FreeS/WAN IPSec for Linux, AOC-Ottawa 2002-01-24, RGB
Next
Table of Contents
Must acquire public keys somehow:
Could be done with X.509...
But putting keys in DNS is better!
Also handles gateway discovery.
DNS data itself signed for security:
Tree of signatures matching DNS tree.
Top-level signatures well known.
Top-level-domain politics are a problem.
Web-of-trust approach instead?
Title Page
Last modified by
Richard Guy Briggs
,
Thu Jan 24 11:06:42 EST 2002
.