IETF Logo Mail Archive

Re: [dane] Start of WGLC for draft-ietf-dane-openpgpkey - *please* review.

Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 23 February 2015 18:18 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52DF61A1EF6 for <dane@ietfa.amsl.com>; Mon, 23 Feb 2015 10:18:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lu9J8D7auauL for <dane@ietfa.amsl.com>; Mon, 23 Feb 2015 10:18:16 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 891F81A1EF3 for <dane@ietf.org>; Mon, 23 Feb 2015 10:18:16 -0800 (PST)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 814A1282F52; Mon, 23 Feb 2015 18:18:15 +0000 (UTC)
Date: Mon, 23 Feb 2015 18:18:15 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20150223181815.GL1260@mournblade.imrryr.org>
References: <CAHw9_iJPuG23Aok7V_wcAMirua_DPDLHy01tnd+DaUqEeK3NZA@mail.gmail.com> <001a01d04f19$b0292e90$107b8bb0$@augustcellars.com> <20150223035230.GD1260@mournblade.imrryr.org> <001b01d04f1c$f626c940$e2745bc0$@augustcellars.com> <20150223040833.GF1260@mournblade.imrryr.org> <CAHw9_iJ167aCbpW=Fni0h_vsWLcWQVLC1P7vkr6X0cmAV9zG=g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAHw9_iJ167aCbpW=Fni0h_vsWLcWQVLC1P7vkr6X0cmAV9zG=g@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/Ib92akzX_6p8sNgom6Qo7nei18c>
Subject: Re: [dane] Start of WGLC for draft-ietf-dane-openpgpkey - *please* review.
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Feb 2015 18:18:20 -0000

On Mon, Feb 23, 2015 at 12:31:09PM -0500, Warren Kumari wrote:

> I *think* that the proposal is in this email:
> http://www.ietf.org/mail-archive/web/dane/current/msg07163.html
> (Viktor, 11 Dec 2014)
> 
> This seemed to be mostly met with acceptance (or, at least closer than
> many of the other options!), but didn't address the user+tag@ or
> johnsmith=john.smith=jo.hn.sm.th special hanging the gMail does.
> A potential, but icky solution to those could be synthesized records.

If the goal is to go beyond case-folding, then we'd have to seriously
consider publishing the data via a DANE-authenticated HTTPS service
rather than directly in DNS.  The service would then be able to
apply whatever lookup transformations are locally applicable.

I'm not sensing much appetite for moving away from per-user records
in DNS, so case-folding can be handled, but fancier variants are
I think beyond what can be done with the logic mostly on the client
side.

-- 
	Viktor.

v2.23.0 | Report a Bug | By Email