Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt
Viktor Dukhovni <ietf-dane@dukhovni.org> Fri, 15 May 2015 05:25 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F4391A8ACE for <dane@ietfa.amsl.com>; Thu, 14 May 2015 22:25:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xrJ0d0K_nWgm for <dane@ietfa.amsl.com>; Thu, 14 May 2015 22:25:24 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E1381A8ACA for <dane@ietf.org>; Thu, 14 May 2015 22:25:24 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 735C6283032; Fri, 15 May 2015 05:25:23 +0000 (UTC)
Date: Fri, 15 May 2015 05:25:23 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20150515052523.GW17272@mournblade.imrryr.org>
References: <20150513182627.9918.67542.idtracker@ietfa.amsl.com> <20150513183614.GC17272@mournblade.imrryr.org> <201505140015.t4E0F35B026773@new.toad.com> <20150514010741.GI17272@mournblade.imrryr.org> <201505150056.t4F0uk5B028009@new.toad.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <201505150056.t4F0uk5B028009@new.toad.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/xa36PzKiFHHfg_wLQkevxzGtgKw>
Subject: Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 May 2015 05:25:26 -0000
On Thu, May 14, 2015 at 05:56:46PM -0700, John Gilmore wrote: > > INTERNET-DRAFT J. Gilmore > DANE Working Group Electronic Frontier Foundation > Intended status: Proposed Standard July 3, 2014 > Expires: December 31, 2014 > Updates: 6698 (if approved) > > > Authenticating Raw Public Keys with DANE TLSA > draft-ietf-dane-rawkeys-00 I have read the draft, thanks. I think that RFC 7250 raw public keys are covered in the same way in draft-ietf-dane-ops via usage DANE-EE(3) selector SPKI(1). For other potential use-cases (i.e. neither TLS nor DTLS), it is not clear how to interpret the TLSA record selector, and what the meanings of the existing certificate usages might be. I'd like to see some success with RFC 7250 + DANE, before we further extend the TLSA RRtype into virgin territory. At the very least there should be a practical use-case against which to measure the soundness of the proposal. RFC7260 is a sound extension, if additional sound extensions come along, I think they can be accomodated at that time. So, I'd like to ask that at this time, we come to closure on whether RFC7250 is adequately supported by the language in draft-ietf-dane-ops. If so, let's get that out the door, and open the floor for discussion of further extensions after that. -- Viktor.
- [dane] I-D Action: draft-ietf-dane-ops-08.txt internet-drafts
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt John Gilmore
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… nudge
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt John Gilmore
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt John Gilmore
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Warren Kumari
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Warren Kumari
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Warren Kumari
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Peter Saint-Andre - &yet
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Viktor Dukhovni
- Re: [dane] I-D Action: draft-ietf-dane-ops-08.txt… Warren Kumari