On 9/14/10 1:58 AM, Dave Cridland wrote: > On Tue Sep 14 01:03:39 2010, Stefan Santesson wrote: > >> - If you just check the dNSName, you will miss the fact that you talk >> to the >> desiganted ldap server and not the xmpp server (even if that >> information is >> in the cert). >> >> > Kind of. The rules effectively mean that dNSName is treated as a sRVName > with a wildcard service type, as I understand it. That's a good way to put it. Peter -- Peter Saint-Andre https://stpeter.im/ _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf