Re: [dane] Deployment focus? Re: IETF 85 - meet or not to meet?

Paul Hoffman <paul.hoffman@vpnc.org> Mon, 01 October 2012 14:24 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C42161F0C7E for <dane@ietfa.amsl.com>; Mon, 1 Oct 2012 07:24:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.597
X-Spam-Level:
X-Spam-Status: No, score=-102.597 tagged_above=-999 required=5 tests=[AWL=0.002, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xOw1qzN2WWLi for <dane@ietfa.amsl.com>; Mon, 1 Oct 2012 07:24:29 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id BC2EF1F0CEE for <dane@ietf.org>; Mon, 1 Oct 2012 07:24:28 -0700 (PDT)
Received: from [10.20.30.108] (50-1-50-97.dsl.dynamic.fusionbroadband.com [50.1.50.97]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id q91EOPu9026253 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Mon, 1 Oct 2012 07:24:25 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.1 \(1498\))
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <15ED757A-9B2F-45CD-A1B6-0A0C8DFC2397@danyork.org>
Date: Mon, 01 Oct 2012 07:24:26 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <76960946-F768-422B-A76A-17D951D29C8C@vpnc.org>
References: <BD9F1901-911A-49EB-9390-B18D8A9D0B30@nic.cz> <FBCB9053-91C3-4EBC-874E-97067A922E49@nic.cz> <C73CE37F-C34D-4824-AF11-D03F14AE3015@kumari.net> <15ED757A-9B2F-45CD-A1B6-0A0C8DFC2397@danyork.org>
To: Dan York <dan-ietf@danyork.org>
X-Mailer: Apple Mail (2.1498)
Cc: dane WG list <dane@ietf.org>
Subject: Re: [dane] Deployment focus? Re: IETF 85 - meet or not to meet?
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Oct 2012 14:24:30 -0000

On Oct 1, 2012, at 6:37 AM, Dan York <dan-ietf@danyork.org> wrote:

> I see more of a "strategic" reason for meeting at IETF 85 in that I am seeing a lot of positive response to the value of DANE when I am speaking about it within industry circles. It's clear to me that DANE can provide real value to companies/organizations and that it can also provide a strong reason for organizations to be interested in deploying DNSSEC.  

Yes.

> I guess I feel that NOT meeting feels a bit like "taking the foot off the gas pedal" at a time when we need to be pushing people towards getting DANE deployed.

The IETF is not a protocol promotion body. We do it sometimes, but often with bad results.

> Having said that, I agree there's not much point in meeting if there is only one draft to discuss.

And there is no draft on "how to promote DANE usage".

> Could we perhaps have an agenda more focused on the question of "what comes next?" and looking at obstacles to DANE deployment?
> 
> Some ideas:
>  - Discussion of what needs to be done to get DANE more widely deployed, specifically:
>       1. What steps do we collectively need to take to get adding DANE support on the radar of browser vendors?
>       2. What do we need to do to get more registrars/DNS hosting providers accepting TLSA records?
>       3. What do we need to do to get more organizations publishing TLSA records? 
>  - Exploration of the various tools available (some discussed recently on the list) and identification of tools that need to be created (Could we perhaps include some quick demos of those tools?)
>  - Discussion of what "Using DANE With $foo Protocol" documents would be logical to create (where $foo is the various networking protocols) and identification of people willing to create such drafts
>  - Discussion of ways to measure DANE deployment (how can we do that?)

That proposed agenda is much more in the realm of Internet Society work than IETF work. Perhaps you should talk to people at ISOC about hosting an meeting to discuss these things? :-)

> I'd certainly be willing to present and lead a discussion on the first of those ideas and to participate in other discussions.  If a draft is needed for agenda time I can probably work something up before the -00 deadine of October 15th.  
> 
> We could of course discuss Paul's S/MIME draft as it fits into the "Using DANE with $foo" category.

Jakob and I will have another draft this week that covers the issue brought up earlier about us not dealing with the TLS-specific topic diffs. It is not at all clear that a face-to-face meeting will be useful in finding more of those or in fixing other errors in our draft.

--Paul Hoffman