[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[IPSECKEY] Re: ipseckey out of iesg (part deux)

To: ipseckey@sandelman.ca
Subject: [IPSECKEY] Re: ipseckey out of iesg (part deux)
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Wed, 10 Dec 2003 17:53:34 -0500
In-reply-to: Your message of "Mon, 08 Dec 2003 16:19:52 PST." <Pine.NEB.3.96L.1031208161424.14096D-100000@fledge.watson.org>
Sender: owner-ipseckey@sandelman.ottawa.on.ca

-----BEGIN PGP SIGNED MESSAGE-----


    IESG> Thomas Narten:

    IESG> Discuss:
    IESG> Meta issue (this is why I'm putting in a discuss):
    IESG> 
    IESG> Intro (actually no part of the document) actually explains what this
    IESG> RR is useful for. Consider a reader not familar with this effort who
    IESG> would like to understand why this RR is needed, who uses it, and in
    IESG> what situations its useful.  For instance, it would be useful to
    IESG> include an example of how the RR is expected to be used. I.e., it's
    IESG> not until halfway down the document that one figures out the RR could

I use the word "entity" rather than end system. Perhaps this is wrong.

The document now reads:

Abstract

   This document describes a new resource record for DNS.  This record
   may be used to store public keys for use in IPsec systems.  The
   record also includes provisions for indicating what IP address (v4 or
   v6) should be contacted when establishing an IPsec tunnel with the
   entity in question.

   This record replaces the functionality of the sub-type #1 of the KEY
   Resource Record, which has been obsoleted by RFC3445.

...

1. Introduction

   It postulated that there is an end system desiring to establish an
   IPsec tunnel with some remote entity on the network.  This system,
   having only a DNS name of some kind (forward, reverse or even
   user@FQDN) needs a public key to authenticate the remote entity.  It
   also desires some guidance about whether to contact the entity
   directly, or whether to contact another entity, as a gateway to that
   entity.

   The IPSECKEY RR provides a storage mechanism for such items as the
   public key, and the gateway information.

   The type number for the IPSECKEY RR is TBD.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBP9ej5oqHRg3pndX9AQEJkAQA4jDwV4CW5VVmXb8Wv64/QFSAGazpOAgd
meuIwSS7IbgWhVkN6IGjNAM4GLAmnmJOsvVqK32Hi82ujUfg29dsrCXAplOjtkU5
kfaBy8UF9onf87aWksRNOGRpB+FOc+ByY98ehaaM+KhsWjRKVbATQIbWhDKfmHG+
F6jY+jghB1o=
=mFGk
-----END PGP SIGNATURE-----
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.

Prev by Date: [IPSECKEY] Re: ipseckey out of iesg
Next by Date: [IPSECKEY] new draft -08
Previous by thread: Re: [IPSECKEY] Re: ipseckey out of iesg
Next by thread: [IPSECKEY] new draft -08
Index(es):
- Date
- Thread