> So more accurately, you meant like this? > > NI query > nodeinfo client ------------------> the target > with some private key > <------------------ > NI response signed > by the private key
Yes, where the name in the response is a valid domain name, and when the client looks for a KEY record on that domain name, it finds a public key that can be used to successfully validate the signature on the response. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
