[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item

To: Bernard Aboba <bernard_aboba@hotmail.com>
Subject: Re: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
From: Stefan Winter <stefan.winter@restena.lu>
Date: Wed, 08 Jul 2009 10:22:08 +0200
Cc: Alan DeKok <aland@deployingradius.com>, "radiusext@ops.ietf.org" <radiusext@ops.ietf.org>
In-reply-to: <BLU137-W294F39DC9AE9BC691AF7D93280@phx.gbl>
References: <BLU137-W5CB663739E104C4D04493936F0@phx.gbl> <4A320A94.10105@deployingradius.com> <4A48B326.6060204@restena.lu> <4A48B580.50400@deployingradius.com> <BLU137-W294F39DC9AE9BC691AF7D93280@phx.gbl>
User-agent: Thunderbird 2.0.0.19 (X11/20081227)

Hello,

> > Sounds good to me. The mangling would be: find first @ in User-Name,
> > chop off behind @, toss remainder to DNS library and hope for an answer.
> > Is that what you had in mind?
>
> It is a bit more complicated than that.  See:
> http://www.ietf.org/internet-drafts/draft-iab-idn-encoding-00.txt

Thanks! An interesting read indeed!

Apart from finally having a black-on-white confirmation that I am naïve
[or naive?], it showed that

- Alan's recommendation to keep punycode mangling out of the RADIUS
application-layer processing and moving it to "the library" was a step
in the right direction
- my wording in -00 wasn't good enough to fully implement the IAB's
recommendation: it still leaves the question of private (possibly
$ANY_ENCODING) vs. public (ASCII + punycode) namespaces and/or a mixture
of the two (plus /etc/hosts resolution etc...).

I am thinking of modifying the algorithm, purging

"4. Generate R' = ( DNS library transformation of R to an FQDN in punycode)"

and writing

"6.   Using the host's name resolution library, perform a NAPTR query for service "AAAS+RADSECT" for R"


which leaves it to the host configuration in which order, encoding,
postfixing with domain names etc. the conversion is done.

That leaves a bit of space for surprises when the server's library does
different conversions than a client's, but I tend to think that host
software configuration issues are out of the scope of this document.

Does that sound like a way out?

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
  - From: Bernard Aboba <bernard_aboba@hotmail.com>
- Re: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
  - From: Alan DeKok <aland@deployingradius.com>
- Re: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
  - From: Stefan Winter <stefan.winter@restena.lu>
- Re: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
  - From: Alan DeKok <aland@deployingradius.com>
- RE: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
  - From: Bernard Aboba <bernard_aboba@hotmail.com>

Prev by Date: RE: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
Next by Date: IETF 75 RADEXT WG Agenda - Take Two
Previous by thread: RE: REMINDER: Call for review of the "NAI-based Peer Discovery" document for acceptance as a RADEXT WG work item
Next by thread: Draft Minutes of IETF 74 RADEXT WG meeting
Index(es):
- Date
- Thread