ietf
[Top] [All Lists]

Re: IAB statement on the RPKI.

2010-02-19 19:05:09
    > From: Masataka Ohta 
<mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp>

    >> What DNSsec will provide is ... data origin authentication and data
    >> integrity protection.

    > That is already offered with plain old DNS with UDP checksum, cookie
    > and return routability, though UDP checksum is optional and cookie of
    > message ID is a little bit too short.

??? There is clearly something here I don't understand.

How does the UDP checksum plus a cookie (nonce) protect against a MITM attack,
on the path from the server back to the querying entity?

        Noel
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>