Re: Authority name (was: [Crisp] I-D ACTION:draft-ietf-crisp-iris-xpc-04.txt)
Andrew Newton <andy@hxr.us> Tue, 25 July 2006 13:03 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G5MZX-0006nO-RD; Tue, 25 Jul 2006 09:03:39 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G5MZW-0006nG-K2 for crisp@ietf.org; Tue, 25 Jul 2006 09:03:38 -0400
Received: from zeke.toscano.org ([69.31.8.124] helo=zeke.ecotroph.net) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G5MZU-0005AF-CC for crisp@ietf.org; Tue, 25 Jul 2006 09:03:38 -0400
Received: from [10.0.1.102] ([::ffff:70.174.142.181]) (AUTH: PLAIN anewton, TLS: TLSv1/SSLv3,128bits,RC4-SHA) by zeke.ecotroph.net with esmtp; Tue, 25 Jul 2006 09:03:46 -0400 id 0158812E.44C616B2.00000DAA
In-Reply-To: <487354f10607250439n111cfa19n5573839c8d7206f9@mail.gmail.com>
References: <487354f10607250439n111cfa19n5573839c8d7206f9@mail.gmail.com>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <5581DE91-47C7-421F-A8D0-B3D09B0D8392@hxr.us>
Content-Transfer-Encoding: 7bit
From: Andrew Newton <andy@hxr.us>
Subject: Re: Authority name (was: [Crisp] I-D ACTION:draft-ietf-crisp-iris-xpc-04.txt)
Date: Tue, 25 Jul 2006 09:03:35 -0400
To: Robert Martin-Legene <rlegene@gmail.com>
X-Mailer: Apple Mail (2.752.2)
X-Spam-Score: 0.1 (/)
X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3
Cc: crisp@ietf.org
X-BeenThere: crisp@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Cross Registry Information Service Protocol <crisp.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/crisp>, <mailto:crisp-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:crisp@ietf.org>
List-Help: <mailto:crisp-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/crisp>, <mailto:crisp-request@ietf.org?subject=subscribe>
Errors-To: crisp-bounces@ietf.org
On Jul 25, 2006, at 7:39 AM, Robert Martin-Legene wrote: > And why is it there anyway? > > Clues? It's purpose is to signal the server about which registry it intends to address the query. And the client knows it based on the query. For example, if the client is looking up domain name example.dk at the dk registry, the authority is dk since the query is the intended target of the dk registry. What the server does with the information is up to the server. For a server serving only one registry, it might very well ignore this information. There is one more aspect to a client knowing its target authority, and that has to do with server authentication and TLS. If the server knows it is supposed to be connecting to dk but gets back a certificate for sitefinder.com, then it can pretty well assume that something went wrong even if the certificate is valid. And this type of check is not done for you by the TLS stack. -andy _______________________________________________ Crisp mailing list Crisp@ietf.org https://www1.ietf.org/mailman/listinfo/crisp
- Authority name (was: [Crisp] I-D ACTION:draft-iet… Robert Martin-Legene
- Re: Authority name (was: [Crisp] I-D ACTION:draft… Andrew Newton