[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: fqdn and trailing dot in IDs
At 12:10 PM 12/14/99 -0800, Ricky Charlet wrote:
>Howdy ()
>
> So when we use a FQDN as a name to Identify an endpoint, do we
> require
>and/or enforce that the 'trailing dot' be applied?
I certainly hope not. To the best of my understanding, that's only used in
DNS server configuration. You quote from RFC 1912, which is an
informational RFC that is mostly about avoiding common errors in BIND. The
errors it refers to deal with partial domain names. We don't have those in
IPsec. If someone has an ID that is of type FQDN and its value is "frodo",
it is an error. The "F" really means something here.
--Paul Hoffman, Director
--VPN Consortium
References: