On 11/27/2015 01:39 PM, Jan Cholasta wrote:
On 27.11.2015 13:10, Petr Vobornik wrote:
On 11/27/2015 12:46 PM, Petr Spacek wrote:
On 27.11.2015 09:00, Jan Cholasta wrote:
On 27.11.2015 08:33, Martin Kosek wrote:
On 11/27/2015 07:05 AM, Jan Cholasta wrote:
On 26.11.2015 17:15, Petr Vobornik wrote:
New topology management gives names to managed suffixes:

ipaca: o=ipaca
realm: dc=example,dc=com

We already had several offline discussions to change the names
they could be better. It would be difficult to change them after
of 4.3.

New proposals:
ca for o=ipaca
domain for dc=example,dc=com

What do you think?


ca is probably fine. Domain also, although the original realm name
is OK
with me too, domain has too many meanings and can be confused with DNS

Realm is too Kerberos-specific. The names are visible only in topology
context, so I don't think it would be confusing. When you say "the
suffix", it describes the suffix pretty correctly IMHO.

Here I agree with Martin that domain is too overloaded term, so I
would prefer
realm or so.

Also, I do not think that 'Realm is too Kerberos-specific' is a valid
because 'domain is too DNS-centric' :-)

I guess we could find arguments for both 'domain' and 'realm'. :) I
don't have strong opinions on any.

Actually, DN of the suffix consist of several 'DC' RDNs. DC is an
initialism of "domain component". Several components create a domain so
domain is correct ;)

"Domain" is also used by AD and in our documentation IIRC.

We also have "domain levels" and not "realm levels" and IPA domain level has very little to do with DNS.

Martin^3 Babinsky

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to