One approach for "name" based authorization would place an encoded
hash label of the domain name being authorized within the
authorizing
domain. Client validation can be as simple as resolving the name of
the client, where this name can then be utilized in conjunction with
a "name" based authorization. In the case of DKIM, DNS also
supplies
the public key as well.
Is there a draft describing this somewhere?
--Michael Dillon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf