHx
4SAUrDBVji5F7xZs+tvYc4o0HoZXLLilpiw85hPNONgWbgLr5IKXtIDh8H78IZRd
/8EddxNSSuxqW4yNhXT1qRqVTc2IdqH53+LXqx+0MO9qwHliRMMgW9D/SOi8/Znw
aVjBhlMc6e7nJErkuWtWdUxv0TKz6QajnF0Pf6xaHNLo+1pBAClizBCADb4cFZsK
bxRqcGpFgnPHbfSj1VrDbZlYh2G8qZhcosrFS7szCeHkB8FNyGPTTkyPtDo+XiPI
lWX9Muts5K3qlgMJ5fo+1oTjvwIX0lS9HNxFhHVSOkzTYzoxl3Ddg/g7fxX+Difm
Z6eGlyk7eTF6IbNy1TbRXijFNDVG6MP1aH393tjw47CMIabtY5dzYAvlaWqqKakB
B2mfVwn223A=
=/jXC
-----END PGP SIGNATURE-----
--==_Exmh_1389905383_2519P--
