[Acme] Re: IETF122 Time Slot Request for draft-li-acme-dns-update-00.txt
Michael Richardson <mcr+ietf@sandelman.ca> Fri, 28 February 2025 19:27 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: acme@mail2.ietf.org
Delivered-To: acme@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E3995403434 for <acme@mail2.ietf.org>; Fri, 28 Feb 2025 11:27:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.4
X-Spam-Level:
X-Spam-Status: No, score=-4.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BjLbN71S4V2Z for <acme@mail2.ietf.org>; Fri, 28 Feb 2025 11:27:38 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id F3DE6403420 for <acme@ietf.org>; Fri, 28 Feb 2025 11:27:37 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 9549C1800F for <acme@ietf.org>; Fri, 28 Feb 2025 14:27:37 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavis, port 10024) with LMTP id oBvBH1LKDU1s for <acme@ietf.org>; Fri, 28 Feb 2025 14:27:36 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1740770856; bh=INMsHEsh4ndEP/azwQAs3t4bNBySCz5jGEFAo4tHK4k=; h=From:To:Subject:In-Reply-To:References:Date:From; b=rHGPsxyFP7DXTsO5Ry5yyEMaaAkNu1Gz+Edx7lnSa9d3JaPqBT7FMgFFM1VZJLNw4 WrGSve2MslbCH4NdEvR7eWDc61bZpL4eF2k2J0RxcWEqAZpm+yBFlGwEDX6cn+v68g +U79l6+Jv2H3fiMuA9zzxqIRuni9XN71c+c336vYpML5gCXFBSmiXztBsCorRs8jOn Abc6WXpUWAC5EyiiBNBrK6YFnU0wZDru3p/3hw+ZYbuD1gjduz5lx93zDLrIk7xEd4 mcLN1+U4jCZHNgqAP1o7YV3RJ5ukbV0Jc0nxuT6YU9qQAdIK1DTZZYypgP6AuXGxAc XGlYMTGkFPW6Q==
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 1B6D81800C for <acme@ietf.org>; Fri, 28 Feb 2025 14:27:36 -0500 (EST)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 0A55731F for <acme@ietf.org>; Fri, 28 Feb 2025 14:27:36 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "acme@ietf.org" <acme@ietf.org>
In-Reply-To: <d14d5a993fd145a7ab78920af93fa278@huawei.com>
References: <d14d5a993fd145a7ab78920af93fa278@huawei.com>
X-Mailer: MH-E 8.6+git; nmh 1.8+dev; GNU Emacs 28.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0;<'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 28 Feb 2025 14:27:36 -0500
Message-ID: <7717.1740770856@obiwan.sandelman.ca>
Message-ID-Hash: XL26BQR63FSHBSJF6JIRRWVTSW6LYZD6
X-Message-ID-Hash: XL26BQR63FSHBSJF6JIRRWVTSW6LYZD6
X-MailFrom: mcr+ietf@sandelman.ca
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-acme.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Acme] Re: IETF122 Time Slot Request for draft-li-acme-dns-update-00.txt
List-Id: Automated Certificate Management Environment <acme.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/ZMxea7KODYwX9bIHZJkSboJ9R2U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Owner: <mailto:acme-owner@ietf.org>
List-Post: <mailto:acme@ietf.org>
List-Subscribe: <mailto:acme-join@ietf.org>
List-Unsubscribe: <mailto:acme-leave@ietf.org>
liruochen \(A\) <li.ruochen=40huawei.com@dmarc.ietf.org> wrote: > Dear ACME chairs, > We would like to request for a 5-10 min time slot at IETF122 to introduce our new draft. > Title: Secure DNS RR Update for ACME DNS Based Challenges > URL: https://datatracker.ietf.org/doc/draft-li-acme-dns-update/ > length: 5-10 min > Presenter: Li Ruochen I'm struggling to understand what this document standardizes other than saying, "Use RFC3007" Perhaps if it's making some operational statement, then it's some kind of BCP. It seems that it's just adding a layer of indirection via the OAM. It would be different storey if what was proposed was a new YANG module to configure the TSIG/SIG(0) update key. SIG(0) is way better to use, although it's been harder for people to configure. I'd want to go even further and define a cloud-init method to configure these keys. That's not an IETF responsability, but worth describing. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Acme] IETF122 Time Slot Request for draft-li-acm… liruochen (A)
- [Acme] Re: IETF122 Time Slot Request for draft-li… Michael Richardson
- [Acme] Re: IETF122 Time Slot Request for draft-li… liruochen (A)
- [Acme] Re: IETF122 Time Slot Request for draft-li… Michael Richardson