[Hipsec-rg] reverse DNS lookups of HITs
oleg.ponomarev at hiit.fi (Oleg Ponomarev) Tue, 13 January 2009 11:11 UTC
From: "oleg.ponomarev at hiit.fi"
Date: Tue, 13 Jan 2009 13:11:50 +0200
Subject: [Hipsec-rg] reverse DNS lookups of HITs
In-Reply-To: <B09D992B-C373-4325-AE4C-E0C3C2E96877@indranet.co.nz>
References: <E1LMUy5-00069S-00@alva.home> <alpine.LFD.2.00.0901130935560.17180@stargazer.pc.infrahip.net> <BC5BEFD4-1EFC-43DB-BD37-55E12F00408E@indranet.co.nz> <alpine.LFD.2.00.0901131152290.17180@stargazer.pc.infrahip.net> <B09D992B-C373-4325-AE4C-E0C3C2E96877@indranet.co.nz>
Message-ID: <alpine.LFD.2.00.0901131241030.17180@stargazer.pc.infrahip.net>
On Tue, 13 Jan 2009, Andrew McGregor wrote: > your HIP implementation knows about FQDNs sent by the other end Oh, I thought you do not like reverse DNS for HITs in general. Yes, I mentioned it as another solution (https://listserv.cybertrust.com/ pipermail/hipsec-rg/2009-January/000567.html) But how much effort will it take to modify all resolver libraries? It would be much more difficult to debug. Deployment? >> I would like to grant access to the clients from example-company.com >> regardless of their current locators. If there is no forward confirmed >> reverse DNS, what should I do now? > > Certificates for this one. Ok, how should I configure my nntp-server (whatever legacy service) to demand certificates from the clients? How much tech support resources I will spend to change settings of their nntp-readers (whatever legacy clients). Will they keep using my service? I do not need high-grade security in this case and do not want to waste resources. -- Regards, Oleg.
- [Hipsec-rg] meeting minutes posted Henderson, Thomas R
- [Hipsec-rg] reverse DNS lookups of HITs Henderson, Thomas R
- [Hipsec-rg] reverse DNS lookups of HITs Oleg Ponomarev
- [Hipsec-rg] reverse DNS lookups of HITs Miika Komu
- [Hipsec-rg] reverse DNS lookups of HITs Oleg Ponomarev
- [Hipsec-rg] reverse DNS lookups of HITs Andrew McGregor
- [Hipsec-rg] reverse DNS lookups of HITs Oleg Ponomarev
- [Hipsec-rg] reverse DNS lookups of HITs Andrew McGregor
- [Hipsec-rg] reverse DNS lookups of HITs Oleg Ponomarev
- [Hipsec-rg] reverse DNS lookups of HITs Xu Xiaohu
- [Hipsec-rg] reverse DNS lookups of HITs Henderson, Thomas R
- [Hipsec-rg] reverse DNS lookups of HITs Tim Shepard
- [Hipsec-rg] reverse DNS lookups of HITs Oleg Ponomarev
- [Hipsec-rg] reverse DNS lookups of HITs Henderson, Thomas R
- [Hipsec-rg] reverse DNS lookups of HITs Oleg Ponomarev
- [Hipsec-rg] reverse DNS lookups of HITs (was RE: … Henderson, Thomas R
- [Hipsec-rg] meeting minutes posted Oleg Ponomarev
- [Hipsec-rg] meeting minutes posted Henderson, Thomas R
- [Hipsec-rg] meeting minutes posted Oleg Ponomarev
- [Hipsec-rg] meeting minutes posted Henderson, Thomas R
- [Hipsec-rg] reverse DNS lookups of HITs Miika Komu
- [Hipsec-rg] meeting minutes posted Oleg Ponomarev