Re: draft-ietf-dnsext-forgery-resilience-01.txt

[Tony Finch <dot@dotat.at>]

On Mon, 12 Nov 2007, Florian Weimer wrote:
> * Stephane Bortzmeyer:
> >
> > What is not a good idea? "Implementations SHOULD use good random
> > source to select a Query ID" or "The draft should add a reference to
> > RFC 4086"?
>
> The former.  It has been argued that non-repeating query IDs are more
> important than good randomness.  I tried very hard to understand this,
> but I still don't get it.

You can't just naively pick a query ID at random from the whole 16 bit
space because you'll have ID clashes. You need a scheme that does not
re-use recent IDs too quickly, but this does not mean that you don't
need good randomness.

Tony.
-- 
f.a.n.finch  <dot@dotat.at>  http://dotat.at/
SOLE: VARIABLE BECOMING NORTHWESTERLY 3 OR 4, OCCASIONALLY 5. SLIGHT OR
MODERATE. MAINLY FAIR. GOOD.

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>