IETF Logo Mail Archive

Re: [dane] namespace management, DANE Client Authentication draft updated

"Wiley, Glen" <gwiley@verisign.com> Wed, 13 January 2016 14:41 UTC

Return-Path: <gwiley@verisign.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A8641B2E5F for <dane@ietfa.amsl.com>; Wed, 13 Jan 2016 06:41:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B79yOYCSxeMV for <dane@ietfa.amsl.com>; Wed, 13 Jan 2016 06:41:17 -0800 (PST)
Received: from mail-oi0-x263.google.com (mail-oi0-x263.google.com [IPv6:2607:f8b0:4003:c06::263]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8E021B2E40 for <dane@ietf.org>; Wed, 13 Jan 2016 06:41:17 -0800 (PST)
Received: by mail-oi0-x263.google.com with SMTP id w75so6591143oie.0 for <dane@ietf.org>; Wed, 13 Jan 2016 06:41:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verisign-com.20150623.gappssmtp.com; s=20150623; h=from:to:subject:thread-topic:thread-index:date:message-id :references:in-reply-to:accept-language:content-language:user-agent :content-type:content-id:content-transfer-encoding:mime-version; bh=GwlHJ17hb423REhnjl54KvV022xfRyu2fM1JljSdbVE=; b=m3fbmbozS3TLKnxTL3FB3qU7hmVRF4sW1xgNCZqC4H/TnY9dzC5kJsxRSViRJt8XFN yJb35x8qjWj1AwueV2EItmKC3+bvIkpZ+5rRhj8UTOXVJaDQes2BpD5totOfmsgtLWeg hkJVDNnOutrqkfnBcI+erC+HDLQCkgqijcRc3uICdp4EmfTNwifo5/NrNBqT14K42l+F LnYBVZXvj0JLTLDYHgdaKLxQA0VI2qBIGn+0uMWfj1LrAbb9YJyko2CTqOs5i2o53UaC ragCT7BMZn/YonOuSDHyWC6f42iWbZIKaFVi28ayp1NUAXGFiktnWik8YmiaKGPvTiaJ WJOw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:thread-topic:thread-index:date :message-id:references:in-reply-to:accept-language:content-language :user-agent:content-type:content-id:content-transfer-encoding :mime-version; bh=GwlHJ17hb423REhnjl54KvV022xfRyu2fM1JljSdbVE=; b=OgE1ZBSKtFudlHDRQPzjwppa6flqIaFLftqT8lrss+Bli3Gc2DOkAgWsozcN4RYs4s mM+lV6Q4GrMRMgeWf/lz/L3x8uSPtnJ/pNT1UQY5kndXHAqJ6uOyl8Ioi0Tusnib6krI ChXicgCmIANKcGq7QNV7K85EpbcQeglPzYt256DFWLtHt2uicfIWXIYg64IHTmIXrSOs AyqW2/4F858ey0dUC5+lKpnUtBzSqIm7IqGdREtdDQeYObk5J9VGTmd5B8vH0GPGwst+ i6kcT9FkwxVaYalCmNTRZFDWcXY63myhhb129Hqx8pSa2RiyjiUibisxnm+5o0hoW7Jm k1Hw==
X-Gm-Message-State: ALoCoQn94vjWL0MoIrIZEoTe90D2xFEjt+jdqTDHnkYenyKla+LlbtsT6nFM0HpMm/6wWZ7S6Pdm/DbUNbB6rmqWL6NNawRTv9FNW8yTuUKjxwhUzdrET5I=
X-Received: by 10.140.29.131 with SMTP id b3mr175558961qgb.50.1452696076986; Wed, 13 Jan 2016 06:41:16 -0800 (PST)
Received: from brn1lxmailout02.verisign.com (brn1lxmailout02.verisign.com. [72.13.63.42]) by smtp-relay.gmail.com with ESMTPS id y16sm202946qka.6.2016.01.13.06.41.16 for <dane@ietf.org> (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 13 Jan 2016 06:41:16 -0800 (PST)
X-Relaying-Domain: verisign.com
Received: from brn1wnexcas02.vcorp.ad.vrsn.com (brn1wnexcas02 [10.173.152.206]) by brn1lxmailout02.verisign.com (8.13.8/8.13.8) with ESMTP id u0DEfGEV026498 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <dane@ietf.org>; Wed, 13 Jan 2016 09:41:16 -0500
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas02.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0174.001; Wed, 13 Jan 2016 09:41:16 -0500
From: "Wiley, Glen" <gwiley@verisign.com>
To: "dane@ietf.org" <dane@ietf.org>
Thread-Topic: [dane] namespace management, DANE Client Authentication draft updated
Thread-Index: AQHRTdCr+mcGMuDZKEymf+VKPliTA575hVyA
Date: Wed, 13 Jan 2016 14:41:15 +0000
Message-ID: <D2BBCA86.21C7D%gwiley@verisign.com>
References: <m3ziwa8sww.fsf@carbon.jhcloos.org> <20160113064221.54965.qmail@ary.lan> <20160113070440.GL18704@mournblade.imrryr.org>
In-Reply-To: <20160113070440.GL18704@mournblade.imrryr.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.9.150325
x-originating-ip: [10.173.152.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <17FA6F2298621C409B1023BD49B41417@verisign.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/B0VFiQAtvkgwHgZ2CSJNdUJ0nP4>
Subject: Re: [dane] namespace management, DANE Client Authentication draft updated
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2016 14:41:19 -0000

On 1/13/16, 2:04 AM, "Viktor Dukhovni" <ietf-dane@dukhovni.org> wrote:

>On Wed, Jan 13, 2016 at 06:42:21AM -0000, John Levine wrote:
>
>> > ...  But what's the real benefit to all this?
>> 
>> You're avoiding name collisions down the road.
>
>Please don't get me wrong, I'm not zealous about this, just don't
>yet see any value in the additional labels, and surely we should
>add them for a good reason.  I would expect the RRtype to provide
>all the collision avoidance that's required.  Plus the fact that
>these are intended to be host-specific records, while, the various
>proposed example collisions are generally published at the parent
>domain of the various hosts.

RRtype is sufficient for collision avoidance, I don¹t think we gain
any practical benefit by adding the other labels.

<snip>

v2.23.0 | Report a Bug | By Email