Re: [Danish] Revised charter based on recent discussions
Russ Housley <housley@vigilsec.com> Wed, 21 July 2021 15:32 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: danish@ietfa.amsl.com
Delivered-To: danish@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82F943A0E21 for <danish@ietfa.amsl.com>; Wed, 21 Jul 2021 08:32:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id haD6uzP895Zt for <danish@ietfa.amsl.com>; Wed, 21 Jul 2021 08:32:38 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB72E3A1BFB for <danish@ietf.org>; Wed, 21 Jul 2021 08:32:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 5A7EF300C1D for <danish@ietf.org>; Wed, 21 Jul 2021 11:32:37 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 1nK6BXPbv5Aq for <danish@ietf.org>; Wed, 21 Jul 2021 11:32:36 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 0C7EE300232; Wed, 21 Jul 2021 11:32:35 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <yblmtqjntzh.fsf@wx.hardakers.net>
Date: Wed, 21 Jul 2021 11:32:35 -0400
Cc: danish@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <D019C892-5DA0-4ED0-AF29-85685D601F12@vigilsec.com>
References: <yblmtqjntzh.fsf@wx.hardakers.net>
To: Wes Hardaker <wjhns1@hardakers.net>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/danish/fYmX7CUs5q5AS6apxZOlhvdTejQ>
Subject: Re: [Danish] Revised charter based on recent discussions
X-BeenThere: danish@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DANE AutheNtication for Iot Service Hardening <danish.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/danish>, <mailto:danish-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/danish/>
List-Post: <mailto:danish@ietf.org>
List-Help: <mailto:danish-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/danish>, <mailto:danish-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2021 15:32:43 -0000
In the problem statement: The text says: "...establishing trust in public keys from lower levels in a PKI tree." This assumes a hierarchy, and some PKI implementations use a mesh. I suggest: "...establishing trust in certified public keys." Editorial suggestion: replace "What DANE did not define is how services can authenticate connecting clients." with "However, DANE did not define authentication for TLS client identities." In the Scope of work: Question: While TLS 1.3 is being rapidly deployed, there is still a lot of TLS 1.2 in use. So, why limit to coordination with the TLS WG to one version of the protocol? in the Deliverables: I think it is pretty clear what goes in two of the documents, but the previous sections do not really say what will land in the architecture document. Russ > On Jul 18, 2021, at 6:21 PM, Wes Hardaker <wjhns1@hardakers.net> wrote: > > > Folks, > > We are scheduled to have a BOF during IETF 111. Since there has been > only a few messages indicating support for the creation of the WG and > the charter, we'll likely be having a charter discussion rather than > getting real work done on clearly identifying the architecture and > corresponding problem space (bullet 1 of the charter items). > > I've updated my copy of the charter in my github page [1], based on > recent wording concerns and submitted a PR #6 [2] to MCR's github > repository. Reviews appreciated, and more importantly: concrete changes > you would like to make (OLD/NEW or PRs or ...). > > Finally, if you think this space is something the IETF should take on we > certainly need to hear more from people that believe this is an > important problem to be solved, and if so how you're willing to help. > (but even if you aren't committing to help, we at least need people that > want to participate in discussions to say so). Silence, in the IETF, > does not achieve consensus :-/ > > [1] https://github.com/hardaker/danish-bof/tree/2021-07-18-charter-revision > [2] https://github.com/mcr/danish-bof/pull/6 > > -- > Wes Hardaker > USC/ISI
- [Danish] Revised charter based on recent discussi… Wes Hardaker
- Re: [Danish] Revised charter based on recent disc… Michael Richardson
- Re: [Danish] Revised charter based on recent disc… Russ Housley
- Re: [Danish] Revised charter based on recent disc… Wes Hardaker
- Re: [Danish] Revised charter based on recent disc… Russ Housley
- Re: [Danish] [EXT] Re: Revised charter based on r… Jacques Latour