[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IPSECKEY] new draft revision (00b)



-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "bmanning" == bmanning  <bmanning@karoshi.com> writes:
    bmanning> the distinction for using the "immediate" address as found in
    bmanning> the reverse map and using the DNS name as found in the forward
    bmanning> map presumes that the folks maintaining these maps will
    bmanning> populate them properly.

  In general, the people who want to use IPSECKEY have an incentive to
populate it correctly. The catch is the usual one for cable/dsl customers
who, increasingly have no right to do anything. 

    bmanning> how often, when you are mobil, does your forward lable match
    bmanning> the reverse?  Operationally, this might delay IPSECKEY
    bmanning> deployment.

  This is a bit of red herring. 

  The gateway field is the place to which to one should form a tunnel to.
I.e. it is used by the initiator. 

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPoiTp4qHRg3pndX9AQF7pgQAjEET35uqrueSiGy5x11zpIUBQbNVHBt6
h0wB2IDLZ1y5udMiHPA1cQ++W6lap7fIAbcedkgiAAidQs21xr+qxEuuE/V84E3R
7PnPauq9LDVD2RlCi+6RbI5VoeTWUjyjtvOP4yvogwxb8m5XfoCtGjaiTtFweSVg
tBL9FTukGTo=
=2VFm
-----END PGP SIGNATURE-----
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.