Ray Bellis <[email protected]> wrote: >> Options we have considered are TSIG, IPsec, TLS, DTLS. TSIG does not >> provide confidentiality, and we would rather go for user space security. >> Are there any recommendation for using TLS or DTLS in that case ?
> Please don't invent something new. DNS over TLS should be fine for
> channel security, with TSIG embedded inside that if additional
> authorisation is required.
Can we get away without TSIG?
Can we use TLS for authorization, assuming that we have trusted certificates
at both ends? Perhaps this is more of a: did anyone implement this?
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
