[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: FW: draft-ietf-ldapext-ldapv3-tls-03.txt
paulle@microsoft.com said:
> How about calling the name used to open the LDAP connection the
> "target name" or something in order to avoid this confusion? And maybe
> words about CNAME and SRV records (and MX too, if it is possible that
> this model would be used in a mail delivery protocol context) to
> clarify even further?
I think these are reasonable suggestions. I think we need to discuss this
"server identity check" stuff overall and come up with language that is
generally used by TLS-enabled apps protocols. The nominal list to do that on
is ietf-apps-tls@imc.org. I'll send a msg there, but it'll be a few days (or
next week) as I have higher-priority stuff on my plate right now.
Also, we need to decide whether ldapext-ldapv3-tls-03 is still the doc which
passed WG Last Call, or whether we need to officially do another WG Last Call
on it.
If we were to make changes to section 4.6 like you suggest and/or the possible
ones I noted in the announcement msg (i.e. matching more closely the language
from draft-ietf-tls-https-01.txt), I'd say that yes, we should do another WG
Last Call.
Jeff