[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: #1047 Path field delimiters and syntax - status

To: ietf-usefor@xxxxxxx
Subject: Re: #1047 Path field delimiters and syntax - status
From: "Charles Lindsey" <chl@xxxxxxxxxxxxxxxx>
Date: Mon, 12 Sep 2005 12:28:54 GMT
List-archive: <http://www.imc.org/ietf-usefor/mail-archive/>
List-id: <ietf-usefor.imc.org>
List-unsubscribe: <mailto:ietf-usefor-request@imc.org?body=unsubscribe>
Newsgroups: local.usefor
References: <> <> <> <> <> <> <> <>
Sender: owner-ietf-usefor@xxxxxxxxxxxx
Xref: clerew local.usefor:22513

In <A00A5D4776FC9F50C55ED8F2@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> Harald Tveit Alvestrand <harald@xxxxxxxxxxxxx> writes:

>--On fredag, september 09, 2005 13:45:05 +0000 Charles Lindsey 
><chl@xxxxxxxxxxxxxxxx> wrote:

>>> I think you're missing here a FQDN not associated with any of these,
>>> possibly not even existing according to DNS, but within "your" sphere of
>>>  administration - that is, a FQDN which "you" could make exist or
>>> associate   with one of the above, but haven't.

>There's tradition for using DNS names like that - in another discussion, I 
>got the following piece quoted at me from RFC 2486, Section 6:

>   NAI realm names are required to be unique and the rights to use a
>   given NAI realm for roaming purposes are obtained coincident with
>   acquiring the rights to use a particular fully qualified domain name
>   (FQDN).  Those wishing to use an NAI realm name should first acquire
>   the rights to use the corresponding FQDN. Using an NAI realm without
>   ownership of the corresponding FQDN creates the possibility of
>   conflict and therefore is to be discouraged.

Yes, but that does not go as far as Forrest was suggesting. RFC 2486 makes
it clear that if you want to use foo.bar.example.com as an NAI realm, then
it had better resolve to _something_ in the DNS (though maybe a mere TXT
record would suffice).

What Forrest seems to be suggesting is that, if bar.example.com belongs to
you, and is recorded in the nameserver for example.com, then you should
automatically be allowed to use foo.bar.example.com as a <path-identity>
without having it recorded in the DNS, either by the nameserver at
example.com, or by whatever nameserver you establish for bar.example.com.

That is going too far for my taste (though it could certainlky be written
into USEPRO if that is what this WG really wants).

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl@xxxxxxxxxxxxxxxx      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5

Follow-Ups:
- NAI semantics (Re: #1047 Path field delimiters and syntax - status)
  - From: Harald Tveit Alvestrand

References:
- #1047 Path field delimiters and syntax - status
  - From: Harald Tveit Alvestrand
- Re: #1047 Path field delimiters and syntax - status
  - From: Harald Tveit Alvestrand
- Re: #1047 Path field delimiters and syntax - status
  - From: Charles Lindsey
- Re: #1047 Path field delimiters and syntax - status
  - From: Harald Tveit Alvestrand
- Re: #1047 Path field delimiters and syntax - status
  - From: Charles Lindsey
- Re: #1047 Path field delimiters and syntax - status
  - From: Kai Henningsen
- Re: #1047 Path field delimiters and syntax - status
  - From: Charles Lindsey
- Re: #1047 Path field delimiters and syntax - status
  - From: Harald Tveit Alvestrand

Prev by Date: Re: 2822bis (was: Virtual last call on "bounce")
Next by Date: Re: #1047 Path field delimiters and syntax - status
Previous by thread: Re: #1047 Path field delimiters and syntax - status
Next by thread: NAI semantics (Re: #1047 Path field delimiters and syntax - status)
Index(es):
- Date
- Thread