Eric Vyncke \(evyncke\) <evyncke=40cisco....@dmarc.ietf.org> wrote:
> As already written, I still regret that this document restricts itself
> to MUD while it could be used for any layer-3 ACL (e.g., plain
> firewalls) and many shipping products are doing so for many years.
I guess I missed that comment.
I'm not sure I understand how plain firewalls would use DNS in ACLs.
Can you say more?
Obviously, they can accept names and do DNS lookups to get the IP addresses,
but this isn't tied directly to any activity that some "client" (node/host)
is doing.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ OPSAWG mailing list -- opsawg@ietf.org To unsubscribe send an email to opsawg-le...@ietf.org
