RE: Review of draft-saintandre-tls-server-id-check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Peter said:

"Aha, I see the source of confusion. I think the first sentence of Section 5.1 is better written as follows:

   When the connecting application is an interactive client,
   construction of the reference identifier SHOULD be based on the
   source domain and service type provided by a human user (e.g. when
   specifying the server portion of the user's account name on the
   server or when explicitly configuring the client to connect to a
   particular host or URI as in [SIP-LOC]) and SHOULD NOT be based on a
   target domain derived from the user inputs in an automated fashion
   (e.g., a host name or domain name discovered through DNS resolution
   of the source domain).

We want to make sure that the reference identifier is based on the source (user-provided) domain, not the target (automatically-derived) domain, except perhaps in several well-defined and carefully-limited scenarios.

Peter"

[BA] IMHO, this text is much clearer.  Thanks!

--
Peter Saint-Andre
https://stpeter.im/



_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]