[161019] in North American Network Operators' Group
Re: looking for terminology recommendations concerning non-rooted
daemon@ATHENA.MIT.EDU (Joe Abley)
Fri Feb 22 13:07:54 2013
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <20130222180149.GL455@dyn.com>
Date: Fri, 22 Feb 2013 14:07:40 -0400
To: Andrew Sullivan <asullivan@dyn.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2013-02-22, at 14:01, Andrew Sullivan <asullivan@dyn.com> wrote:
> On Fri, Feb 22, 2013 at 04:57:42PM +1100, Mark Andrews wrote:
>>=20
>> RFC 952 as modified by RFC 1123 describe the legal syntax of a =
hostname.
>> There is no trailing period.
>=20
> Mark is of course correct about this, but it doesn't fully help.
>=20
> The basic problem is (as always) the confusion about the difference
> between a hostname and a fully-qualified domain name, which so happens
> to be also a hostname.
Actually, I think the problem is the confusion between a label string =
terminated in a dot (to indicate that no search domain should be =
appended) and a label string not so-terminated (which might mean that a =
search domain is attempted, depending on local configuration).
There is no simple terminology to distinguish between the two cases that =
I am aware of.
I think the original question's context was how to format a CN in a CSR. =
I believe the most useful answer is "single CN, fully-qualified domain =
name with no trailing dot".
The terminology "root zone" or "root domain" to explain the trailing dot =
is misleading and unhelpful, I find.
Joe
