At 01:53 PM 8/29/2013, Taral wrote:
Oh, wait. I misread the requirement. This is a pretty normal
requirement -- your reverse DNS has to be valid. So if you are
3ffe::2, and that reverses to, then
better resolve to 3ffe::2.

For IPv4, that's a relatively normal way to do things,
though if is commercial, might actually be a load-balanced bunch of servers in xx.yy.zz.0/24
instead of just one machine, or they might be hidden behind NAT.

But with IPv6 privacy extensions, a single machine might be using
pseudorandomly-generated addresses in a /64 subnet,
so you'd have to do some kind of wildcarding to represent it as a single name.
Also, "residential" vs. "commercial" is a much fuzzier boundary for IPv6;
an IPv6 machine might be a VM tunnelling to Hurricane Electric over IPv4,
or tunnelled from a residence to a DSL ISP that can only do telco DSL at IPv4.

The cryptography mailing list

Reply via email to