Re: Last Call: Discovering LDAP Services with DNS to Proposed Standard

[Patrik Fältström <paf@cisco.com>]

--On 2002-02-08 15.34 -0500 Lawrence Greenfield <leg+@andrew.cmu.edu> wrote:

>    Yes, the user is asking for "example.net" services in all cases!
>    It is presumed that services under a particular domain are under
>    the administrative control of the domain owner.
> 
> That's unfortunate.  Large organizations exist.  Compromising a single
> service shouldn't compromise all services for a domain.

2 things:

- This problem exists with all services which uses TLS, for example HTTP.
- You don't have to cc IESG on your discussions on how to solve the
problem. Personally, I think Kurt is 100% correct in his view of the
problem.

I have now removed IESG from the recipient list.

    paf, co-Area Director, Applications Area