IETF Logo Mail Archive

Re: [dane] Second WGLC draft-ietf-dane-smime

"John R Levine" <johnl@taugh.com> Mon, 21 November 2016 16:35 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED696129678 for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 08:35:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=W0JK1at6; dkim=pass (1536-bit key) header.d=taugh.com header.b=llsB1MU/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C8sEXpmJ_4xu for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 08:35:50 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14042124281 for <dane@ietf.org>; Mon, 21 Nov 2016 08:35:49 -0800 (PST)
Received: (qmail 17383 invoked from network); 21 Nov 2016 16:35:52 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=43e5.58332268.k1611; bh=9QBkK3i8mRyFNaVpO+3XMg8xh9J4VvRiu1rcxFkAVJg=; b=W0JK1at6aUkO8LYshV+nbpaSKcCKmICieUnWd3fx6tPf0O8GFH27R3nMlWg8yb+vLj4AA9kFEFYum9N6pcmjeTu4zHWZQXFivx2jCnaefwvGHaFsurG87pZKIIP6mU+dgYn0ZBP2KwNyYoqcerSWafl6cJh6eRaG8RgFydUNkWYEnj2JWub429rlRp/2H7CFgCuE4WiwzJ9FaarlBCsodQ2ztnnB+w0J+sNUAZ19UunF3xgI/HFz8XIYR/3UOYLt
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=43e5.58332268.k1611; bh=9QBkK3i8mRyFNaVpO+3XMg8xh9J4VvRiu1rcxFkAVJg=; b=llsB1MU/OsrPnWtgdsU+gqqfSydOJhm80z+wfLzr/80JAzxhJ01SnL9BkrLjTzJSxZtksxDfz0H3m8+EBEX0Ka4Ni2FDK6ywQPodQ0MAqU4cQ97k+Bt6kyDllbovZw8EjW6dEgW6TVsVRvS1FBBK74oViCaxBPrI6bW8vtucbq7gzgmPtNpa2dUtTSTGZphXdbX95yMrkWKoie0sStz7sxRwPETR/z4TWYigEMkZC60D0ef4ai/axAaYAeC+gMpw
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 21 Nov 2016 16:35:52 -0000
Date: Mon, 21 Nov 2016 11:35:48 -0500
Message-ID: <alpine.OSX.2.11.1611211134280.18423@ary.qy>
From: John R Levine <johnl@taugh.com>
To: "Garfinkel, Simson L. \\(Fed\\)" <simson.garfinkel@nist.gov>
In-Reply-To: <9277E9AD-E28A-43C1-9044-B439630D25C1@nist.gov>
References: <20161121145803.79462.qmail@ary.lan> <C10FEAC0-E6F7-4216-A0FA-DE4893773D89@nist.gov> <alpine.OSX.2.11.1611211113570.18423@ary.qy> <9277E9AD-E28A-43C1-9044-B439630D25C1@nist.gov>
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/FSZtCmKfHLc5yDFtqjgsva8GOKY>
Cc: "dane@ietf.org" <dane@ietf.org>
Subject: Re: [dane] Second WGLC draft-ietf-dane-smime
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2016 16:35:52 -0000

> So are you opposed to DANE in general, or just the use of DANE for email?

I expect that the rest of the DANE group is not eager to have these issues 
hashed over again, so please read the extensive discussions in the 
archives.

DANE for host certs is fine.  DANE for e-mail addresses has multiple 
problems.

> Given this opposition, are you opposed to the experimental RFC 7929?  Or is your opposition limited to SMIMEA?

Again, please read the archives.

R's,
John

v2.23.0 | Report a Bug | By Email