Re: [Dance] New Version Notification for draft-latour-dns-and-digital-trust-00.txt
Michael Richardson <mcr@sandelman.ca> Tue, 02 May 2023 17:29 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: dance@ietfa.amsl.com
Delivered-To: dance@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44F74C13AE46 for <dance@ietfa.amsl.com>; Tue, 2 May 2023 10:29:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.396
X-Spam-Level:
X-Spam-Status: No, score=-4.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XoqRvxmwoPCB for <dance@ietfa.amsl.com>; Tue, 2 May 2023 10:29:39 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CF79C13AE57 for <dance@ietf.org>; Tue, 2 May 2023 10:29:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id DAA623898E; Tue, 2 May 2023 13:47:48 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id p2BuhLsuWp1i; Tue, 2 May 2023 13:47:48 -0400 (EDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:40a:34ff:fe10:f571]) by tuna.sandelman.ca (Postfix) with ESMTP id 0BB603898D; Tue, 2 May 2023 13:47:48 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1683049668; bh=Ge7mxJAZO2T5zhf8m5TE6GQFJkXvPHk3mt2sUu9B/80=; h=From:To:Subject:In-Reply-To:References:Date:From; b=xpjgIWd1XUCFDWwho76E35I+rhqdQC1d47PJDHmtQ4eEwi077mh+jrlNW4mzNWKA9 p0+cjgsbugJuqsOmFqd2mcatme2ZhqKLutqVix4yh9KFx8oUSQct+eZ7wckeJXc6oj eg6GUypPio2xKBB3ORD6RW127EwTgFlhyUYkfDwc/0RCIIqtwfHIP9+hhFX40+582h CzETxNEzcEHeH6S68kBbNedtmIWyBI4YGt2oi6MhTFQFFWWAYZAJ9KAK1KP5QZqa5M o6Zr4IGyrabr+kGimXhcQ/1SNE/Cv94bIlghC28fuFjwhSxll2FKVtFhERuPOR8Lsz nN4yKbg/8/yQw==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 924EE6D; Tue, 2 May 2023 13:29:30 -0400 (EDT)
From: Michael Richardson <mcr@sandelman.ca>
To: Jacques Latour <Jacques.Latour@cira.ca>, "dance@ietf.org" <dance@ietf.org>
In-Reply-To: <YT2P288MB0252CCBB232806E051E355508A9C9@YT2P288MB0252.CANP288.PROD.OUTLOOK.COM>
References: <YT2P288MB0252CCBB232806E051E355508A9C9@YT2P288MB0252.CANP288.PROD.OUTLOOK.COM>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Tue, 02 May 2023 13:29:30 -0400
Message-ID: <21240.1683048570@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dance/aMxknXZOi2FVIYxYOw2JD3en0dQ>
Subject: Re: [Dance] New Version Notification for draft-latour-dns-and-digital-trust-00.txt
X-BeenThere: dance@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DANE Authentication for Network Clients Everywhere <dance.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dance>, <mailto:dance-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dance/>
List-Post: <mailto:dance@ietf.org>
List-Help: <mailto:dance-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dance>, <mailto:dance-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 May 2023 17:29:43 -0000
I browsed your document, but I had difficulty understanding it's
applicability. In my experience with Verified Credentials, they are just not
useable to individuals without the use of a smartphone. Said smartphone has
no static IP address, so must use a mediator in order to go through
credential presentations, etc. Even if the smartphone did have a stable IPv6,
it probably doesn't have the battery power to be willing to be reachable at
all times. To date, I haven't found a reasonable business model for
operation of the mediator service(s) which are critical to this entire model.
I mention this because I don't understand how/why your example in section 4.2
would be interacted with. At first, I thought that I was going to interact
with it when I obtain a credential, but then I realized that was wrong.
If my university provides a credential attesting to my degree to me, I'm not
going to reach out to the university for this did; I think I already have it.
It would be the verifiers that might need this information.
But, when I do a credential presentation with some verifier, I would have
already provided them with the right links, or they would already have them.
I'm unclear how the privacy violating DNS lookup would help them with an
authorization decision.
Perhaps there is a better flow or example that could be used to explain this?
My observation from work in this area is that the "distributed ledgers" are
more of a liability than a feature, and that it would be a good thing if
"sovereign" entities could use the things they are already sovereign over,
namely their ccTLDs as anchors.
{I still think we did DNSSEC root wrong}
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [Dance] New Version Notification for draft-latour… Jacques Latour
- Re: [Dance] New Version Notification for draft-la… Michael Richardson
- Re: [Dance] [EXT] Re: New Version Notification fo… Jacques Latour