Commit 96a35905 authored by Evan Hunt's avatar Evan Hunt
Browse files

[master] edit

parent b5f6271f
3744. [experimental] SIT: send and process Source Identity Tokens
(which are similar to DNS Cookies by Donald Eastlake)
and are designed to help clients detect off path
spoofed responses and for servers to detect legitimate
clients.
SIT use a experimental EDNS option code (65001).
SIT can be enabled via --enable-developer or
--enable-sit. It is on by default in Windows.
RRL processing as been updated to know about SIT with
legitimate clients not being rate limited. [RT #35389]
(similar to DNS Cookies by Donald Eastlake),
which are designed to help clients detect off-path
spoofed responses and for servers to identify
legitimate clients.
SIT uses an experimental EDNS option code (65001).
SIT can be enabled via "configure --enable-sit" (or
--enable-developer). It is enabled by default in
Windows.
Servers can be configured to send smaller responses
to clients that have not identified themselves via
SIT. RRL processing has also been updated;
legitimate clients are not subject to rate
limiting. [RT #35389]
3743. [bug] delegation-only flag wasn't working in forward zone
declarations despite being documented. This is
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment