Re: draft-ietf-dnsext-forgery-resilience-01.txt

[Florian Weimer <fw@deneb.enyo.de>]

* Stephane Bortzmeyer:

> "Hard to predict" Query-IDs could, for instance, be achieved by
> introducing a random [RFC 4086] or pseudo-random component into the

Nit: RFC 4086 covers pseudo-randomness as well.  Not very extensively,
but it's there.

> Purely random Query-IDs may lead to problems for the resolver which
> emits them, because there will be a high risk of duplicate
> IDs. Sorting out duplicated IDs in responses is easy if the response
> contains the <qname> and <qtype> but more complicated for errors like
> SERVFAIL.

Ah!  Finally a reason for non-repeating IDs.  Thanks.

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>