Re: [Din] Fwd: New Version Notification for draft-mayrhofer-did-dns-01.txt
Alexander Mayrhofer <alex.mayrhofer.ietf@gmail.com> Mon, 18 February 2019 14:01 UTC
Return-Path: <alex.mayrhofer.ietf@gmail.com>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92806130F61 for <din@ietfa.amsl.com>; Mon, 18 Feb 2019 06:01:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W2Sz0R9Xc0_p for <din@ietfa.amsl.com>; Mon, 18 Feb 2019 06:01:07 -0800 (PST)
Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46428130F0F for <din@irtf.org>; Mon, 18 Feb 2019 06:01:07 -0800 (PST)
Received: by mail-lj1-x230.google.com with SMTP id z25so6617611ljk.8 for <din@irtf.org>; Mon, 18 Feb 2019 06:01:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xrKMxa3eLLvIENo5zHYk34Tv2Ez2s6JXwIAaF9Z4Z70=; b=Dzj1McnijAKX1tMQM+90dUkr0SmKPokJDJz8IwUypLBsj2Sf8Eat3Eh5Uwr3zo+sgF ojVe4Czb7sMaJsQMsroK/nGfYH4xBGVej54IlAzAgELW99DyqmXsjIJtUjz0zYhtnn0r 6uh75uYqar9gN2mLHETNTutPqgzgntD3skhXo0fa/Q/5Re6htEjfLNY4gOkLsns+uu97 LRqwdd0FKxVECx9q7TvWKmVVnUOX504fbK3ljwCwpe9axj7dq6jFzLC+PeGJZBxbDqnj /C+P+PxMcC8bsgFNMPral4bsDSfNy9QnNMawFdTgsXM7JYF0/RXJxn6UoeFZlALWb56q IuUQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xrKMxa3eLLvIENo5zHYk34Tv2Ez2s6JXwIAaF9Z4Z70=; b=l1ve9mK10HBXng27zFtFLKn+aqAfI5TV3j5iGVBwyNVJvTN0VP9Y/T6hoyKEEojVWj 24WKCqldyBi3woyxRWW3oB6sQlaCtIPe4g7FIwFEcfvl3T3nhqXzjIZurfvck4qR8kSC /U1oKUpvyEUT+/jafNnn0l4Y8RdToCzO2fJk69BbG2ev5yj0u1rauZwTNCO2TxdeijXX YHyS2ZtJ3dNnRr1ZWnMMnTf2OQsR+WnvOuFdPJX+aqBSiHTX+XMf8fNScxdRyI0Mt4Gm DjPAB/XQteLqFjEC/wLPNZQn5rHSqFzmCTe24w4zbJj7k61wWZ4Yyby2ceVjrHPVQUEz eEqQ==
X-Gm-Message-State: AHQUAubN1M9mAYrJaL4x8wW3R69YlovuqPQJfNAe4xgAe4zdJbdPwKbm gsWI/N3/mya6wfZ4PJzdoqhDkjPwyTK0JupZMHA=
X-Google-Smtp-Source: AHgI3IZA1EKSTmHE09ipOSQxS1BhyJsMXMnycZ0yt44y5du0fKczzsJqKvLQKkloBXhjOfbrNRWHAbHYQXOTQE3LHZQ=
X-Received: by 2002:a2e:90cd:: with SMTP id o13mr4866643ljg.153.1550498465345; Mon, 18 Feb 2019 06:01:05 -0800 (PST)
MIME-Version: 1.0
References: <154963392249.31188.16873618915255886209.idtracker@ietfa.amsl.com> <CAHXf=0r0DqC_XHw-2=h4ZkH5SgjzTjPMuML3GjxtQbe6so3=vw@mail.gmail.com> <20190215093714.t23ulbslbg52t2dp@nic.fr>
In-Reply-To: <20190215093714.t23ulbslbg52t2dp@nic.fr>
From: Alexander Mayrhofer <alex.mayrhofer.ietf@gmail.com>
Date: Mon, 18 Feb 2019 15:00:54 +0100
Message-ID: <CAHXf=0o4CBNV2UsskGA5xQ2Vam4jeTPgpnEEvhUp8h3rb0=5Xw@mail.gmail.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Cc: IETF DNSOP WG <dnsop@ietf.org>, din@irtf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/qYqtZPZVvXodDX_A8aePE7Rho5Q>
Subject: Re: [Din] Fwd: New Version Notification for draft-mayrhofer-did-dns-01.txt
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Feb 2019 14:01:18 -0000
Stephane, all, [I feel cautious about continuing to cross-post this to dnsop as well as dinrg - however, it does apply to both areas, so i'll keep both groups in for now] On Fri, Feb 15, 2019 at 10:37 AM Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote: > I think that it is an important work because it brings the power of > the DNS to many other identifier systems. So, I support it. Thanks - great to hear. I'm hearing that DIDs are being used in more and more situations, so i think it makes sense to define that "bridging" protocol between the two "worlds. > May be more examples could help people figure out the use cases? "My > Bitcoin address is at foobar.example" and then the Bitcoin software > would query _did.foobar.example and get > <did:bitcoin:1NZc7FJ7eHJgRMRSrmncJJM9bPnusJeuR6>. I will add more examples in the next revision. We also need to include an example for the "email address" use case. > I note that there exists already non-standard (and probably not really > deployed) solutions in that space, some specific to a TLD > <https://www.nominet.uk/domain-names-unlock-new-potential-on-blockchain/> > <http://domainincite.com/23273-my-brain-explodes-trying-to-understand-mmxs-new-blockchain-deal-for-luxe> I'm aware of the .luxe initiative, however, i haven't yet seen any technical specifications about how the connection between DNS and Blockchains is performed. If anybody has a pointer, i'd definitely appreciate it. The other alternative proposal i've found is https://openalias.org/ - scroll down for their definition of the TXT record. They don't use DIDs as far as i understand, though. > Regarding draft -01: it seems OK to me. The only problem I find: > > > particularly the concerns around downgrade attacks when the record > > is not signed > > Why downgrade attacks specifically? Without DNSSEC, a lot of attacks > are possible. I agree, that section requires some rewording. I'm referring to the language in the OpenPGP DANE RFC here. I'm happy to work on more text, and open to suggestions :) best, Alex
- [Din] Fwd: New Version Notification for draft-may… Alexander Mayrhofer
- Re: [Din] Fwd: New Version Notification for draft… Stephane Bortzmeyer
- Re: [Din] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Din] Fwd: New Version Notification for draft… Melinda Shore
- Re: [Din] Fwd: New Version Notification for draft… Alexander Mayrhofer
- Re: [Din] Fwd: New Version Notification for draft… Alexander Mayrhofer
- Re: [Din] Fwd: New Version Notification for draft… Alexander Mayrhofer
- Re: [Din] [DNSOP] Fwd: New Version Notification f… Paul Wouters