ietf-clear
[Top] [All Lists]

Re: [clear] CSV-CSA draft questions

2005-09-08 13:56:50
On September 1, 2005 at 23:05, Douglas Otis wrote:

   --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---
  | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 0 |
   --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---
    15  14  13  12  11  10  9   8   7   6   5   4   3   2   1   0

Actually the IETF has a practice of defining the MSB as bit 0.  This  
can be confusing when describing bit settings.  Rather than  
specifying the bit ordering, the settings were defined by value.  A  
bit with a value of 1 would be bit 15 per IETF big endian  
conventions, and bit 0 per common little endian architectures.  Bit  
values of 1, 2, or 4 was an attempt to avoid this ambiguity.

I'm trying to write a technical summary of CSV, hence my initial
questions, especially on the details since I would like to include
example zone file record entries.

I want to confirm that bit value 1, 2, 3, ... in CSA terminology
corresponds to bit value 15, 14, 13, ... in RFC-1035 terminology.

If I have an SMTP client called smtp.example.com that I want
to authorize under CSA, I should have the following records in
my zone file:

  _client._smtp.smtp.example.com. IN SRV 1 2 1 smtp.example.com.
  smtp.example.com.               IN A 172.30.10.33

If I want to inform SMTP servers that I provide CSA records for
all my clients, I'd have the following record in my zone file:

  _client._smtp.example.com. IN SRV 1 3 1 _client._smtp.example.com.

I'm trying to understand the applicable uses of a Weight summed value
of 3.  What are the cases where authorization is allowed, but target
must not be used for authentication?  Is my use of Weight 3 in my
above assertion record appropriate?

If an SMTP server gets a Weight 3 on a client lookup, must it then do
an explicit address lookup to determine if the client is authenticated?

What is server behavior if a client is listed as authorized but
cannot be authenticated?

Thanks,

--ewh
_______________________________________________
ietf-clear mailing list
ietf-clear(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-clear