ietf
[Top] [All Lists]

Re: [certid] Review of draft-saintandre-tls-server-id-check

2010-09-14 13:45:28
On Tue Sep 14 16:45:12 2010, Shumon Huque wrote:
On Mon, Sep 13, 2010 at 08:12:47PM +0100, Dave Cridland wrote:
> "The requested DNS domain name for the specified service. That is,
> the domain name which would be found in the URI for the service, and > other protocol identifiers of a similar nature. Where the service is
> directly requested by hostname, this domain name would be the
> requested hostname."
>
> I think that covers all the cases I'd expect by example, without
> worrying about who's asserting and certifying. No doubt someone will
> reword with a sprinkling of 2119.
>
> Dave.

This particular sub thread is about errata to 4985, right? If so,
I don't think it should mention "URI" or "identifiers of a similar
nature". Or are you proposing more general text for inclusion in
draft-saintandre-tls-server-id-check?


For 4985. The reason I mention URIs and suchlike is that if someone is attempting to verify a certificate for, say, xmpp://dwd(_at_)dave(_dot_)cridland(_dot_)net/, the Name is the domain in the URI, and not any intermediate form.

Actually, what would be really useful is if the document provided an
actual example of an SRV record and and SRVName, right after the
definitions in Section 2. Lack of clear examples is a very common
problem with many IETF specifications.

An example speaks a thousand normative statements, as they say.

Dave.
--
Dave Cridland - mailto:dave(_at_)cridland(_dot_)net - 
xmpp:dwd(_at_)dave(_dot_)cridland(_dot_)net
 - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
 - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf