Hello Yann,
[...] Looks good to me. It would have to be documented though, especially the difference with "Require host" and maybe their complementarity (wrt security).
Sure, it needs a documentation, obviously. I will not commit anything without a doc.
How about "Require dns" (and mod_authz_dns) for the name?
Hmm. Note that "Require host" also uses the DNS, doubly so. I'm not sure that naming one "dns" might not suggest that the other ones would not use it?
I think that "Require host" should really be name "Require domain" because it is what it does, then "Require host" would be available... but this is too late:-)
Maybe "Require ip" could be extended instead of using a new name: "Require ip myserver.apache.org" Would query the DNS to get the IP when checking for the authorization. Not sure that it is a good idea, though. -- Fabien.
