Re: [dane] Call for Adoption: draft-hoffman-dane-smime.

Miek Gieben <miek@miek.nl> Mon, 24 September 2012 14:27 UTC

Return-Path: <miekg@atoom.net>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00FA421F87B5 for <dane@ietfa.amsl.com>; Mon, 24 Sep 2012 07:27:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.479
X-Spam-Level:
X-Spam-Status: No, score=-2.479 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7G3wgVPkyaK2 for <dane@ietfa.amsl.com>; Mon, 24 Sep 2012 07:27:35 -0700 (PDT)
Received: from elektron.atoom.net (elektron.atoom.net [85.223.71.124]) by ietfa.amsl.com (Postfix) with ESMTP id 19A6721F8699 for <dane@ietf.org>; Mon, 24 Sep 2012 07:27:35 -0700 (PDT)
Received: by elektron.atoom.net (Postfix, from userid 1000) id E476D3FFE7; Mon, 24 Sep 2012 16:27:32 +0200 (CEST)
Date: Mon, 24 Sep 2012 16:27:32 +0200
From: Miek Gieben <miek@miek.nl>
To: dane@ietf.org
Message-ID: <20120924142732.GB9495@miek.nl>
Mail-Followup-To: dane@ietf.org
References: <BCDB44B9-6AB0-4230-B1EF-FDDB37C77F38@kumari.net> <357AB2FD-DF7E-49EC-B3D6-D0F6BC20A79F@kumari.net> <C93F9961257B4ADFA226AD8C89290362@bbn.com> <20120924134925.GA9495@miek.nl> <F98183AFDDFD449982489E5D3AB81534@bbn.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="i0/AhcQY5QxfSsSZ"
Content-Disposition: inline
In-Reply-To: <F98183AFDDFD449982489E5D3AB81534@bbn.com>
User-Agent: Vim/Mutt/Linux
X-Home: http://www.miek.nl
Subject: Re: [dane] Call for Adoption: draft-hoffman-dane-smime.
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Sep 2012 14:27:36 -0000

[ Quoting <rbarnes@bbn.com> in "Re: [dane] Call for Adoption: draft..." ]
> New RRs are not *that* cheap.  Yes, servers and resolvers usually do let you
> provision arbitrary RR types by number, but that's not nearly as nice as having
> a real syntax, which takes time to develop and deploy.  If you've got TLSA and
> you just need people to look for it in a different place, why bother going to
> the effort of making everyone support a new type?

Fair enough. Looking back in the -00 there is even:

2.2.  Format of the Resource Record

   [[ This will be the same as for TLSA because there is no reason for
   the two to diverge.  Lots of text lifted from the TLSA document. ]]

Which would further proof your point about reusing TLSA. 

But what about other SSL-like protocols (if/when they are defined for DANE
use). Should they also re-use TLSA or always use a prefix label? It would
be nice to get some kind of constency, either they *all* use TLSA or they
*all* use a prefix label.

 Regards,

-- 
    Miek Gieben                                                   http://miek.nl