[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [IPSECKEY] new draft -08
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Rob" == Rob Austein <sra+ipseckey@hactrn.net> writes:
>> Chairs. Reverse is clearly in scope here. Can you discuss with Bert?
Rob> See "if there is a requirement for reverse records, this issue needs
Rob> to be explicitly discussed."
Rob> The issue is not whether or not IPSECKEY belongs in the reverse tree
Rob> (everyone on this list knows that it does, and Bert now knows too,
Rob> because I told him). The issue is that the draft doesn't explain
Rob> this, it just assumes that the reader is already an expert on
Rob> opportunistic IPSEC and that this is therefore obvious.
okay.
so what question does some text have to answer?
Is it:
"where is the IPSECKEY RR found?"
or: "is the reverse map the place to find IPSECKEY RR?"
To me, the location of the record has a lot to do with the semantics of
the record. You need to know what question was being asked of DNS to know
if the record will be found there.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBP99qpoqHRg3pndX9AQEoYAP+NwS9QQDbjrp7K8B79ExOYyLNNCCL0Gvq
iwkj5aBZGMbPgm7MuQEqhchto6zROTWaUPkL6Gewunbjr5TezQGXhNgxIX5TuDuv
AWyEoeQ2TS7nI5Luk3TEfPSqtDnfhrRgZoQKKSzP6INyZxSTuxdw6HeKubjnpzQd
PrcPN7TMAwA=
=CNd0
-----END PGP SIGNATURE-----
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.