[Dance] comments on draft-ietf-dance-tls-clientid
Michael Richardson <mcr+ietf@sandelman.ca> Sun, 13 November 2022 09:40 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: dance@ietfa.amsl.com
Delivered-To: dance@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 317A1C14CEED for <dance@ietfa.amsl.com>; Sun, 13 Nov 2022 01:40:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b4cwUCFf1fKj for <dance@ietfa.amsl.com>; Sun, 13 Nov 2022 01:40:07 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00:e000:2bb::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FB45C14CEE8 for <dance@ietf.org>; Sun, 13 Nov 2022 01:40:06 -0800 (PST)
Received: from dyas.sandelman.ca (ip-185-104-137-32.ptr.icomera.net [185.104.137.32]) by relay.sandelman.ca (Postfix) with ESMTPS id 247F01F44D for <dance@ietf.org>; Sun, 13 Nov 2022 09:40:04 +0000 (UTC)
Received: by dyas.sandelman.ca (Postfix, from userid 1000) id 9657FA0B01; Sun, 13 Nov 2022 09:40:01 +0000 (GMT)
Received: from dyas (localhost [127.0.0.1]) by dyas.sandelman.ca (Postfix) with ESMTP id 9426BA0AF0 for <dance@ietf.org>; Sun, 13 Nov 2022 10:40:01 +0100 (CET)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: dance@ietf.org
X-Attribution: mcr
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sun, 13 Nov 2022 10:40:01 +0100
Message-ID: <766568.1668332401@dyas>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dance/rXTHc5jy8-278EHIBtd90bh9PC8>
Subject: [Dance] comments on draft-ietf-dance-tls-clientid
X-BeenThere: dance@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DANE Authentication for Network Clients Everywhere <dance.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dance>, <mailto:dance-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dance/>
List-Post: <mailto:dance@ietf.org>
List-Help: <mailto:dance-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dance>, <mailto:dance-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Nov 2022 09:40:08 -0000
Should this document be using RFC6066 for framing extensions, rather than 8446? } This extension supports both TLS [RFC5246] [RFC8446] and DTLS [RFC6347], } and the term TLS in this document is used generically to describe both } protocols. It probably supportes TLS 1.2,1.3 and beyond? It should probably reference the architecture document? } opaque ClientName<1..2^8-1>; The limit here of 255 bytes, which is aligned with the DNS limits but it might be good to explain why. What should a receiver do if it finds octets that are not legal in DNS? -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [Dance] comments on draft-ietf-dance-tls-clientid Michael Richardson