Stephane Bortzmeyer wrote : > [Mark Andrews is right, it is very difficult to separate your message > from the parts you quote, my mail reader does not have a HTML parser > !] Thanks. I will try to be more careful. > On Wed, Feb 20, 2008 at 01:57:18PM +0100, Rémi Després > <remi.despres@xxxxxxx> wrote a message of 44 lines which said: > >> The first 64 bits of IPv6 addresses are still available to identify >> sites from which connections are initiated. > > I was not speaking about you *can* do but about what people *do* > today. A lot of people use the existence (or not) of a PTR record to > grant you access or not. You may tell them "PTR is useless, use the > first 64 bits of the address instead", they won't listen. I didn't tell anybody that PTRs were useless (and don't think it either!) :-). >> PTR RRs are normally used to get names corresponding to prefixes, >> not to addresses, so that there is IMU no reverse DNS problem here. >> >> > > AFAIK, there is no DNS way to resolve prefixes into names (RFC 1101, > may be? Can we apply it to IPv6 addresses?). A PTR is for a complete > adress, not for a prefix. I have to recognize that my knowledge of the DNS needs improvements. Sorry for that. Thanks for the rectification. As I now se it, I wrongly interpreted PTR RRs used for zone delegation as RRs that could also be used to identify sources. Then the point is different. An advantage of NATs, for remote host identification, is that a host name given to a NAT device serves as substitute name to all real hosts behind this NAT. A similar result could be achieved if resolvers, when they have to get a name for an IPv6 address having a privacy ID, instead of having no chance to get any name, would replace this ID by an agreed standard value for which there is a PTR RR. RD _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf