From owner-cvs-all  Fri Jul 14 13: 5:39 2000
Delivered-To: cvs-all@freebsd.org
Received: from lucifer.ninth-circle.org (lucifer.bart.nl [194.158.168.74])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5FE1837B802; Fri, 14 Jul 2000 13:05:28 -0700 (PDT)
	(envelope-from asmodai@lucifer.ninth-circle.org)
Received: (from asmodai@localhost)
	by lucifer.ninth-circle.org (8.9.3/8.9.3) id WAA70323;
	Fri, 14 Jul 2000 22:05:24 +0200 (CEST)
	(envelope-from asmodai)
Date: Fri, 14 Jul 2000 22:05:24 +0200
From: Jeroen Ruigrok van der Werven <jruigrok@via-net-works.nl>
To: Robert Watson <rwatson@FreeBSD.org>
Cc: Hajimu UMEMOTO <ume@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/lib/libutil realhostname.c
Message-ID: <20000714220524.E69824@lucifer.bart.nl>
References: <20000714214518.C69824@lucifer.bart.nl> <Pine.NEB.3.96L.1000714155442.86948A-100000@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2i
In-Reply-To: <Pine.NEB.3.96L.1000714155442.86948A-100000@fledge.watson.org>; from rwatson@FreeBSD.org on Fri, Jul 14, 2000 at 03:55:58PM -0400
Organisation: VIA Net.Works The Netherlands
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

-On [20000714 22:00], Robert Watson (rwatson@FreeBSD.org) wrote:
>On Fri, 14 Jul 2000, Jeroen Ruigrok van der Werven wrote:
>
>> >if two, then also the hostname at the time that the connection occurred.
>> >Furthermore, it would be nice if an authenticity parameter was present for
>> >both fields: (1) protection assuring that the IP was accurate (based on
>> >IPsec somehow), and (2) protection assuring the name for the IP was
>> >accurate (based on DNSsec).  I don't see either happening soon, but we can
>> >and should fix the incorrect/inappropriate use of wtmp and utmp.
>> 
>> DNSsec is still a problem due to the licensing if I understood Peter
>> Wemm correctly.  Corrections on this topic are very much welcome, I will
>> then pursue to make sure DNSsec gets imported and enabled.
>
>The only licensing problem I know about is the dependence on RSA, which
>goes away soon.  Is there another licensing problem I don't know about?

Hmm, and since WCCDROM/BSDi is allowed to export it I can effectively
start enabling it?

>We'd presumably prefer to use the BIND9 implementation, when available.

BIND 9.0.0 is only in RC3 stage.  Plus there appear to be a few problems
with it on FreeBSD.  I am aiming for some examination on that this
weekend.

>(There's also the traditional philosophical objections to DNSsec, but I'm
>more concerned with legal and technical issues here)

*nod*  Same here.

-- 
Jeroen Ruigrok van der Werven          Network- and systemadministrator
<jruigrok@via-net-works.nl>            VIA Net.Works The Netherlands
BSD: Technical excellence at its best  http://www.via-net-works.nl
Only the good die young, all the evil seems to live forever...


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message