Re: [DNSOP] Question about usage of ip6.arpa and in-addr.arpa
Paul Vixie <vixie@fsi.io> Mon, 12 March 2018 23:47 UTC
Return-Path: <vixie@fsi.io>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D4641250B8 for <dnsop@ietfa.amsl.com>; Mon, 12 Mar 2018 16:47:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8HOaSB9TZbXD for <dnsop@ietfa.amsl.com>; Mon, 12 Mar 2018 16:47:00 -0700 (PDT)
Received: from mail.fsi.io (mail.fsi.io [104.244.13.176]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D80B3124F57 for <dnsop@ietf.org>; Mon, 12 Mar 2018 16:47:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at fsi.io
Sender: vixie@fsi.io
Received: from tums.local (p548C9DB3.dip0.t-ipconnect.de [84.140.157.179]) (Authenticated sender: vixie) by mail.fsi.io (Postfix) with ESMTPSA id 343DA6027D; Mon, 12 Mar 2018 23:46:53 +0000 (UTC)
From: Paul Vixie <vixie@fsi.io>
To: dnsop@ietf.org
Cc: Jim Reid <jim@rfc1035.com>, Paul Hoffman <paul.hoffman@vpnc.org>
Date: Mon, 12 Mar 2018 23:43:52 +0000
Message-ID: <1901968.hGXDQp3ZVe@tums.local>
Organization: Farsight Security, Inc.
In-Reply-To: <7B867A66-4B80-4070-ACA9-7C94A63FBC17@rfc1035.com>
References: <B7531E71-AC04-4D40-86B0-74F2DCA92446@letsencrypt.org> <0EE4F82D-AD7B-4D50-B415-6B5558B7E974@vpnc.org> <7B867A66-4B80-4070-ACA9-7C94A63FBC17@rfc1035.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/RMW_il1_mcO9uOkoy0A0AnVcHQM>
Subject: Re: [DNSOP] Question about usage of ip6.arpa and in-addr.arpa
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2018 23:47:02 -0000
On Monday, March 12, 2018 11:12:36 PM GMT Jim Reid wrote: > > On 12 Mar 2018, at 17:37, Paul Hoffman <paul.hoffman@vpnc.org> wrote: > > > > If the use case here is to be able to issue certificates for TLS servers > > based on the IP address instead of the domain name, creating something > > new in the DNS may be overkill. That is, why even have Section 4.1 of > > draft-ietf-acme-ip at all? What's wrong with only having direct HTTPS > > access? > Is web the only protocol that runs on the Internet now? I realise that might > seem to be the case these days, but even so... :-) we need to use TLS to secure both dns-over-https and some forms of TCP/53 in which the server's address is known but not its name. -- Vixie
- [DNSOP] Question about usage of ip6.arpa and in-a… Roland Bracewell Shoemaker
- Re: [DNSOP] Question about usage of ip6.arpa and … Paul Hoffman
- Re: [DNSOP] Question about usage of ip6.arpa and … Roland Bracewell Shoemaker
- Re: [DNSOP] Question about usage of ip6.arpa and … Jim Reid
- Re: [DNSOP] Question about usage of ip6.arpa and … Paul Hoffman
- Re: [DNSOP] Question about usage of ip6.arpa and … Jim Reid
- Re: [DNSOP] Question about usage of ip6.arpa and … Paul Vixie
- Re: [DNSOP] Question about usage of ip6.arpa and … Paul Hoffman
- Re: [DNSOP] Question about usage of ip6.arpa and … Jim Reid
- Re: [DNSOP] Question about usage of ip6.arpa and … Tony Finch
- Re: [DNSOP] Question about usage of ip6.arpa and … Ted Lemon
- Re: [DNSOP] Question about usage of ip6.arpa and … Joe Abley
- Re: [DNSOP] Question about usage of ip6.arpa and … Ólafur Guðmundsson
- Re: [DNSOP] Question about usage of ip6.arpa and … Joe Abley
- Re: [DNSOP] Question about usage of ip6.arpa and … Joe Abley
- Re: [DNSOP] Question about usage of ip6.arpa and … Ted Lemon
- Re: [DNSOP] Question about usage of ip6.arpa and … Frederico A C Neves
- Re: [DNSOP] Question about usage of ip6.arpa and … Stephane Bortzmeyer