Re: [Dance] Benjamin Kaduk's Yes on charter-ietf-dance-00-01: (with COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Fri, 10 September 2021 03:46 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: dance@ietfa.amsl.com
Delivered-To: dance@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 1C3473A169F;
Thu, 9 Sep 2021 20:46:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level:
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.399, SPF_HELO_NONE=0.001,
SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id nG0qbZTjQeBE; Thu, 9 Sep 2021 20:46:27 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 12E873A169E;
Thu, 9 Sep 2021 20:46:26 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56)
(User authenticated as kaduk@ATHENA.MIT.EDU)
by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 18A3kBmK003053
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
Thu, 9 Sep 2021 23:46:17 -0400
Date: Thu, 9 Sep 2021 20:46:11 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Wes Hardaker <wjhns1@hardakers.net>
Cc: Benjamin Kaduk via Datatracker <noreply@ietf.org>,
The IESG <iesg@ietf.org>, dance-chairs@ietf.org, dance@ietf.org
Message-ID: <20210910034611.GD96301@kduck.mit.edu>
References: <163112194505.829.5232324669652141364@ietfa.amsl.com>
<yblv93bc6tb.fsf@w7.hardakers.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <yblv93bc6tb.fsf@w7.hardakers.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dance/t5aSjSQXUgV2QdlWDID3OnT9-PA>
Subject: Re: [Dance] Benjamin Kaduk's Yes on charter-ietf-dance-00-01: (with
COMMENT)
X-BeenThere: dance@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DANE Authentication for Network Clients Everywhere <dance.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dance>,
<mailto:dance-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dance/>
List-Post: <mailto:dance@ietf.org>
List-Help: <mailto:dance-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dance>,
<mailto:dance-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Sep 2021 03:46:33 -0000
On Wed, Sep 08, 2021 at 10:31:44AM -0700, Wes Hardaker wrote: > Benjamin Kaduk via Datatracker <noreply@ietf.org> writes: > > > "shared PKI root of trust" seems to imply that both parties have > > credentials that chain up to the same root of trust (or at least that > > the level of trust in the root is shared between parties), which need > > not be the case. In principle the parties can use credentials anchored > > at different roots of trust, so long as the verifier is willing to use > > the corresponding root of trust for this purpose. So we might say > > instead "and a root of trust deemed valid by the entity validating the > > authenticated identity". Or we could ignore it, and try to not be > > overly pedantic. > > Although that's a very valid point, I'd argue we should aim for more > readable over perfect and I'm personally thinking we should leave the > existing, easier to understand, language in place. Right, that's why I put the "overly pedantic" in "overly pedantic nits" :) -Ben
- [Dance] Benjamin Kaduk's Yes on charter-ietf-danc… Benjamin Kaduk via Datatracker
- Re: [Dance] Benjamin Kaduk's Yes on charter-ietf-… Wes Hardaker
- Re: [Dance] Benjamin Kaduk's Yes on charter-ietf-… Benjamin Kaduk