On Thu, 31 May 2007, Olafur Gudmundsson wrote:
>
> I think this text is helpful, to understand where the 'requirement´
> for reverse DNS entries came from. This mechanism was used by ftp
> servers to keep logs and enforce export control on cryptographic
> software :-)
I don't know of anyone ever using reverse DNS to enforce export control
of crypto software. The only sites that did even note export control
restrictions (eg. MIT for Kerberos), required first reading a notice
containing the export restriction notice in order to obtain a 'secret'
hidden FTP directory.
I note also that using Reverse DNS to implement such controls would be
easily and trivially spoofed, so if it ever _was_ used that way, its an
example of what not to do.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
