Re: Security requirements for identification

["Spencer Dawkins" <spencer@mcsr-labs.org>]

Dear Juan,

I'm also a little confused by the discussion, but I had assumed that
we had a service name and were using DNS SRV records, which also
include port numbers, etc. Not sure how a computer knows
www.google.com is HTTP - or how travel.yahoo.com is also HTTP, if
you're keying off the name...

But somebody can tell us what they REALLY meant now.

Spencer

----- Original Message ----- 
From: "Juan Rodriguez Hervella" <jrh@it.uc3m.es>
To: "Erik Nordmark" <Erik.Nordmark@sun.com>; <mbagnulo@ing.uc3m.es>
Cc: "Erik Nordmark" <Erik.Nordmark@sun.com>; "Pekka Nikander"
<pekka.nikander@nomadiclab.com>; "Multi6 WG" <multi6@ops.ietf.org>;
<hipsec@honor.trusecure.com>
Sent: Wednesday, October 01, 2003 5:03 AM
Subject: Re: Security requirements for identification

> Hello,
>
> I'm trying to follow this thread, which seems very interesting, but
I'm
> surprised with this statement. IMO when you make a DNS query
> you want to get the identifier of the end-point, to be able to start
> the communication. Although it's true that the name usually
> gives hints about the service, this isn't always true. If you
> need "www.google.com", you already know that the service will
> be "HTTP". You don't ask the DNS for the service, what you really
> need to know is the address of "google" to start the HTTP transfer.
>
> Don't you agree with this ?
>
> Cheers.
>
> -- 
> JFRH
>