Comment 3 for bug 886509

Few clarifications after some discussion with Xin:

1. I realized that the issue is irrelevant of HIP version number because (in theory) it's possible to include new algos in HIPv1.
2. Retrieving identities with "get hi all" is not an idea solution because it's just the run time identity configuration, not the actual algorithm support. For example, the following scenario works:
* Initiator and Responder support both algos A and B
* Initiator has a run-time identity for algo A and Responder for B

As the list of algorithm is quite static, I would suggest to store in in DNS proxy directly instead of querying from daemon. See the list of supported algos e.g. in hipd/hidb.c:get_public_key(). You could add a note in the file lib/core/protodefs.h near HIP_HI_xx definitions to update also DNS proxy whenever new algorithms are introduced.

This way, no new command line parameters for DNS proxy are needed and you can filter based on PK algorithm field. So, this should be quite simple.

(Note: a new hipconf option would introduce an additional bottleneck to the boot-up sequence between hipd and dnsproxy, so I am not encouraging it)