I think that we should allow IP addresses. At the entry level network box, I think that they are widely used.
Tom Petch ----- Original Message ----- From: "Rainer Gerhards" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, May 07, 2008 10:39 PM Subject: [Syslog] -transport-tls-12, IP addresses > Joe, > > [Editor's Note: How useful is it to match against IP address? Do we > expect deployments to issue certificates with IP addresses in them? > Are IP addresses typically used in configuration? ] > > I find this a tough question. In my experience, it is not uncommon to > configure forwarding via IP addresses instead of hostnames. One reason > for this is because of reliability of the logging system when DNS is not > (yet --> system startup) available. On the other hand, I find it even a > bit disturbing to have a certificate issued for an IP address. But it > may make sense. I personally would expect that operators tend to use > hostnames inside the certificate. The problem, of course, would be that > the configuration then needs both the name and IP address... > > I hope this is useful information, even though I am undecided. > > Rainer > _______________________________________________ > Syslog mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
