[Dance] Re: AD review of draft-ietf-dance-tls-clientid-06
Paul Wouters <paul@nohats.ca> Mon, 15 September 2025 01:58 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: dance@mail2.ietf.org
Delivered-To: dance@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id F030962AF30E for <dance@mail2.ietf.org>; Sun, 14 Sep 2025 18:58:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wB0rmxCMFoRK for <dance@mail2.ietf.org>; Sun, 14 Sep 2025 18:58:59 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.85]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 3135562AF304 for <dance@ietf.org>; Sun, 14 Sep 2025 18:58:59 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4cQ7Vf68ynz24F; Mon, 15 Sep 2025 03:58:50 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1757901530; bh=23wN75yYANumYkWxQMtMVLE4lJcIMV5gnH8HHyA7xgY=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=jiOprx1tIjIjoVD2noJ2JIezCoJOIqDKj/UMtZLBOMiwtFFo3jadvFJUJOlD2BUBv fWvzFTDsMBf4nPwSPcQebmDS/7T/LlTIuB2ftCsHjuF8CLzx657Kv/KgEFVzoZNuXy PIH6pqlBQMRRp+kPc5fSdICw3p/JeA0rbhxSOhKI=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id oD7s1huOzFut; Mon, 15 Sep 2025 03:58:49 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 15 Sep 2025 03:58:49 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id D1E1A168E828; Sun, 14 Sep 2025 21:58:48 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id D0C02168E827; Sun, 14 Sep 2025 21:58:48 -0400 (EDT)
Date: Sun, 14 Sep 2025 21:58:48 -0400
From: Paul Wouters <paul@nohats.ca>
To: Shumon Huque <shuque@gmail.com>
In-Reply-To: <CAHPuVdXmcmeP=rSJBG+vDp=ypVcy9gE47wFnB42i4XokQUafCw@mail.gmail.com>
Message-ID: <8b3a717c-fb38-b358-49fb-bf2aba4d1777@nohats.ca>
References: <CAGL5yWYTqh+uZU4udTOEPSbw9852EyqH7_hPgKeOsy-eG+G0ew@mail.gmail.com> <CAHPuVdXmcmeP=rSJBG+vDp=ypVcy9gE47wFnB42i4XokQUafCw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: 6R7VW6XFOJLKCNMK5V73X4UHSL4QZPFP
X-Message-ID-Hash: 6R7VW6XFOJLKCNMK5V73X4UHSL4QZPFP
X-MailFrom: paul@nohats.ca
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dance@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Dance] Re: AD review of draft-ietf-dance-tls-clientid-06
List-Id: DANE Authentication for Network Clients Everywhere <dance.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dance/IXTMSXOL2uXrsMW93LdCHgpX49k>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dance>
List-Help: <mailto:dance-request@ietf.org?subject=help>
List-Owner: <mailto:dance-owner@ietf.org>
List-Post: <mailto:dance@ietf.org>
List-Subscribe: <mailto:dance-join@ietf.org>
List-Unsubscribe: <mailto:dance-leave@ietf.org>
On Sun, 14 Sep 2025, Shumon Huque wrote: > This is not a complete IANA registration request. It needs to specify: > > Value Extension Name TLS 1.3 DTLS-Only Recommended Reference > <tbd> dane_clientid EE,CR (I think?) N N [this doc] > > > Thanks Paul, > > Here's my proposed rewrite of that section: > > IANA is requested to create the following entry in the "TLS ExtensionTypes Values" registry: > > Extension Name "dane_clientid" with value TBD, "TLS 1.3" column values set to "CR, CT", "DTLS-Only" column set to "N", and "Recommended" column set to "N". > The "TLS1.3" columns indicate the 2 protocol structures in TLS 1.3 that this extension can appear in (Certificate Request and Certificate messages). Ok. The DE's will confirm these anyway. > Regarding the "Recommended" column, is your reasoning for "No" that this extension has limited applicability, or is only intended for specific cases (which are > valid reasons for 'N')? Otherwise, extensions going through the IETF standards action seem to be eligible for 'Y'. > (per https://www.rfc-editor.org/rfc/rfc8447#section-5) > > I'm fine with 'N', but I just want to confirm the reason. You cannot really use recommended is Yes when requiring DNSSEC of some kind. That would surely cause an invasion of the TLS WG during IETF LC and/or IESG Telechat :) I think also because it is not a generic extension but a very specific feature thing. > I prefer not using the term "apriori" for those not speaking Latin or English natively. > > > Ok. I propose to change this to "beforehand". > > I will queue up these updates shortly. Thanks! Paul
- [Dance] AD review of draft-ietf-dance-tls-clienti… Paul Wouters
- [Dance] Re: AD review of draft-ietf-dance-tls-cli… Shumon Huque
- [Dance] Re: AD review of draft-ietf-dance-tls-cli… Paul Wouters
- [Dance] Re: AD review of draft-ietf-dance-tls-cli… Shumon Huque
- [Dance] Re: AD review of draft-ietf-dance-tls-cli… Wes Hardaker