[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] Reverse resolution of VPN/GNS

From: Christian Grothoff
Subject: Re: [GNUnet-developers] Reverse resolution of VPN/GNS
Date: Fri, 4 Nov 2016 19:02:19 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.4.0

On 11/04/2016 06:46 PM, Martin Schanzenbach wrote:
>> > This summer I reported
>> > 
>>> > > 
>>> > > For many kinds of applications we need to authenticate incoming
>>> > > connections as coming from a certain person or at least from a
>>> > > certain peer. The exit daemon is currently not providing a way to
>>> > > find out who is calling. Resolving the virtual IP number would be
>>> > > the most backward compatible method. Best if it resolves to the
>>> > > same "hostname" as the matching outgoing <nickname>.gnu, or even
>>> > > uses the same virtual IP as an outgoing VPN tunnel would use.
>> > 
> Yes, this is what reverse resolution is for. The only thing you can
> know about the "caller" is his peerid/identity, at best. 
> Now, the question is how you find a path from _your_ identities to that
> peer. The other way around not necessarily useful.

We need to distinguish:

* reverse resolution of a (VPN) IP address to GNS name
* reverse resolution of GNS Zone key to GNS name

You are both confusing / confounding the two.  In my view, they are
likely to require very different methods to tackle.

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]