Re: [dane] draft-ietf-dane-smime and certificate discovery

Wes Hardaker <wjhns1@hardakers.net> Fri, 21 February 2014 19:48 UTC

Return-Path: <wjhns1@hardakers.net>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41AC41A054A for <dane@ietfa.amsl.com>; Fri, 21 Feb 2014 11:48:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.955
X-Spam-Level:
X-Spam-Status: No, score=0.955 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.793] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LtN5hq4-mmmq for <dane@ietfa.amsl.com>; Fri, 21 Feb 2014 11:48:35 -0800 (PST)
Received: from mail.hardakers.net (unknown [IPv6:2001:470:1f00:187::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A7021A021B for <dane@ietf.org>; Fri, 21 Feb 2014 11:48:35 -0800 (PST)
Received: from localhost (50-1-19-226.dsl.dynamic.sonic.net [50.1.19.226]) by mail.hardakers.net (Postfix) with ESMTPSA id DF3D2304A0; Fri, 21 Feb 2014 11:48:25 -0800 (PST)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <20140106212911.12960.24322.idtracker@ietfa.amsl.com> <A1C41700-578C-45C1-9A66-ACC051970F47@gmail.com> <5DEFF47F-6533-4F1B-8D23-216108989787@verisign.com> <03FF6C3C-0542-4D0F-97D5-1785F55D2CEF@vpnc.org> <FAB9D9AB-023B-48E3-BD26-15FC9B87FE3F@verisign.com> <6F632081-95C9-4E61-831D-EAEF2ECCE08C@vpnc.org>
Date: Fri, 21 Feb 2014 11:48:24 -0800
In-Reply-To: <6F632081-95C9-4E61-831D-EAEF2ECCE08C@vpnc.org> (Paul Hoffman's message of "Wed, 5 Feb 2014 15:29:29 -0800")
Message-ID: <0lk3coxn5j.fsf@wjh.hardakers.net>
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/ZGAjFOpkSHzO2A4qT9CwCBDb1lU
Cc: "<dane@ietf.org>" <dane@ietf.org>
Subject: Re: [dane] draft-ietf-dane-smime and certificate discovery
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Feb 2014 19:48:36 -0000

Paul Hoffman <paul.hoffman@vpnc.org> writes:

> So, WG: is "DNS for delivery vs. DNS for delivery and discovery" a
> topic people want to revisit?

Sorry for the late response, but "yes" would be my answer.  I've never
been fully convinced that the discussion in the past was truly consensus
one way or the other, and I do think we need some guidelines for doing
security availability discovery.  The world has proven time and time
again that we can't do it without the DNS(SEC) helping to bootstrap it.
-- 
Wes Hardaker
Parsons