Michael Sierchio <[EMAIL PROTECTED]> writes:
> Eric Rescorla wrote:
>
> > There are a number of situations where one wishes to authenticate
> > clients based on their DNS names:
> >
> > (1) SMTP/TLS.
> > (2) Secure remote backup.
> >
> > In such cases the clients often (though not always) have fixed IPs.
>
> Well, I'll be happy when IPv6 is ubiquitous (coming any day now since 1996!).
> Then we can dispense with kludges like DHCP and give globally unique identifiers
> as addresses.
>
> And what about multi-homed hosts? Or many IP addresses per host (using IP aliasing)?
I don't see that any of these are really an issue here. The client's IP
address isn't being examined at all. The DNS name is simply being used as a
unique identifier.
-Ekr
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
