>On Sun, Nov 30, 2014 at 06:48:41PM -0700, Peter Saint-Andre - &yet wrote: >General comment: > > The draft frequently talks about "hostnames", where what is > really meant is a transport endpoint (port, transport protocol, > host). With PKIX-EE or DANE-EE certificate usages, TLSA records > are more precise than the Web PKI and can associate different, > non-interchangeable key material with distinct services on a > single host. So in many places I will be suggesting replacing > statements about "hostnames" with statements about "transport > endpoints".
>From a DNS point of view, this may be more confusing. DNS does not distinguish >between different types of record owners. If you put it in there, it just >became a domain name, which most people will refer to as a host name if it is >not at the apex. I will agree that from a DANE point of view, it is a transport endpoint. But from a pure DNS point of view, it is domain/host name, regardless of intent. Not saying it's not a good distinction, it is, but I would tread lightly where you are talking about the actual TLSA record owner name. Michael Sheldon Dev-DNS Services GoDaddy.com _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
