On Thu, Sep 09, 2010 at 01:39:30AM +0200, Stefan Santesson wrote:
>
> I actually think we made an error in 4985 and that the domain name should be
> the domain that the service is authorized to represent.
>
> RFC 4985 is ambiguous here: the definition of the name form says:
>
> "The DNS domain name of the domain where the specified service
> is located."
>
> This corresponds to #2 in your example
> While the description underneath the definition states:
>
> "The purpose of the SRVName is limited to authorization of service
> provision within a domain."
>
> Which corresponds to #1.
>
> I think there should be an errata correcting the definition to be:
>
> "The DNS domain name of a domain for which the certified subject
> is authorized to provide the identified service."
>
> As it is now, the RFC is ambiguous.
Earlier in RFC 4985, it says:
The SRVName, if present, MUST contain a service name and a domain
name in the following form:
_Service.Name
The content of the components of this name form MUST be consistent
with the corresponding definition of these components in an SRV RR
according to RFC 2782
I think this was actually clear enough. The subsequent statement that
Name is "The DNS domain name of the domain where the specified service
is located." (which could mean any of a number of things) confused the
issue, and probably should not have been in the document.
--
Shumon Huque
University of Pennsylvania.
_______________________________________________
Ietf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf
