[dane] Alexey Melnikov's Yes on draft-ietf-dane-openpgpkey-12: (with COMMENT)
"Alexey Melnikov" <aamelnikov@fastmail.fm> Tue, 03 May 2016 07:48 UTC
Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: dane@ietf.org
Delivered-To: dane@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B58B12D1BC; Tue, 3 May 2016 00:48:01 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160503074801.7526.45722.idtracker@ietfa.amsl.com>
Date: Tue, 03 May 2016 00:48:01 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/Vh-CiJYLyWlL2QyQbOrVlcfyYAI>
Cc: draft-ietf-dane-openpgpkey@ietf.org, dane-chairs@ietf.org, dane@ietf.org
Subject: [dane] Alexey Melnikov's Yes on draft-ietf-dane-openpgpkey-12: (with COMMENT)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2016 07:48:01 -0000
Alexey Melnikov has entered the following ballot position for draft-ietf-dane-openpgpkey-12: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- NOTE to editors: Thank you for addressing my earlier comments in -09, -10 and -12. Despite many objections to publishing this specification I believe we should run the experiment. I will vote "Yes" once DISCUSS-points are addressed. I would rather see this experiment being done and fail (or better - succeed), than to block publication of this document because it is not perfect. Some (edited) comments from Ned Freed that I (mostly) agree with: 1) In Section 3: When describing unquoting and unescaping, I think it would be useful to give an example, for example all of the following are equivalent and must result in the same hashed value: (1) first.last@example.com (2) first . last @example.com (3) "first.last"@example.com (4) "\f\i\r\s\t.last"@example.com 2) 5.1. Obtaining an OpenPGP key for a specific email address If no OpenPGP public keys are known for an email address, an OPENPGPKEY DNS lookup MAY be performed to seek the OpenPGP public key that corresponds to that email address. This public key can then be used to verify a received signed message or can be used to send out an encrypted email message. An application whose attempt fails to retrieve a DNSSEC verified OPENPGPKEY RR from the DNS should remember that failure for some time to avoid sending out a DNS request for each email message the application is sending out; such DNS requests constitute a privacy leak Should the document give a specific recommendation about "remember for some time"? Is it tied to TTL for the corresponding RR? If you can provide some additional text explaining what is reasonable (or not) here, that would improve the specification.
- [dane] Alexey Melnikov's Yes on draft-ietf-dane-o… Alexey Melnikov