[dane] Document Action: 'Using Secure DNS to Associate Certificates with Domain Names For S/MIME' to Experimental RFC (draft-ietf-dane-smime-16.txt)

The IESG <iesg-secretary@ietf.org> Mon, 20 March 2017 18:23 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: dane@ietf.org
Delivered-To: dane@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 86344128D2E; Mon, 20 Mar 2017 11:23:58 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.47.2
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, dane-chairs@ietf.org, draft-ietf-dane-smime@ietf.org, dane@ietf.org, rfc-editor@rfc-editor.org, ogud@ogud.com, stephen.farrell@cs.tcd.ie
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <149003423854.25005.16070871053071588395.idtracker@ietfa.amsl.com>
Date: Mon, 20 Mar 2017 11:23:58 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/415Tm29h4OvHHwx4-gcJnBpdexs>
Subject: [dane] Document Action: 'Using Secure DNS to Associate Certificates with Domain Names For S/MIME' to Experimental RFC (draft-ietf-dane-smime-16.txt)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.22
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Mar 2017 18:23:59 -0000

The IESG has approved the following document:
- 'Using Secure DNS to Associate Certificates with Domain Names For
   S/MIME'
  (draft-ietf-dane-smime-16.txt) as Experimental RFC

This document is the product of the DNS-based Authentication of Named
Entities Working Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-dane-smime/




Technical Summary:

   This document proposes a method to publish and "locate" S/MIME keys
   via DNS. The goal of this approach is to make it easier to find
   S/MIME keys for email addresses.  The document reuses  a "method" from RFC7929 to
   convert email-address into a special normal form. that is limited but
   is expected to cover many cases. The S/MIME DNS record specified has 
   been allocated by an Expert Review.  

   While the method inherited from RFC7929 has some detractors, this is 
   an experimental document, and that should not block the publication. 

Working Group Summary:

The main issues that the WG has discussed are 
a) is it a good idea to publish email addresses in DNSSEC signed zone? 
b) is the role of the normalization from strictly a normalization or an
obfuscation as well? 
The consensus of the WG is that as the publication is by the zone owner
it is an opt-in policy, there is no requirement for adoption thus the
issue need to be addressed in the light of each organizations
polices, i.e this is not a protocol issue. 
 
There is working group consensus to advance this document.

During AD review, the WG confirmed that they are ok to proceed
even though the current IPR declaration (still!) says that licensing 
will be provided "later" 

Document Quality:

This document is of high quality, and editors have been real good 
at making the document better. 

This document stands on the shoulders of RFC 7929

Personnel:

Document Shepherd is Olafur Gudmundsson 
Responsible AD is Stephen Farrell