To:
Derek Atkins <warlord@MIT.EDU>
cc:
Keith Moore <moore@cs.utk.edu>, Steve Hanna <steve.hanna@sun.com>, Simon Josefsson <simon+keydist@josefsson.org>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Mon, 14 Jan 2002 19:20:07 -0500
In-reply-to:
Your message of "14 Jan 2002 19:13:47 EST." <sjm6664qxms.fsf@kikki.mit.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: looking for draft volunteers
> > you need to make both SRV and A (or AAAA) queries after NAPTR. > > (or they can be returned as additional information). and you > > might have multiple levels of NAPTR record before you get > > referred to an SRV. > > Ok, then we do the multi-stage referral, and hope all stages are > signed. ;) actually, now that I think about it, validation of NAPTR could be very tricky. the reason is that with NAPTR records, the label of the record doesn't necessarily have to have anything to do with the name being referred - you could start out looking for keys for a resource name like http://www.ietf.org/foo/bar/ and end up having to get NAPTR records for completely unrelated domains (like http.uri.org) in order to know how to parse that resource name...and the domains to which you get referred to look up the actual keys (depending on the format of the resource name and how it's delegated) might have nothing at all to do with ietf.org. (this was actually considered a desirable feature for URN resolution - the party that defines a name and binds it to a resource, isn't necessarily the same one that provides the information about it - especially if a significant length of time has passed since the name was created and bound.) Keith