On 09/08/2017 17:44, Ted Lemon wrote:
> Of course, the real answer to this is that neither solution is > desirable. I've heard several people here say that if localhost were > "fixed" in an RFC, then the W3C could mark http connections to localhost > as secure, rather than insecure. This is of course nonsense. The > fact is that you should always validate the endpoint you are connecting > to using some secure protocol. With a unix domain socket, you can pass > credentials over the socket. With a TCP or UDP connection, you can't > do that, so you need to use cryptography. Speaking of which, MySQL uses the word "localhost" as a switch to use a UNIX domain socket instead of IP for its connection. Just sayin' ;) Ray _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop