Jun-ichiro itojun Hagino wrote: >>>> I've recently concluded that we need an extension to getaddrinfo() along >>>> these lines, but I'm looking for somewhat tighter and more generic >>>> semantics. >>>> >>>> My proposal is to add an AI_SECURE_CANONNAME flag with the following >>>> semantics: >>>> >>> do not try to implement policy into applications. you will end up >>> forced to (?) rewrite every existing applications. >>> >>> >> perhaps, but having the policy be application-independent doesn't make >> sense either. >> >> it can be application-specific, without application modification. >> check out "systrace" by Niels Provos. >> it's useful but it really isn't flexible enough to remove the need for applications to be able to specify policies. Keith _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf