DNS is specially designed to be tied to IP addresses and so are ip addresses
to DNS (reverse dns which is in fact used by some mailers to establish
identity). It seems to me we can not rely on just ip address or just domain
but both can be used with possibly additional means of authentication when
one or the other changes. Big problem is how to provide distributed
authentication if it must be independent of either ip addresses or domain names.
On Thu, 6 Mar 2003, Keith Moore wrote:
subject to relataively few constraints, you own 'danisch.de' for as long as
you renew it. most users do not own their IP addresses. in order for routing
to scale (at least with current routing protocols), it is necessary that
networks be renumbered from time to time. so we do not want to encourage
tight binding of IP addresses to domain names even for those cases where it
might
work, for now. also, source addresses can sometimes be forged, so we don't
want to rely on them as authentiation tokens.
Keith
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg