[ re: DNS reverse mapping ]
DNS is not secure, and isn't likely to be any time soon. Using DNS as any
sort of security measure is just plain stupid.
Either the other party possesses the private key material that matches
their public key or they don't. If they don't, SSL will fail. If they do,
then they're exactly who they say they are (or the private key material has
leaked, at which point it's game over anyway). DNS should have nothing
whatsoever to do with it. Any modern RFC that makes references to doing
reverse lookups in a security context should be laughed out of the IETF.
--
Carson
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
