[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fqdn and trailing dot in IDs

To: ipsec@xxxxxxxxxxxxxxxxx
Subject: Re: fqdn and trailing dot in IDs
From: Paul Hoffman <paul.hoffman@xxxxxxxx>
Date: Tue, 14 Dec 1999 13:59:58 -0800
In-reply-to: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 12:10 PM 12/14/99 -0800, Ricky Charlet wrote:

Howdy ()

So when we use a FQDN as a name to Identify an endpoint, do we require
and/or enforce that the 'trailing dot' be applied?

I certainly hope not. To the best of my understanding, that's only used in DNS server configuration. You quote from RFC 1912, which is an informational RFC that is mostly about avoiding common errors in BIND. The errors it refers to deal with partial domain names. We don't have those in IPsec. If someone has an ID that is of type FQDN and its value is "frodo", it is an error. The "F" really means something here.

--Paul Hoffman, Director
--VPN Consortium

References:
- fqdn and trailing dot in IDs
  - From: Ricky Charlet

Prev by Date: Re: PGP keys in IKE
Next by Date: fqdn and trailing dot in IDs
Previous by thread: fqdn and trailing dot in IDs
Next by thread: fqdn and trailing dot in IDs
Index(es):
- Date
- Thread