> On Jul 11, 2026, at 02:18, Aitor Santos <[email protected]> wrote:
> Transport-layer authentication within the TLS handshake is simpler and more 
> robust — no tunnel management, no IP churn problem.
> The draft isn't trying to replace VPN — it's about the cases where VPN is 
> operationally out of scope.

Exactly.  This isn’t what VPNs are for, this is what authentication is for.

This is why we don’t make everyone who uses email run their IMAP through a VPN, 
and everyone who uses the web run their HTTPS through a VPN.

                                -Bill

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to