Re: [dane] draft-ietf-dane-smime
Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 20 October 2014 16:09 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7F7A1A0A6A for <dane@ietfa.amsl.com>; Mon, 20 Oct 2014 09:09:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JklsJc9SpPSF for <dane@ietfa.amsl.com>; Mon, 20 Oct 2014 09:09:52 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DC141A0360 for <dane@ietf.org>; Mon, 20 Oct 2014 09:08:40 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 458262AB2B5; Mon, 20 Oct 2014 16:08:33 +0000 (UTC)
Date: Mon, 20 Oct 2014 16:08:33 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20141020160832.GG19158@mournblade.imrryr.org>
References: <273F9612-13AF-4CB8-B15C-912AAD04C738@verisign.com> <CF875C06-E4DA-4DCA-A722-5FDEE04B3069@vpnc.org> <67BDE5B6-58C7-4E0B-8CB4-045E51027D85@ieca.com> <E507FC56-947B-4A93-AA81-F0507D2FBC69@ogud.com> <62F1DB86-59B4-4165-9AEE-82A829B6A9A9@kirei.se> <20141017150448.GV20066@mournblade.imrryr.org> <B4AE1805-22D9-4E63-A18C-1EEC55C1C2E3@verisign.com> <CDE423BF-1418-4714-BF9C-44FAF5502643@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CDE423BF-1418-4714-BF9C-44FAF5502643@vpnc.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/jQMx-MsCtx77uWD4H7cRbYhrE1c
Subject: Re: [dane] draft-ietf-dane-smime
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Oct 2014 16:09:57 -0000
On Mon, Oct 20, 2014 at 09:01:56AM -0700, Paul Hoffman wrote: > > Maybe it's also possible there was some misunderstanding from > > the protracted email discussion? The revocation discussion (IIRC) > > really had to do with an assertion that TLS did not have revocation > > needs. > > Did anyone assert that? If so, please point it out. People asserted that revocation happens rarely for TLS certificates. I've been known to say that with DANE TLSA, explicit revocation is superseded by publishing an updated TLSA record. Don't know whether that was ever in the context the revocation discussion in question. Of course that only applies to situations in which DANE is always used. DANE is of no help when the verifier is using "traditional" PKI. -- Viktor.
- [dane] draft-ietf-dane-smime Osterweil, Eric
- Re: [dane] draft-ietf-dane-smime Paul Hoffman
- Re: [dane] draft-ietf-dane-smime Doug Montgomery
- Re: [dane] draft-ietf-dane-smime Jakob Schlyter
- Re: [dane] draft-ietf-dane-smime Doug Montgomery
- Re: [dane] draft-ietf-dane-smime Paul Hoffman
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Sean Turner
- Re: [dane] draft-ietf-dane-smime Olafur Gudmundsson
- Re: [dane] draft-ietf-dane-smime Jakob Schlyter
- Re: [dane] draft-ietf-dane-smime Paul Hoffman
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Osterweil, Eric
- Re: [dane] draft-ietf-dane-smime Osterweil, Eric
- Re: [dane] draft-ietf-dane-smime Paul Hoffman
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Paul Hoffman
- Re: [dane] draft-ietf-dane-smime Osterweil, Eric
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Paul Wouters
- [dane] Deployment considerations - Re: draft-ietf… Dan York
- Re: [dane] draft-ietf-dane-smime Warren Kumari
- Re: [dane] Deployment considerations - Re: draft-… Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Warren Kumari
- Re: [dane] Deployment considerations - Re: draft-… Mark Andrews
- Re: [dane] draft-ietf-dane-smime Osterweil, Eric
- Re: [dane] draft-ietf-dane-smime Paul Wouters
- Re: [dane] draft-ietf-dane-smime Danny McPherson
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Osterweil, Eric
- Re: [dane] draft-ietf-dane-smime Viktor Dukhovni
- Re: [dane] draft-ietf-dane-smime Jakob Schlyter