[Standards-JIG] wildcards in certs

Peter Saint-Andre stpeter at jabber.org
Tue Nov 21 22:55:34 UTC 2006


Matthias Wimmer wrote:
> Hi Peter!
> 
> Peter Saint-Andre schrieb:
>> Currently, wildcards are not allowed in the XMPP OID defined in RFC
>> 3920, but it seems they might be quite useful. What do people here think
>> about allowing them?
> 
> I don't think, that we need wildcards in id-on-xmppAddr, as I currently
> think that wildcards are only useful in xmppAddresses, that only consist
> of a domain (i.e. having no user and no resource).
> 
> I'd prefer to use the dNSName OID to be used for such wildcarded
> addresses. In my optinion id-on-xmppAddr should be limited to only
> contain valid XMPP addresses, and a wildcarded domain is no valid XMPP
> address.
> 
> Therefore I'd like to see wildcard support, but I am against using
> id-on-xmppAddr for this.

That makes sense. Someone told me recently that the dNSName could only
be used for HTTP domains but I don't see anything in the specs that
limits it. I need to check on that further.

Peter

-- 
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20061121/9b07b92f/attachment.bin>


More information about the Standards mailing list