Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)

[Michael Richardson <mcr@xxxxxxxxxxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Lee" == Lee Rafalow <rafalow@xxxxxxxxxxxxxx> writes:
    Lee> Off the top of my head, I'd say that the schema and dit structure
    Lee> would be optimized for a fully-qualified hostname search and that
    Lee> gateway topology would be represented by DN references.  The

  And, who would ask this question?

  Further, how does a forward search (FQDN->IP) tell you anything about about
the world? People can put any A record they want into DNS or into LDAP.

    Lee> available policies would also be DN references and can be protected
    Lee> by access controls.  IMHO, this would be significantly better than
    Lee> TED in that it is not topology limited and has access controls, but
    Lee> I've given almost no thought to scaling and maintenance issues
    Lee> (although they seem tractable on first blush).

  Oh, so you mean that LDAP directory replication is finally stable?

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@xxxxxxxxxxxxxxxxxxxxxx http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys

iQCVAwUBPCEHboqHRg3pndX9AQGifgP+Levfpaz0JQ2oTvj9JvYBXJf451o4lVoK
QbaXQH/aMj4SaMXjrcDb57IyMiuRokzqfH6tBlYmYtuX2Vb7bfUhJM3NBkOAbZdS
qdZYzgnq9DPlfyPI+1bDZWXNqEmVWkLlE5MEj4z1VyYcNaTUg1Nxe6WxACvTXB4/
P5ZO59kCQfM=
=UBrs
-----END PGP SIGNATURE-----