Should host/domain names travel over the internet with a trailing dot?
Jay Ashworth
jra at baylink.com
Mon Feb 25 18:50:58 UTC 2013
----- Original Message -----
> From: "Jay Ashworth" <jra at baylink.com>
> > Who should implement the normalization logic? Not the SSL library,
> > certainly. That sounds like the bailiwick of the resolver library...
>
> No, in fact, I think this is layer... 3 or 4, not 2; this *should*
> be in the SSL library -- *you're not resolving this name*.
Or maybe even above that.
RFC 5246 seems the currently controlling spec, and neither it nor
the Wikipedia article on this:
https://en.wikipedia.org/wiki/Transport_Layer_Security
actually says *what the client is supposed to do with the Server Certificate*
which 7.4.2 says the server will send; appendix D.2 explicitly punts that
question "upstairs"... but I'm not sure exactly to where, as I don't know
in detail how HTTPS connections are generally set up.
I suspect, though, that at this point, it leaves NANOG's domain.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA #natog +1 727 647 1274
More information about the NANOG
mailing list