Re: [dane] Extending TLSA RFC to operate with TLS's new raw public keys
Viktor Dukhovni <viktor1dane@dukhovni.org> Fri, 06 June 2014 01:11 UTC
Return-Path: <viktor1dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 713691A037C for <dane@ietfa.amsl.com>; Thu, 5 Jun 2014 18:11:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DWSoiYc8akLQ for <dane@ietfa.amsl.com>; Thu, 5 Jun 2014 18:11:29 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A1EC1A037A for <dane@ietf.org>; Thu, 5 Jun 2014 18:11:29 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 37EFF2AAB4F; Fri, 6 Jun 2014 01:11:21 +0000 (UTC)
Date: Fri, 06 Jun 2014 01:11:21 +0000
From: Viktor Dukhovni <viktor1dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20140606011121.GS27883@mournblade.imrryr.org>
References: <201405290805.s4T85HBT008757@new.toad.com> <08E92113-6C1F-4BD3-8846-4B117FA1AC1E@ogud.com> <201406060021.s560LiBT019821@new.toad.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <201406060021.s560LiBT019821@new.toad.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/NKqb74qxeB6v7ef2ClJAXSM7Yg8
Subject: Re: [dane] Extending TLSA RFC to operate with TLS's new raw public keys
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jun 2014 01:11:34 -0000
On Thu, Jun 05, 2014 at 05:21:44PM -0700, John Gilmore wrote: > Today I read the dane-ops-03 document. The latest is from February, > which seems rather old. Also, it is designed to be a Best Current > Practice, and it does not update the DANE TLSA RFC 6698. Indeed, sorry about that, since just before London, we've focused primarily on the SMTP draft, to the detriment of progress on the ops draft. Cycles were limited. This is about to change... In particular the ops draft will shortly be revived from limbo, changed to standards track and will update 6698. > Also, various people in the DANE WG have different ideas on how to > represent Raw Public Keys (RPKs) in TLSA records, what operational > constraints to put on TLSA records involving RPKs, and even how the > TLS protocol itself should evolve to require retries when using > RPKs. It seems a bit too early to say, "just release RFC 7250, it > won't need any more changes" when these issues have not been resolved, > nor even extensively explored. You'll find that there is little support for RPK formats other than "3 1 X", despite a small number of suggestions to the contrary. A consensus around "3 1 X" is I think a safe bet. It is also not clear that "RPK" is fundamentally dependent on an extant definition of how it is to be used with out of band DANE authentication. The base specification it seems is mechanism neutral. So the specifics of associated TLSA RR formats are only an issue for DANE clients, thus not unreasonably defined in a related new DANE WG document. > I think that the real stumbling block here is the attitude that "DANE > is only for PKIX", That may be true of some past history, but I've seen very little of that here in the last year a bit that I've been active in this group. DANE is not only for PKIX, but RFC 6698 as it stands does not currently describe associations to objects other than X.509 certificates. We'll address extending the definition to RPK in the ops draft, or a separate document if there's a strong preference for that. Since some of the content would overlap with related material in the ops draft, I'd prefer to not split this out. > Until and unless that attitude > is definitively repudiated by the WG in toto, I suspect that we will > continue to have problems reaching consensus whenever any IETF member > tries to use DNSSEC for a protocol (like Raw Public Keys) that does > not use PKIX certificates. We should not confuse the circumscribed scope of 6698, which looks today to be more a matter of caution to not overreach, rather than any specific bias in favour of a particular key management approach. There could have been some players who during the development of 6698 had an agenda in one direction or another, but the document itself is at worst too narrow, rather than biased. It also does not consider the opportunistic use-case and various other issues that would probably have further delayed adoption. RPK via "3 1 X" is a natural extension of 6698 to include in a 6698 update. If new certificate usages are needed in the future for more radically different use-cases, these can be added in separate documents or in any future comprehensive updates. Bottom line, I've not run into any difficulties agenda-driven conspiracies here yet. I'd like to add RPK support to Postfix at some point, once code for this is available (in OpenSSL). You'll likely find more resistance to RPK from some of the various toolkit maintainers (of OpenSSL, NSS, GnuTLS, ...) than on the DANE WG, where I expect RPK has a decent body of support. Like RPK DANE TLSA is a departure from the established order, and the two share common use-cases. -- Viktor.
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Hoffman
- [dane] Extending TLSA RFC to operate with TLS's n… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Wes Hardaker
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Jim Schaad
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Tom Gindin
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Stephen Farrell
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Olafur Gudmundsson
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… James Cloos
- Re: [dane] Extending TLSA RFC to operate with TLS… Stephen Farrell
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Simon Arlott
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Servers which offer RPK but have no TL… John Gilmore
- Re: [dane] Servers which offer RPK but have no TL… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… John Gilmore
- Re: [dane] Servers which offer RPK but have no TL… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… John Gilmore
- Re: [dane] Servers which offer RPK but have no TL… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni
- [dane] Extending TLSA RFC to operate with TLS's n… John Gilmore
- Re: [dane] Extending TLSA RFC to operate with TLS… Paul Wouters
- Re: [dane] Extending TLSA RFC to operate with TLS… Viktor Dukhovni