RFC proposes DNS cookies as a modality for improving security

A recent Request for Comments (RFC) circulated within the Internet Engineering Task Force proposes the use of cookies as a modality for improving the security of the Domain Name System (DNS). The RFC describes the proposed DNS cookies as ‘a lightweight DNS transaction security mechanism that provides limited protection to DNS servers and clients against a variety of increasingly common denial-of-service’ and other attacks. It is also explained that such cookies cannot be used to track Internet users, as they are ‘only returned to the IP address from which they were originally received’.