Re: Is there agreement on ddns (or any such) with autoconfigured hosts?

To: Jeroen Massar <jeroen@unfix.org>
Cc: debian-ipv6@lists.debian.org
Subject: Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Tue, 28 Jun 2005 15:53:21 -0400
Message-id: <[🔎] 8984.1119988401@marajade.sandelman.ottawa.on.ca>
In-reply-to: Message from Jeroen Massar <jeroen@unfix.org> of "Tue, 28 Jun 2005 21:45:55 +0200." <[🔎] 1119987955.7320.7.camel@firenze.zurich.ibm.com>
References: <[🔎] 20050628180631.GA25804@buici.com> <[🔎] 8723.1119985969@marajade.sandelman.ottawa.on.ca> <[🔎] 1119987955.7320.7.camel@firenze.zurich.ibm.com>

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Jeroen" == Jeroen Massar <jeroen@unfix.org> writes:
    Jeroen> What is the exact problem, as I am missing a large detail of
    Jeroen> it :) The above skips the DHCP server.

  Random clients do not have a trust relationship with the owner of the
reverse zone.
  (consider laptops that show up at an IETF)

  In IPv4 with DHCP, we solve this by giving the DHCP *server* a trust
relationship with the owner of the reverse zone. (And DHCPv4 can be
secured, and can even be secured for random clients)

  In IPv6, if we used DHCPv6 (not very popular yet), we can replicate
the model. If we are using RS/RA, then we have to find a way for the RS
to have a trust relationship with the owner of the reverse zone. That
part is easy --- the question is how does the RS even know about the new
clients?

- -- 
] Michael Richardson          Xelerance Corporation, Ottawa, ON |  firewalls  [
] mcr @ xelerance.com           Now doing IPsec training, see   |net architect[
] http://www.sandelman.ca/mcr/    www.xelerance.com/training/   |device driver[
]                    I'm a dad: http://www.sandelman.ca/lrmr/                 [


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQsGqsIqHRg3pndX9AQFxPQP+N1SdZ5+UKehUUbuH8kRpQSBmo0XHevF0
Y/cHLJP2QbRcwzNVmDHiv/0pGcQ8ui9XTBCWpcFyx+JgV4zdhQZid1zMRgyltq6u
r4+v2SIsx1zbmSLccjvIb5kDbOodiX3pN7ozh9iYvixpP9STtciG+9RYld2K99U1
cDyIPRXKtO0=
=BKLc
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
  - From: Marc Singer <elf@buici.com>

References:
- Is there agreement on ddns (or any such) with autoconfigured hosts?
  - From: Marc Singer <elf@buici.com>
- Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
- Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
  - From: Jeroen Massar <jeroen@unfix.org>

Prev by Date: Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
Next by Date: Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
Previous by thread: Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
Next by thread: Re: Is there agreement on ddns (or any such) with autoconfigured hosts?
Index(es):
- Date
- Thread