[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [IPSECKEY] new draft revision (00b)
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "bmanning" == bmanning <bmanning@karoshi.com> writes:
bmanning> the distinction for using the "immediate" address as found in
bmanning> the reverse map and using the DNS name as found in the forward
bmanning> map presumes that the folks maintaining these maps will
bmanning> populate them properly.
In general, the people who want to use IPSECKEY have an incentive to
populate it correctly. The catch is the usual one for cable/dsl customers
who, increasingly have no right to do anything.
bmanning> how often, when you are mobil, does your forward lable match
bmanning> the reverse? Operationally, this might delay IPSECKEY
bmanning> deployment.
This is a bit of red herring.
The gateway field is the place to which to one should form a tunnel to.
I.e. it is used by the initiator.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPoiTp4qHRg3pndX9AQF7pgQAjEET35uqrueSiGy5x11zpIUBQbNVHBt6
h0wB2IDLZ1y5udMiHPA1cQ++W6lap7fIAbcedkgiAAidQs21xr+qxEuuE/V84E3R
7PnPauq9LDVD2RlCi+6RbI5VoeTWUjyjtvOP4yvogwxb8m5XfoCtGjaiTtFweSVg
tBL9FTukGTo=
=2VFm
-----END PGP SIGNATURE-----
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.