IETF Logo Mail Archive

[dane] AD review of draft-ietf-dane-openpgpkey-03

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 03 June 2015 20:41 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F005A1A8958 for <dane@ietfa.amsl.com>; Wed, 3 Jun 2015 13:41:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FIbF7NZ10wq9 for <dane@ietfa.amsl.com>; Wed, 3 Jun 2015 13:41:11 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D15C1A8860 for <dane@ietf.org>; Wed, 3 Jun 2015 13:41:11 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 2736BBF09 for <dane@ietf.org>; Wed, 3 Jun 2015 21:41:10 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qWCGUQadPSGd for <dane@ietf.org>; Wed, 3 Jun 2015 21:41:08 +0100 (IST)
Received: from [10.87.48.73] (unknown [86.46.31.250]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id C0BA3BF08 for <dane@ietf.org>; Wed, 3 Jun 2015 21:41:08 +0100 (IST)
Message-ID: <556F6664.8020800@cs.tcd.ie>
Date: Wed, 03 Jun 2015 21:41:08 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: dane <dane@ietf.org>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/-BVzGER4tA2IqFVNXMg8YRVdWZ0>
Subject: [dane] AD review of draft-ietf-dane-openpgpkey-03
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 20:41:13 -0000

Hiya,

I've done my AD review of this one too. In this case I do
have a few questions I'd like to chat about before starting
IETF LC, four of 'em actually;-) But they should be quickly
dealt with.

And of course I've a bunch of nitty comments too, below,
but those can just be handled as last call comments.

Cheers,
S.

Stuff I'd like to chat about before starting IETF LC:

(1) Given the email-addr-in-DNS issues with this, would
this not be better as experimental? I think the WG did
consider that, but I forget, and in any case even if you
did, I want to ask again, to be sure to be sure:-) My
concern is that we not end up arguing against other
folks who may want to standardise some form(s) of key
server on the basis that this is *the* standard way to
do it. One way to handle that would be for this to be
experimental and for us to see if it gets deployed or
not. Another could be to just say in the text that this
proposed standard is one way of distributing keys, but
that others can be equally valid.

(2) The intro is very wordy. It could really lose the
editorialising generally. (Various examples below.)
Is that fair comment? Are the opinionated bits really
needed in the RFC?

(3) Can you briefly convince me that sections 2.1 and
2.2 are sufficient to write interoperable code.  Section
5.5.1.1 of 4880 does not seem to be the right place at
which to point for that, to me. But I've not implemented
PGP so I may be wrong.

(4) 6.2 still refers to sha-224, which is wrong now
isn't it?


---- detailed comments/nits/etc.

- intro: HKP needs a reference

- intro: "Worse, ..." the value judgement isn't needed.
Say (exactly) why it's worse or say nothing. And the
IETF does not have consensus that TOFU is "worse" unless
you say what it is "worse" than.

- intro: "have no method" - how do you know? It could be
they make no claims of validating things but that they
do internal stuff, who knows.

- intro: lack of secure lookup does not "prevent"
encryption, that's just wrong. I send encrypted mail all
the time without that.

- intro: "forcing...unencrypted" is also wrong given
S/MIME - while this is about PGP, please don't deny
reality.

- intro: "This document describes..." - you could delete
almost all the text before this para. And some after
it;-)

- intro: "Trust Signature model" needs a reference

- intro: "otherwise have to be" is false (same as above)

- Appendix A: This would be much better work a worked
example, incl. a public key one could import to
re-generate the outputs required.

- section 3: do you really need 28 octets? wouldn't
fewer be good enough and not risk collisions? Just
wondering.

- 4.2 - that MUST fail if local/DNS differ is a shame.
Did the WG consider adding a label or key version to the
RR that might allow for some update cases to work?

- section 5: is "recommended" there meant as a 2119
thing? If so, it's usually better in uppercase.

- 6.2 - in theory using the mail author's email address
might not mean publishing that I guess. But your text is
fine as-is, just noting that possibility.

- 6.3 - what if an application has no user? Does this
section apply then?

v2.23.0 | Report a Bug | By Email