[Freeipa-devel] [DESIGN] IPA client in AD DNS domain
Simo Sorce
simo at redhat.com
Tue May 24 14:04:43 UTC 2016
On Tue, 2016-05-24 at 16:32 +0300, Alexander Bokovoy wrote:
> On Tue, 24 May 2016, Simo Sorce wrote:
> >On Tue, 2016-05-24 at 10:44 +0300, Alexander Bokovoy wrote:
> >> >Alternative technical approach is to add aliases to an host's
> >> attribute and
> >> >use it from there. I suspect that this would be less flexible and
> >> less
> >> >future-proof.
> >
> >> I don't see a need for alias-as-a-property. Instead, I'm interested in
> >> having a possibility to have different keys, certificates, etc, on
> >> objects used as aliases. This improves security position by splitting
> >> the manager and the user of the resource.
> >
> >Can you elaborate on this ?
> >Are you misusing the "alias" word here to just mean "host that have
> >multiple identities" like clusters/load ballancers/proxies etc... ?
> Precisely.
then let's find a term that will not make comms, confusing, what about
"Shared ID" ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list