IETF Logo Mail Archive

Re: [dane] Start of WGLC for draft-ietf-dane-openpgpkey - *please* review.

Brian Dickson <brian.peter.dickson@gmail.com> Sat, 21 February 2015 05:19 UTC

Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C017A1A1AFE for <dane@ietfa.amsl.com>; Fri, 20 Feb 2015 21:19:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kgmy-kF6AB9i for <dane@ietfa.amsl.com>; Fri, 20 Feb 2015 21:19:06 -0800 (PST)
Received: from mail-ie0-x22d.google.com (mail-ie0-x22d.google.com [IPv6:2607:f8b0:4001:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30D6B1A1AF9 for <DANE@ietf.org>; Fri, 20 Feb 2015 21:19:06 -0800 (PST)
Received: by iecar1 with SMTP id ar1so12818867iec.0 for <DANE@ietf.org>; Fri, 20 Feb 2015 21:19:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=mEQy0CZzxiuMXHJZB75z9lI6DrNNzD0X13rnU0UMb1E=; b=HDNgjuxEgjl+qZpOdfy5MzYvgvfnuTGfbwO8ZgDsejugWdooCfFnMohIrzRu4O5wgG AIK8rLV3N1sRFlswP1ersF/JtFaHcOB4+OiDTgd0ZgC9kQXdolbEA1pHNUllL1zkpb3L bIrnillRMpZlvUHZO0VrLNIQmwKTKucxRaqe+g35JweR3wqSgO+4kMX+kQiOjXBkjH/+ rV+xwPZOIm7I/qfgdMVH5NKOd3lH8b15LVvieTMxCtUonldnw4iFIx8cwQWXg/POyYlm Qkpb0F61yzLR6ZQlbWqrjvvmvAd5SzVpINAO23oQ96Bp47oyWgA6BV7AK923Pw8xUejl +Wsw==
MIME-Version: 1.0
X-Received: by 10.42.222.68 with SMTP id if4mr1430902icb.45.1424495945422; Fri, 20 Feb 2015 21:19:05 -0800 (PST)
Received: by 10.64.80.193 with HTTP; Fri, 20 Feb 2015 21:19:05 -0800 (PST)
In-Reply-To: <CAHw9_iJPuG23Aok7V_wcAMirua_DPDLHy01tnd+DaUqEeK3NZA@mail.gmail.com>
References: <CAHw9_iJPuG23Aok7V_wcAMirua_DPDLHy01tnd+DaUqEeK3NZA@mail.gmail.com>
Date: Fri, 20 Feb 2015 21:19:05 -0800
Message-ID: <CAH1iCir+z6QjPQkgjF+jhKM4=ZCXpsQYDWsJqHRJ=20mGHeX9w@mail.gmail.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
To: Warren Kumari <warren@kumari.net>
Content-Type: multipart/alternative; boundary="001a1133212ecfa19c050f924e35"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/AHvUdVveQycw5VNvAdGbt6QDLWw>
Cc: draft-ietf-dane-openpgpkey@tools.ietf.org, DANE-chairs <DANE-chairs@tools.ietf.org>, "<dane@ietf.org>" <DANE@ietf.org>
Subject: Re: [dane] Start of WGLC for draft-ietf-dane-openpgpkey - *please* review.
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Feb 2015 05:19:08 -0000

I have read the document. Modulo any other minor comments from other
reviewers, I think it is a fine document, and should be published.

Extremely minor comment:
In section 5.1, about email leaks, it may be worth additionally mentioning:
Use of distinct SALT values can further limit brute force efforts, even
where the same key is used.

Brian

On Fri, Feb 20, 2015 at 12:30 PM, Warren Kumari <warren@kumari.net> wrote:

> Dear DANE WG,
>
> The author of draft-ietf-dane-openpgpkey has indicated that he
> believes that the document is ready for Working Group Last Call.
> The draft is available here:
> https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/
>
> This document has been discussed a number of times, to jog your
> memory, here is one slidedeck:
> http://www.ietf.org/proceedings/89/slides/slides-89-dane-2.pdf
> Also, a cute trick: dig type61 $(echo -n pwouters| sha224sum | sed "s/
> .*$//")._openpgpkey.fedoraproject.org |grep TYPE61 | sed
> "s/^.*TYPE61.*\\\#[0-9]* //" | grep -v ";" | sed "s/ //g" | xxd -r -p
> | gpg --import --dry-run
>
>
> Please review this draft to see if you think it is ready for
> publication and send comments to the list, clearly stating your view.
>
> This WGLC ends Fri 06-Mar-2015.
>
>
>
> In addition, to satisfy RFC 6702 ("Promoting Compliance with
> Intellectual Property Rights (IPR)"):
> Are you personally aware of any IPR that applies to
> draft-ietf-dane-openpgpkey?  If so, has this IPR been disclosed in
> compliance with IETF IPR rules? (See RFCs 3979, 4879, 3669, and 5378
> for more details.)
>
> Thanks,
> Warren Kumari
> (as DANE WG co-chair)
>
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>    ---maf
>
> _______________________________________________
> dane mailing list
> dane@ietf.org
> https://www.ietf.org/mailman/listinfo/dane
>

v2.23.0 | Report a Bug | By Email