FreeS/WAN IPsec for Linux, OCLUG tutorial 2003-01-30, RGB
Next
Table of Contents
Must acquire public keys somehow:
Could be done with X.509...
But putting keys in DNS is better!
Also handles gateway discovery.
DNS data itself signed for security:
Tree of signatures matching DNS tree.
Top-level signatures well known.
Top-level-domain politics are a problem.
Web-of-trust approach instead?
Title Page
Last modified by
Richard Guy Briggs
,
Thu Jan 30 14:19:00 EST 2003
.