Re: [certid] Second Last Call: draft-saintandre-tls-server-id-check (...) to BCP
SM <sm@resistor.net> Mon, 24 January 2011 21:49 UTC
Return-Path: <sm@resistor.net>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E6063A6967 for <certid@core3.amsl.com>; Mon, 24 Jan 2011 13:49:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.428
X-Spam-Level:
X-Spam-Status: No, score=-102.428 tagged_above=-999 required=5 tests=[AWL=-1.243, BAYES_40=-0.185, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RIFqc4W+RhdG for <certid@core3.amsl.com>; Mon, 24 Jan 2011 13:49:00 -0800 (PST)
Received: from ns1.qubic.net (ns1.qubic.net [208.69.177.116]) by core3.amsl.com (Postfix) with ESMTP id CF7663A68EE for <certid@ietf.org>; Mon, 24 Jan 2011 13:49:00 -0800 (PST)
Received: from SUBMAN.resistor.net ([10.0.0.1]) (authenticated bits=0) by ns1.qubic.net (8.14.5.Alpha0/8.14.5.Alpha0) with ESMTP id p0OLplhk023965 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 24 Jan 2011 13:51:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1295905915; x=1295992315; bh=iLDsV7QT5cBP6gMcho7ZG5D3Ig8mIcR85D1gWIWUURE=; h=Message-Id:Date:To:From:Subject:Cc:In-Reply-To:References: Mime-Version:Content-Type:Cc; b=3h/V4QASbqQNd8XKH6WfvPJY5JoE9CQYxKxMePrlTbxK+C7o2ou6nlJ23Jv0tv8cP K2hVfGOwF56QevNDITkfJTCBap43hSRg9fyxlmgYYXMRzj2iaZTegxKJg/9YX0sLvS fvqqwP+F8SHRRCgbcBZgIImEIOuA2SiKQs36CuKE=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1295905915; x=1295992315; bh=iLDsV7QT5cBP6gMcho7ZG5D3Ig8mIcR85D1gWIWUURE=; h=Message-Id:Date:To:From:Subject:Cc:In-Reply-To:References: Mime-Version:Content-Type:Cc; b=JAxyGcOykJ6iN4mfDn3ZF8W2GFe34ayDKXL9oIW2icDCFTsdNCn49MGoM+Qxv9edV cplCq2y8UIxRN+SUH1CNxU36jvh+eh2lrsK8jyK5tcVWrj0ft1Ah6WoFm3ANhgxC8S pNCm69h/Njn+FDwYiHoneY1/JjaUZrKdm5nZXUrc=
DomainKey-Signature: a=rsa-sha1; s=mail; d=resistor.net; c=simple; q=dns; b=OeHvPFXWIK4mFlTMZwlQ6gMI7G/bTJ4Iw1LCZfXblQRuM+D2vClt+fa4ui2vwI3Ry rWjv/XzGt8tNhff0PwEXpfsGvl/N0e0zdh3OYE7YqYr2JHAeBHJ2AIgeW5KiKLO6fvI 3J0RIX1T6Afsd/AVuW6nMl7zPSaTcB288o0K+ZI=
Message-Id: <6.2.5.6.2.20110124131217.06ff0fe8@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 24 Jan 2011 13:13:58 -0800
To: =JeffH <Jeff.Hodges@KingsMountain.com>
From: SM <sm@resistor.net>
In-Reply-To: <4D3A2DE2.4050304@KingsMountain.com>
References: <4D3A2DE2.4050304@KingsMountain.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: IETF cert-based identity <certid@ietf.org>
Subject: Re: [certid] Second Last Call: draft-saintandre-tls-server-id-check (...) to BCP
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates <certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2011 21:49:02 -0000
Hi Jeff, At 17:07 21-01-11, =JeffH wrote: >No, "foo*" isn't a legit dns label per se. However, it's only used in >"presented" domain names in various contexts -- certs being one -- >and intended >for matching within applications, not for actual dereferencing via the DNS. Thanks for clarifying that and for the feedback. Regards, -sm