>>>>> "Yoav" == Yoav Nir <[email protected]> writes:
Yoav> I don't see how DNS figures into this. We have three
Yoav> gateways: - hub-gw, which knows the protected domains of
Yoav> everyone - spoke32, which protects 192.168.32.0/24, knows
Yoav> about hub-gw, and sends all 192.168.0.0/16 to hub-gw. -
Yoav> spoke79, which protects 192.168.79.0/24, knows about hub-gw,
Yoav> and sends all 192.168.0.0/16 to hub-gw
>> Yes. And, how is this policy communicated?
Yoav> Over IKE?
Yoav> Using a new protocol that we'll invent?
Yoav> SOAP?
Yoav> As an attribute in a certificate, kind of like SIDR?
So, okay, so you want to do new work to replace work that's already been
well defined, that uses DNS as the transport.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] [email protected] http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
