[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)

To: Henry Spencer <henry@xxxxxxxxxxxxx>
Subject: Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
From: Eric Vyncke <evyncke@xxxxxxxxx>
Date: Thu, 20 Dec 2001 09:26:20 +0100
Cc: "Luis A. Sanchez" <lsanchez@xxxxxxxxxxx>, ipsec-policy@xxxxxxxx
In-reply-to: <>
List-archive: <http://www.vpnc.org/ipsec-policy/mail-archive/>
List-id: <ipsec-policy.vpnc.org>
List-unsubscribe: <mailto:ipsec-policy-request@vpnc.org?body=unsubscribe>
References: <>
Sender: owner-ipsec-policy@xxxxxxxxxxxxx

At 16:35 19/12/2001 -0500, Henry Spencer wrote:

On Wed, 19 Dec 2001, Luis A. Sanchez wrote: > It would be extremely difficult to configure, maintain, secure, and just to > make work in general an LDAP or series of LDAP directories with all the IP > addresses of all the IPsec Security Gateways that could be protecting some set > of hosts at any given time...
Of course, if you want a database that covers all those gateways, there
*already is one*.  It's called DNS.  Why re-invent the wheel, especially
when the re-invented one is often square?

So, we are back to square one: using the KX of DNSsec ;-)

Personally, I do not disagree

-eric

                                                          Henry Spencer
                                                       henry@xxxxxxxxxxxxx

References:
- Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
  - From: Luis A. Sanchez
- Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
  - From: Henry Spencer

Prev by Date: Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
Next by Date: Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
Previous by thread: Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
Next by thread: Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
Index(es):
- Date
- Thread