[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TED poll (Re: Draft Minutes from IPSP WG Mtg at 52st IETF)
At 16:35 19/12/2001 -0500, Henry Spencer wrote:
On Wed, 19 Dec 2001, Luis A. Sanchez wrote:
> It would be extremely difficult to configure, maintain, secure,
and just to
> make work in general an LDAP or series of LDAP directories with all the IP
> addresses of all the IPsec Security Gateways that could be protecting
> of hosts at any given time...
Of course, if you want a database that covers all those gateways, there
*already is one*. It's called DNS. Why re-invent the wheel, especially
when the re-invented one is often square?
So, we are back to square one: using the KX of DNSsec ;-)
Personally, I do not disagree