Generic Security Service Application Program Interface (GSS-API) Internationalization and Domain-Based Service Names and Name Type
RFC 5178
Discuss
Yes
No Objection
Note: This ballot was opened for revision 06 and is now closed.
Lars Eggert No Objection
(Ted Hardie; former steering group member) Discuss
draft-ietf-kitten-gssapi-domain-based-names says: An application protocol might use a simple DNS domainname, such as "example.com" for naming, while another it might use the DNS domainname of the SRV RRs it queries (e.g., "_tcp._foo.example.com"), and yet another may use something that does not resemble a DNS domainname. The example is wrong; it should be _foo._tcp.example.com to meet the SRV syntax. The same document gives the following as the syntax for domain based names: <service> '@' <domain> '@' <hostname> It dos not cite the documents from which these are imported. Given that the introduction notes that the domain name is not necessarily an internet domain name, a clear citation is critical. Either this document or the cited document must make clear whether characters outside the ASCII range will be processed according IDNA, and that clarity should extend to both domain and hostname portions. I assume that both do, but the reader should not have to assume. The document has RFC 4033 as a normative reference, but the single citation appears to be informative.
(Sam Hartman; former steering group member) (was Discuss, Yes, Discuss, Yes) Yes
(Bill Fenner; former steering group member) No Objection
(Brian Carpenter; former steering group member) No Objection
Nothing to be said about internationalized names?
(Chris Newman; former steering group member) (was Discuss) No Objection
(Cullen Jennings; former steering group member) No Objection
(Dan Romascanu; former steering group member) No Objection
(David Kessens; former steering group member) No Objection
(Jari Arkko; former steering group member) (was Discuss) No Objection
2. While you are updating the document for other reasons,
consider writing
domain-based-name :=
<service> '@' <domain> '@' <hostname>
in ABNF instead.
3. I agree with Ted that the spec needs to be clearer about
what specific syntax is meant by <service> and by the
other components. And i18n support or lack thereof
should be explicitly mentioned.
(Jon Peterson; former steering group member) No Objection
(Lisa Dusseault; former steering group member) No Objection
(Mark Townsley; former steering group member) No Objection
(Ross Callon; former steering group member) No Objection
(Russ Housley; former steering group member) No Objection
draft-ietf-kitten-krb5-gssapi-domain-based-names-03: The security considerations say: > > See [I-D.ietf-kitten-gssapi-domain-based-names]. > I would prefer an English sentence here. Perhaps: > > This specification does not intoduce an security considerations > beyond those discussed on [REF]. > This seems like a resonable way to go since draft-ietf-kitten-gssapi-domain-based-names is already a normative reference.