Re: [dane] Working group Last call: draft-ietf-dane-smime-11.txt
Jim Schaad <ietf@augustcellars.com> Mon, 25 July 2016 14:02 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F86712D87A for <dane@ietfa.amsl.com>; Mon, 25 Jul 2016 07:02:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.188
X-Spam-Level:
X-Spam-Status: No, score=-3.188 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y4RrlCe517QG for <dane@ietfa.amsl.com>; Mon, 25 Jul 2016 07:02:50 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9EE312D790 for <dane@ietf.org>; Mon, 25 Jul 2016 07:02:49 -0700 (PDT)
Received: from hebrews (192.168.1.152) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Mon, 25 Jul 2016 07:08:54 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Paul Wouters' <paul@nohats.ca>, 'Warren Kumari' <warren@kumari.net>
References: <F7B890A0-6A67-41C0-B46A-831EC55452D3@ogud.com> <CAHw9_i+2wGPgKk9oKJLH+ZF-5pztPMeDv+4=SXP5qgM1-PH7fw@mail.gmail.com> <alpine.LRH.2.20.1607250908430.18124@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.20.1607250908430.18124@bofh.nohats.ca>
Date: Mon, 25 Jul 2016 07:02:36 -0700
Message-ID: <032801d1e67d$34d80d90$9e8828b0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQKO9jUL14/4foXd2RoMMb1DpIWOmgI0XZifAcquQy6ejxVbQA==
Content-Language: en-us
X-Originating-IP: [192.168.1.152]
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/z63skYVl6d4slf9QfSCsKXwbyO8>
Cc: 'dane WG list' <dane@ietf.org>
Subject: Re: [dane] Working group Last call: draft-ietf-dane-smime-11.txt
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jul 2016 14:02:56 -0000
> -----Original Message----- > From: dane [mailto:dane-bounces@ietf.org] On Behalf Of Paul Wouters > Sent: Monday, July 25, 2016 6:33 AM > To: Warren Kumari <warren@kumari.net> > Cc: dane WG list <dane@ietf.org> > Subject: Re: [dane] Working group Last call: draft-ietf-dane-smime-11.txt > > On Sun, 24 Jul 2016, Warren Kumari wrote: > > > A reminder that this WGLC closes tomorrow -- so far we have not really > > seen sufficient feedback on this document. PLEASE review this document > > and provide comment. > > I have reviewed the document. I think it is ready for IETF LC but it could see a > few small changes: > > It should probably update its reference in the introduction to list soon to be RFC- > 7929 (openpgpkey) and wait on that doc (in AUTH48 now) to go out first. > > The SMIMEA resource record has no special TTL requirements. > > During openpgpkey discussion, it was decided it was better to remove this line. I > would think the same applies to smime. > > During openpgpkey discussion, people insisted on specifying the "experimental > goal" of the Experimental RFC. That section is missing in this document. > > Section 3's title is a bit long. In openpgpkey we used a shorter title. I suggest > "Location of the SMIMEA record". > > The openpgpkey had updated the "tcp only" phrasing to make it more layer > agnostic and mentions DNS-COOKIES as a defense and method to allow UDP. > You might want to consider using the same approach instead of banning UDP > altogether. > > > I also wanted to make sure people (including the authors) had seen: > > https://www.ietf.org/mail-archive/web/dane/current/msg08382.html > > This has come up in the past when discussing SMIME. One suggestion was to use > a different prefix (like _encrypt. and _sign). When this was brought up, the > patent status of this was not entirely clear, and there were privacy discussions > raised on exposing queries to the purpose of the query. Perhaps the document > can state that if the certificate is obtained via SMIMEA, it should be checked > whether it is suitable for the task to perform. And that publishers are > encouraged to publish SMIMEA records for certificates that allow both signing > and encryption. > But this latter approach did not have a clear consensus. This is not the issue that my message was designed to highlight. In S/MIME it is possible to say which of the message formats and which content encryption algorithms are supported by a client. This is not the same as designating if a certificate is being used for encryption or signing. Jim > > Paul > > > W > > > > On Sat, Jul 9, 2016 at 12:53 PM, Olafur Gudmundsson <ogud@ogud.com> > wrote: > >> > >> Dear Colleagues > >> > >> The editors of > >> https://datatracker.ietf.org/doc/draft-ietf-dane-smime/ have > >> requested a WGLC, the chairs are satisfied that the document is in > >> good shape. This message starts a three week WG LC, that concludes on > >> Monday July 25 23:59 UTC (we have extended the usual 2 weeks because > >> of the upcoming meeting, travel, etc). > >> > >> This document is on the Experimental track, it is a close relative of > >> a prior document from our group > >> https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ which > >> is in > >> AUTH-48 at this point. > >> Any discussions on “local part” other than to point out a difference > >> between the OPENPGP document and this one are out of scope. > >> > >> Any other issues should be brought forward > >> > >> thanks > >> Olafur & Warren > >> > >> _______________________________________________ > >> dane mailing list > >> dane@ietf.org > >> https://www.ietf.org/mailman/listinfo/dane > >> > > > > > > > > -- > > I don't think the execution is relevant when it was obviously a bad > > idea in the first place. > > This is like putting rabid weasels in your pants, and later expressing > > regret at having chosen those particular rabid weasels and that pair > > of pants. > > ---maf > > > > _______________________________________________ > > dane mailing list > > dane@ietf.org > > https://www.ietf.org/mailman/listinfo/dane > > > > _______________________________________________ > dane mailing list > dane@ietf.org > https://www.ietf.org/mailman/listinfo/dane
- Re: [dane] Working group Last call: draft-ietf-da… John Levine
- Re: [dane] Working group Last call: draft-ietf-da… Warren Kumari
- Re: [dane] Working group Last call: draft-ietf-da… John Levine
- Re: [dane] Working group Last call: draft-ietf-da… Sean Leonard
- Re: [dane] Working group Last call: draft-ietf-da… Patrik Fältström
- Re: [dane] Working group Last call: draft-ietf-da… Paul Hoffman
- Re: [dane] Working group Last call: draft-ietf-da… Paul Hoffman
- [dane] Working group Last call: draft-ietf-dane-s… Olafur Gudmundsson
- Re: [dane] Working group Last call: draft-ietf-da… Paul Wouters
- Re: [dane] Working group Last call: draft-ietf-da… Paul Hoffman
- Re: [dane] Working group Last call: draft-ietf-da… Jim Schaad
- Re: [dane] Working group Last call: draft-ietf-da… Paul Wouters
- Re: [dane] Working group Last call: draft-ietf-da… Rose, Scott
- Re: [dane] Working group Last call: draft-ietf-da… John Levine
- Re: [dane] Working group Last call: draft-ietf-da… Warren Kumari
- Re: [dane] Working group Last call: draft-ietf-da… Paul Hoffman
- Re: [dane] Working group Last call: draft-ietf-da… Jim Schaad
- Re: [dane] Working group Last call: draft-ietf-da… Paul Hoffman