Sent from my iPhone
On Dec 17, 2010, at 4:08 AM, [email protected] wrote: > > According to Section 3.6, configuration file and certificate are obtained > from configuration server and enrollment server respectively. > But according to Section 10.2, configuration file is obtained from enrollment > server. > The enrollment server IS the configuration server. The certificates are stored in the configuration file on the enrollment server. So this lingo about "configuration server" should be removed or reworded. > > BR > Lichun > > > > jc <[email protected]> > 2010-12-17 16:54 > > 收件人 > "[email protected]" <[email protected]> > 抄送 > P2PSIP WG <[email protected]> > 主题 > Re: [P2PSIP] Where to get configuration file and certificate? > > > > > > What are your questions exactly? > > dns_srv->connect->get->parse_xml is the flow. > > Julian > > On Dec 17, 2010, at 1:51 AM, [email protected] wrote: > > > I am confused about the enrollment in RELOAD base draft. > > Section 3.6.1. of RELOAD base draft says: > " The node does a DNS SRV lookup on the > overlay name to get the address of a configuration server. It can > then connect to this server with HTTPS to download a configuration > document which contains the basic overlay configuration parameters as > well as a set of bootstrap nodes which can be used to join the > overlay." > > Section 3.6.2. of RELOAD base draft says: > "In that case, the > configuration document will contain the address of an enrollment > server which can be used to obtain such a certificate." > > Section 10.2. of RELOAD base draft says: > "Once an address and URL for the enrollment server is determined, the > peer forms an HTTPS connection to that IP address. The certificate > MUST match the overlay name as described in [RFC2818]. Then the node > MUST fetch a new copy of the configuration file. To do this, the > peer performs a GET to the URL. " > > BR > Lichun > > -------------------------------------------------------- > ZTE Information Security Notice: The information contained in this mail is > solely property of the sender's organization. This mail communication is > confidential. Recipients named above are obligated to maintain secrecy and > are not permitted to disclose the contents of this communication to others. > This email and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. If > you have received this email in error please notify the originator of the > message. Any views expressed in this message are those of the individual > sender. > This message has been scanned for viruses and Spam by ZTE Anti-Spam system. > > _______________________________________________ > P2PSIP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/p2psip > > -------------------------------------------------------- > ZTE Information Security Notice: The information contained in this mail is > solely property of the sender's organization. This mail communication is > confidential. Recipients named above are obligated to maintain secrecy and > are not permitted to disclose the contents of this communication to others. > This email and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. If > you have received this email in error please notify the originator of the > message. Any views expressed in this message are those of the individual > sender. > This message has been scanned for viruses and Spam by ZTE Anti-Spam system.
_______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
