IETF Logo Mail Archive

Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard

Simon Josefsson <simon@josefsson.org> Thu, 10 September 2015 17:35 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C12C71B31C7; Thu, 10 Sep 2015 10:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7-cEtFmyH9aJ; Thu, 10 Sep 2015 10:35:29 -0700 (PDT)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 371201A8868; Thu, 10 Sep 2015 10:35:28 -0700 (PDT)
Received: from latte.josefsson.org ([155.4.17.3]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id t8AHZKk5021813 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Thu, 10 Sep 2015 19:35:21 +0200
From: Simon Josefsson <simon@josefsson.org>
To: ietf@ietf.org, dane@ietf.org
References: <20150828151107.2592.98917.idtracker@ietfa.amsl.com>
OpenPGP: id=54265E8C; url=http://josefsson.org/54265e8c.txt
X-Hashcash: 1:22:150910:dane@ietf.org::n2ueiiX3YsDALlSG:0rNm
X-Hashcash: 1:22:150910:iesg-secretary@ietf.org::26tGmNfXoVS/gJNN:1Yf4
X-Hashcash: 1:22:150910:ietf@ietf.org::2xrpAFq3/88jA+DN:LMED
X-Hashcash: 1:22:150910:ietf-announce@ietf.org::/CtOMBFltdc2YtH1:fK5h
Date: Thu, 10 Sep 2015 19:35:19 +0200
In-Reply-To: <20150828151107.2592.98917.idtracker@ietfa.amsl.com> (The IESG's message of "Fri, 28 Aug 2015 08:11:07 -0700")
Message-ID: <87613iyy7c.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
X-Virus-Scanned: clamav-milter 0.98.7 at duva.sjd.se
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/qCUG_IcEicVwyxqXPPiVDgoJ9gU>
Subject: Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Sep 2015 17:35:31 -0000

I believe it would be a mistake to publish this document without having
it include a discussion of its relationship to RFC 4648.  As far as I
can tell, the CERT record defined in RFC 4648 solves roughly the same
problem as OPENPGPKEY and CERT is already deployed with support in (for
example) GnuPG.  I believe the community would benefit from sorting out
the relationship before publication, not after, when we would have two
RFCs describing solutions for what appears to be the same problem.

/Simon

The IESG <iesg-secretary@ietf.org> writes:

> The IESG has received a request from the DNS-based Authentication of
> Named Entities WG (dane) to consider the following document:
> - 'Using DANE to Associate OpenPGP public keys with email addresses'
>   <draft-ietf-dane-openpgpkey-05.txt> as Proposed Standard
>
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action. Please send substantive comments to the
> ietf@ietf.org mailing lists by 2015-09-11. Exceptionally, comments may be
> sent to iesg@ietf.org instead. In either case, please retain the
> beginning of the Subject line to allow automated sorting.
>
> Abstract
>
>
>    OpenPGP is a message format for email (and file) encryption that
>    lacks a standardized lookup mechanism to securely obtain OpenPGP
>    public keys.  This document specifies a method for publishing and
>    locating OpenPGP public keys in DNS for a specific email address
>    using a new OPENPGPKEY DNS Resource Record.  Security is provided via
>    DNSSEC.
>
>
>
>
> The file can be obtained via
> https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/
>
> IESG discussion can be tracked via
> https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ballot/
>
>
> No IPR declarations have been submitted directly on this I-D.
>
>
>

v2.23.0 | Report a Bug | By Email