Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard
Simon Josefsson <simon@josefsson.org> Thu, 10 September 2015 17:35 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C12C71B31C7; Thu, 10 Sep 2015 10:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7-cEtFmyH9aJ; Thu, 10 Sep 2015 10:35:29 -0700 (PDT)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 371201A8868; Thu, 10 Sep 2015 10:35:28 -0700 (PDT)
Received: from latte.josefsson.org ([155.4.17.3]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id t8AHZKk5021813 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Thu, 10 Sep 2015 19:35:21 +0200
From: Simon Josefsson <simon@josefsson.org>
To: ietf@ietf.org, dane@ietf.org
References: <20150828151107.2592.98917.idtracker@ietfa.amsl.com>
OpenPGP: id=54265E8C; url=http://josefsson.org/54265e8c.txt
X-Hashcash: 1:22:150910:dane@ietf.org::n2ueiiX3YsDALlSG:0rNm
X-Hashcash: 1:22:150910:iesg-secretary@ietf.org::26tGmNfXoVS/gJNN:1Yf4
X-Hashcash: 1:22:150910:ietf@ietf.org::2xrpAFq3/88jA+DN:LMED
X-Hashcash: 1:22:150910:ietf-announce@ietf.org::/CtOMBFltdc2YtH1:fK5h
Date: Thu, 10 Sep 2015 19:35:19 +0200
In-Reply-To: <20150828151107.2592.98917.idtracker@ietfa.amsl.com> (The IESG's message of "Fri, 28 Aug 2015 08:11:07 -0700")
Message-ID: <87613iyy7c.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
X-Virus-Scanned: clamav-milter 0.98.7 at duva.sjd.se
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/qCUG_IcEicVwyxqXPPiVDgoJ9gU>
Subject: Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Sep 2015 17:35:31 -0000
I believe it would be a mistake to publish this document without having it include a discussion of its relationship to RFC 4648. As far as I can tell, the CERT record defined in RFC 4648 solves roughly the same problem as OPENPGPKEY and CERT is already deployed with support in (for example) GnuPG. I believe the community would benefit from sorting out the relationship before publication, not after, when we would have two RFCs describing solutions for what appears to be the same problem. /Simon The IESG <iesg-secretary@ietf.org> writes: > The IESG has received a request from the DNS-based Authentication of > Named Entities WG (dane) to consider the following document: > - 'Using DANE to Associate OpenPGP public keys with email addresses' > <draft-ietf-dane-openpgpkey-05.txt> as Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@ietf.org mailing lists by 2015-09-11. Exceptionally, comments may be > sent to iesg@ietf.org instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > > OpenPGP is a message format for email (and file) encryption that > lacks a standardized lookup mechanism to securely obtain OpenPGP > public keys. This document specifies a method for publishing and > locating OpenPGP public keys in DNS for a specific email address > using a new OPENPGPKEY DNS Resource Record. Security is provided via > DNSSEC. > > > > > The file can be obtained via > https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ > > IESG discussion can be tracked via > https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ballot/ > > > No IPR declarations have been submitted directly on this I-D. > > >
- [dane] Last Call: <draft-ietf-dane-openpgpkey-05.… The IESG
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… Petr Spacek
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… Paul Wouters
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… Simon Josefsson
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… Simon Josefsson
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… manning
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… Paul Wouters
- Re: [dane] Last Call: <draft-ietf-dane-openpgpkey… Petr Spacek