Re: [dane] Deployment focus? Re: IETF 85 - meet or not to meet?

Dan York <dan-ietf@danyork.org> Tue, 02 October 2012 19:35 UTC

Return-Path: <dan-ietf@danyork.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7440821F856C for <dane@ietfa.amsl.com>; Tue, 2 Oct 2012 12:35:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.488
X-Spam-Level:
X-Spam-Status: No, score=-2.488 tagged_above=-999 required=5 tests=[AWL=0.510, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_57=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4jLv4a3BytKI for <dane@ietfa.amsl.com>; Tue, 2 Oct 2012 12:35:02 -0700 (PDT)
Received: from mail-qa0-f44.google.com (mail-qa0-f44.google.com [209.85.216.44]) by ietfa.amsl.com (Postfix) with ESMTP id F327321F8570 for <dane@ietf.org>; Tue, 2 Oct 2012 12:35:01 -0700 (PDT)
Received: by mail-qa0-f44.google.com with SMTP id 25so1006974qao.10 for <dane@ietf.org>; Tue, 02 Oct 2012 12:35:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=Az7bfH1rHWlTG5jPOVimfXHx88BZit2sBSKEFcwazvM=; b=bI31uda0LbIBgVkX3tJOHBfzU3UJrCh+7cC5dsI2394PjUnS3ZLDnJ0Ails6SWtOz/ zC2AqExc+isQByt8iA+vBq4lBp69xiZXqz5Om8XBnmc7n5BKfQANavIkPbh2vfCYN6fC BJ8cSRwzchy92GcTzRwjfPO29rDsoOk1nEJvokR0GM3l8g9D1pEizmKYlcIxG+ZK9vvv jquNDRoZkuB+wm5FqmFQ/y5LX24B87Xghfsq6E4/DyAtI2YffLmdXBOAzX0qJytCdo4N 6PyGmuYvUejSUnsD6BabgHsht/yR8w60Pevx0uqcHorApeg40e14DfneD1xHlQxTrxLJ FfbA==
Received: by 10.49.132.38 with SMTP id or6mr7240388qeb.26.1349206501373; Tue, 02 Oct 2012 12:35:01 -0700 (PDT)
Received: from [172.20.12.152] (cpe-74-75-92-114.maine.res.rr.com. [74.75.92.114]) by mx.google.com with ESMTPS id ck11sm2198935qab.17.2012.10.02.12.34.59 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 02 Oct 2012 12:35:00 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_9B59F277-21BA-446E-ABD9-D5B37AF95212"
From: Dan York <dan-ietf@danyork.org>
In-Reply-To: <2931E1FC-20D3-4045-9146-368D3AC9D989@vpnc.org>
Date: Tue, 02 Oct 2012 15:34:57 -0400
Message-Id: <E10582EC-9BFC-46D7-973F-15CDF45AC89B@danyork.org>
References: <BD9F1901-911A-49EB-9390-B18D8A9D0B30@nic.cz> <FBCB9053-91C3-4EBC-874E-97067A922E49@nic.cz> <C73CE37F-C34D-4824-AF11-D03F14AE3015@kumari.net> <15ED757A-9B2F-45CD-A1B6-0A0C8DFC2397@danyork.org> <76960946-F768-422B-A76A-17D951D29C8C@vpnc.org> <F18CD53D-8F98-409F-881C-EC56824931C4@danyork.org> <2931E1FC-20D3-4045-9146-368D3AC9D989@vpnc.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlcMjqOj24cRv8IjwNh15Io8NsSnGROjnqmIxdPPqJHSdSmrUXuQgOud2Ayr39tofjIMdnN
Cc: dane WG list <dane@ietf.org>
Subject: Re: [dane] Deployment focus? Re: IETF 85 - meet or not to meet?
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2012 19:35:03 -0000

Paul,

On Oct 1, 2012, at 11:52 AM, Paul Hoffman wrote:

> On Oct 1, 2012, at 8:07 AM, Dan York <dan-ietf@danyork.org> wrote:
> 
>> Certainly ISOC *could* hold a meeting to discuss how to get DANE more widely deployed ... and the people that would need to be at that meeting would be, well, probably pretty much many of the people who would be at the DANE working group meeting at IETF! 
> 
> We fully disagree there. Protocol developers are often not protocol deployers. For example, I do not contribute to DNS server or DNS admin projects; the same would be true for the large majority of the people who contributed ideas and comments to the DANE protocol.
> 
> ISOC could pull together a meeting of such protocol deployers, as well as enterprises who might find DANE useful, and I suspect the overlap between people at that meeting and the last DANE WG meeting would be very small.

Sigh... I will have to confess that you are probably on target here, particularly as no one else has chimed in on this general thread in the last 24 hours. 

And thus we continue with the challenge that we in the IETF typically define something as "done" when "the protocol is defined" and not when "people can actually use the protocol".  

Here we have this truly awesome piece of work, DANE, and here it will linger in limbo until eventually maybe someday someone somewhere can implement it in some fashion that some people can use in some way.

Certainly I can - and will - do everything I can both personally and within ISOC's various means to get people talking about DANE and moving toward deployment.  Within the Deploy360 Programme, we've been talking to a good number of people about how to advance the advocacy and promotion of DNSSEC... and we have been planning to incorporate DANE into that effort.  But as much as we can do, we're still one organization - or even a group of organizations and companies.  We need many more people involved.

I know you may not think of yourself as a "protocol deployer", Paul, but I would argue that we do need everyone on this list thinking about how we can get DANE deployed.

DANE is far too awesome - and far too powerful - to let it linger in limbo.

My 2 cents,
Dan

-- 
Dan York  dyork@lodestar2.com
http://www.danyork.me/   skype:danyork
Phone: +1-802-735-1624
Twitter - http://twitter.com/danyork