[EMAIL PROTECTED] wrote: > >> no, the device answering ICMPv6 request is not named. > >??? I'm a bit confused. Are you saying that we can *not always* > >assume the device answering ICMPv6 request runs a name server? > > the thread of email assumes the following diagram. > > itojun > > > > client resolver ---------> named -------> the target > > DNS query NI query > > client resolver <--------- named <------- the target > > DNS response NI response
As I was toying around with Opportunistic Encryption it shaded another light on this subject. Could there be a query type which requests the KEY (just like the DNS RR) of a host. This would allow for example FreeS/WAN and Racoon and other IPSec implementations to request the public KEY from the host itself in a standardized way. The proposed DNS<->nodeinfo could then also provide this information over DNS. Ofcourse one has no 100% ensurance that the replied KEY is valid at all. Greets, Jeroen -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------