Aaron Bannert wrote:
> One of the biggest dangers in this kind of a thing (and it is rather similiar
> to depending on a remote DTD in XML) is that you are now implicitly trusting
> DNS for authenticity. A poisoned DNS entry could be catastrophic.
We face that problem today with the virtualhost directives, etc (any
directive that can take a DNS name as an argument).
> To me it sounds like the main thing we are trying to accomplish here is
> to allow for centralized configuration, which is useful in things like
> server farms or for rapid deployment of cloned or slightly mutated
> configurations. What other things are we trying to solve with this?
This is exactly what it is for.
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
S/MIME Cryptographic Signature
