>>>>> "Paul" == Paul Wouters <[email protected]> writes: Paul> So what happens in my case? Either google is blocked, or google is Paul> downgraded to plaintext. Or the application could distinguish between Paul> my suggested boguspublic-key versus the real google
Google is plaintext, you never had the right to speak for it.
Paul> Yes, and what I'm saying is that current methods for tying DANE to
IPSEC
Paul> fail, because there is no binding to the legitimacy of the proclaimed
Paul> gateway.
I assume by "current methods", you mean RFC4322?
Or is there another proposal that I've missed?
--
Michael Richardson <[email protected]>, Sandelman Software Works
pgp02LC96anVU.pgp
Description: PGP signature
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
