[dns-operations] How Stack Overflow plans to survive the next DNS attack

[Jared Mauch]

There is likely nothing stopping notify over TCP. People could use that :-)

Jared Mauch

> On Jan 11, 2017, at 3:37 PM, Paul Vixie <vixie at tisf.net> wrote:
> 
> NOTIFY was defined that way because folks wanted it to be able to work over UDP, and we knew that UDP source addresses could be spoofed. thus it's very lightweight and there is no value at all to an attacker who spoofs a NOTIFY.