> "Yoav" == Yoav Nir writes:
Jorge> I agree DNSSEC cannot be assumed, its deployments have been
Jorge> marginal.
>> DNSSEC is *one* *public* trusted third party. It's not the only
>> way to use DNS securely, it's just the easiest one to arrange
>> between total strangers
Put differently, it better be Wednesday night, since I can't be in Taipei any
earlier ;-).
-geoff
From: Stephen Hanna
Sent: Friday, October 28, 2011 3:09 PM
To: Yoav Nir; Geoffrey Huang
Cc: ipsec@ietf.org
Subject: RE: [IPsec] New -00 draft: Creating Large Scale Mesh VPNs Problem
I agree. Wednes
On 10/31/11 3:30 PM, "Michael Richardson" wrote:
>
>> "Jorge" == Jorge Coronel writes:
>Jorge> +1
>
>Jorge> I agree DNSSEC cannot be assumed, its deployments have been
>Jorge> marginal.
>
>DNSSEC is *one* *public* trusted third party. It's not the only way to
>use DNS securely
Hi,
I'm looking at a bug report where openswan sends a Delete/Notify in response to
a Delete/Notify message. I vaguely remember things got cleared up on this for
IKEv2, but I cannot find in 2401/2406/etc what the proper response is.
If the peer send us a Notify/Delete, they no longer can rec
> "Jorge" == Jorge Coronel writes:
Jorge> +1
Jorge> I agree DNSSEC cannot be assumed, its deployments have been
Jorge> marginal.
DNSSEC is *one* *public* trusted third party. It's not the only way to
use DNS securely, it's just the easiest one to arrange between total
strangers