El 17 ag 2017, a les 23:19, Brian Dickson <brian.peter.dick...@gmail.com> va escriure: > Use DNSSEC, and use something other than "localhost." > Does the host know its own name(s)?
Depending on the context, the host likely doesn't have a name. If it does have a name, PKI works, so there's no need for some sort of ad-hoc trust regime. You should assume that the only reason someone would use localhost is that it's the best alternative, and propose solutions that work in that situation. Localhost might get used in other situations, but if you can't solve for that situation, you don't actually have a solution.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
