Martin Rex <[email protected]> declared..
>
> Paul Hoffman wrote:
>>
>> If you feel that way, fine. We have historically seen deployed PKIX
>> implementations that got the order wrong because they had no certs
>> to test with. I do not hold it against someone to get the order wrong,
>> particularly because all of the text examples in RFC 5280 say
>> "dc=example,dc=com".
>
> You're right on the spot -- all of the DC= examples in rfc-5280 are
> purely about >>domain name<<. There is also a server mentioned
> "ldap.example.com", but there is not a single example in rfc-5280
> that puts a >>hostname<< into a DC component.
However, there is a explicit, and to-some-degree-formally acknowledged,
disagreement over whether there are salient differences (today) between
"hostnames" and "domain names".
I just want to point this out because I only recently became aware of it while
working on -server-id-check- and -strict-transport-sec- and I think it is
something many of us should be aware of, however I don't think re-opening such
a discussion is appropriate for the certid@ list.
The acknowledged disagreement is buried in RFC3490 [1] in its terminology
section (emphasis added)..
[STD13] talks about "domain names" and "host names", but many people
use the terms interchangeably. Further, because [STD13] was not
terribly clear,
>>> many people who are sure they know the exact <<<
>>> definitions of each of these terms disagree on the definitions. <<<
In this document the term "domain name" is used in general. This
document explicitly cites [STD3] whenever referring to the host name
syntax restrictions defined therein.
A significant portion of the discussion that led to the above posture is
documented in this thread
<http://www.ops.ietf.org/lists/idn/idn.2001/threads.html#02989> (from back in
2001) rooted here...
[idn] hostname history hell
http://www.ops.ietf.org/lists/idn/idn.2001/msg02989.html
And here's Patrik Fältström's contribution/statement to the thread which seems
to presage the above-cited rfc3490 language..
http://www.ops.ietf.org/lists/idn/idn.2001/msg03048.html
=JeffH
[1] "Internationalizing Domain Names in Applications (IDNA)" RFC3490
http://www.ietf.org/rfc/rfc3490.txt
_______________________________________________
certid mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/certid
