>>>>> "Paul" == Paul Wouters <p...@cypherpunks.ca> writes:
Paul> So what happens in my case? Either google is blocked, or google is
Paul> downgraded to plaintext. Or the application could distinguish between
Paul> my suggested boguspublic-key versus the real google
Google is plaintext, you never had the right to speak for it.
Paul> Yes, and what I'm saying is that current methods for tying DANE to
IPSEC
Paul> fail, because there is no binding to the legitimacy of the proclaimed
Paul> gateway.
I assume by "current methods", you mean RFC4322?
Or is there another proposal that I've missed?
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
pgp02LC96anVU.pgp
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
