Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey
Dave Crocker <dhc@dcrocker.net> Wed, 23 September 2015 15:36 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54A611A6FD1; Wed, 23 Sep 2015 08:36:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6KBx8IFR7gh; Wed, 23 Sep 2015 08:36:21 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 792CC1A700F; Wed, 23 Sep 2015 08:35:47 -0700 (PDT)
Received: from [192.168.1.87] (76-218-10-206.lightspeed.sntcca.sbcglobal.net [76.218.10.206]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id t8NFZkGB015898 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Wed, 23 Sep 2015 08:35:47 -0700
To: Sam Hartman <hartmans-ietf@mit.edu>, Randy Bush <randy@psg.com>
References: <20150921172109.19893.qmail@ary.lan> <alpine.LFD.2.20.1509211455150.420@bofh.nohats.ca> <m2pp19ztmu.wl%randy@psg.com> <20150923035731.GZ21942@mournblade.imrryr.org> <m21tdpy2oa.wl%randy@psg.com> <tslk2rhgnni.fsf@mit.edu>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
Message-ID: <5602C6CD.2050200@dcrocker.net>
Date: Wed, 23 Sep 2015 08:35:41 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <tslk2rhgnni.fsf@mit.edu>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Wed, 23 Sep 2015 08:35:47 -0700 (PDT)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/3YEV36nrkCoeewelm21ISnRMbSk>
Cc: ietf@ietf.org, dane@ietf.org
Subject: Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 15:36:22 -0000
On 9/23/2015 8:29 AM, Sam Hartman wrote: > I tend to agree with John and others who have > suggested the document should be more clear about its assumptions. Assumptions, models, details, etc., with operational and risk implications. The document has a number of places that need considerable elaboration of these. In the case of the trust model, the document is, apparently, introducing an entirely new 'model'. As has been noted, the challenge of local-part handling is another, surprisingly-basic component to the mechanism that needs careful -- and complete -- handling in the spec, if the spec is to be a full protocol specification. And so on. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
- Re: [dane] Summary of IETF LC for draft-ietf-dane… Viktor Dukhovni
- Re: [dane] PGP security models, was Summary of IE… John Levine
- Re: [dane] PGP security models, was Summary of IE… Paul Wouters
- Re: [dane] PGP security models, was Summary of IE… manning
- Re: [dane] PGP security models, was Summary of IE… manning
- Re: [dane] PGP security models, was Summary of IE… Scott Kitterman
- Re: [dane] PGP security models, was Summary of IE… John C Klensin
- Re: [dane] PGP security models, was Summary of IE… Joe Abley
- Re: [dane] PGP security models, was Summary of IE… Paul Wouters
- Re: [dane] provisioning assumptions, was PGP secu… John Levine
- Re: [dane] provisioning assumptions, was PGP secu… Paul Wouters
- Re: [dane] PGP security models, was Summary of IE… Randy Bush
- Re: [dane] PGP security models, was Summary of IE… Viktor Dukhovni
- Re: [dane] PGP security models, was Summary of IE… Randy Bush
- Re: [dane] PGP security models, was Summary of IE… Sam Hartman
- Re: [dane] PGP security models, was Summary of IE… Dave Crocker
- Re: [dane] PGP security models, was Summary of IE… Paul Wouters
- Re: [dane] PGP security models, was Summary of IE… Sam Hartman
- Re: [dane] PGP security models, was Summary of IE… Dave Crocker