Jeroen Massar wrote:
Stephane Bortzmeyer wrote: [..]There are solutions for some protocols (SSH keys of RFC 4251 or Host Identifiers of HIP in RFC 4423 are two good examples) but no general "identity layer" in the Internet architecture.IMHO HIP (RFC4423) is that exact identity layer and additionally solves a number of other issues that it was made for.The big problem though is that actually getting programs to use this is cumbersome, simply because a lot of programmers don't know about it.
I like HIP. But if there is any OS that ships with HIP support, I haven't heard about it. And as soon as we get a "machine identity" I suspect we'll realize that what people want to identify isn't exactly a "machine" anymore.
Same goes for the use of SRV records, IMHO, instead of point to AAAA/A records for a service, one should *always* use SRV records.
NO. SRV records can only be used with applications that are specified to use SRV records - otherwise you'll break compatibility with legacy applications. And there are very few of these.
SRV records solve loadbalancing, failover and a lot of other issues mostly already in DNS.
Yeah, and they create a tussle between DNS operators and users.
Webbrowsers for instance don't do SRV yet. One of their arguments is 'lookup time', the same reason that some 'webdevelopers' used IP addresses in their websites as that would skip the resolving step...This is more about educating programmers than anything else...
Seems like IETFers need education at least as much as programmers do... Keith