[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IPSECKEY] new draft revision (00b)



At Sun, 06 Apr 2003 22:50:24 -0400, Michael Richardson wrote:
> 
>     mundsson> There is no problem having a tag field that explains how to
>     mundsson> interpret the domain name if that is more palatable.
>     mundsson> Something like:
>     mundsson>          gateway type    domain name
>     mundsson>          1               sentry.foo.example.     # FQDN
>     mundsson>          2               123.93.123.98           # IP4
>     mundsson>          3               2008.:efc::500          # IP6
> 
>   Here, I think that "123.93.123.98" is a string, correct?

I thought Olafur was proposing to encode an IP address as a DNS name.

>   Are we abandoning wire-encoding for that gateway field then?
> (Or do we encode v4 as 4 components, and a v6 address as a single one?)
> 
>   There may be space for 2 bits in the algorithm field if someone feels we
> should conserve a byte.

I don't think anybody thinks that one byte is the issue.

The issue is that Olafur's proposed encoding is not what one might
expect from the way that other RR types that carry DNS names or IP
addresses around are laid out.  To me (with my chair hat off), the
"obvious" solution is what I listed earlier as option #3: a one byte
gateway type field, followed by either an FQDN or an adress, using the
same wire encodings for FQDNs and addresses that we use elsewhere in
the protocol (see the RDATA descriptions for PTR, A, and AAAA RRs).

I don't really care about this for its own sake (ie, I'm not trying to
hold up the WG effort because I think we need to have pretty packets),
but I do think that if we violate the Principal of Least Astonishment
without documenting a plausable reason for doing so, it'll just end up
getting the doc bounced back to us, which will take more time in the
long run.  So I'm trying to force the issue now by asking implementors
whether or not there's a case for Olafur's proposd encoding, so that
we can put that case into the doc if it exists, or switch to the least
astonishing encoding if the case for Olafur's encoding doesn't exist.
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.