Open khuhtanen opened 1 year ago
We definitely should change the wording here. I just copied this text from RFC6614 and just changed the reference from the I-D to the RFC (So the "still under development" is also wrong)
I would also recommend going with a SHOULD
here.
But yet again, RFC 7585 is an experimental, so we would downref from a proposed standard to an experimental. (Is it maybe worth revising 7585 too?)
I'm fine with making support for 7585 a SHOULD (and to re-issue that one to avoid a downref).
SRV records have a well-defined prioritisation algorithm defined in the DNS specs. I don't see much need for specific wording for RADIUS use? If there is some, it would indeed be better placed in a 7585-bis. The document at hand is only for TLS context establishment, not about finding the preferred peer.
Both eduroam and OpenRoaming are and have been using DNS discovery in production. We could replace this with a stronger statement that implementations should support dynamic discovery?
@restena-sw What about that SRV record prioritisation? Should we discuss it in this draft or elsewhere? It is more of a DNS service discovery issue, but if affects how RADIUS over TLS connections are made?