Re: [dns-privacy] draft-ietf-dprive-dtls-and-tls-profiles: configuration

Sara Dickinson <sara@sinodun.com> Wed, 26 October 2016 13:25 UTC

Return-Path: <sara@sinodun.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13616129657 for <dns-privacy@ietfa.amsl.com>; Wed, 26 Oct 2016 06:25:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w1eQTRZ3jU91 for <dns-privacy@ietfa.amsl.com>; Wed, 26 Oct 2016 06:24:59 -0700 (PDT)
Received: from shcp01.hosting.zen.net.uk (shcp01.hosting.zen.net.uk [88.98.24.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0068B12965D for <dns-privacy@ietf.org>; Wed, 26 Oct 2016 06:24:58 -0700 (PDT)
Received: from [62.232.251.194] (port=6033 helo=virgo.sinodun.com) by shcp01.hosting.zen.net.uk with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from <sara@sinodun.com>) id 1bzOCD-0005ws-4y; Wed, 26 Oct 2016 14:24:55 +0100
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\))
From: Sara Dickinson <sara@sinodun.com>
In-Reply-To: <0C22EAF1-6087-44C4-9F33-D9CFAD78B01C@vpnc.org>
Date: Wed, 26 Oct 2016 14:24:46 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <DEC6674A-3242-4577-ADD3-EEA0662F3AE9@sinodun.com>
References: <0C22EAF1-6087-44C4-9F33-D9CFAD78B01C@vpnc.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
X-Mailer: Apple Mail (2.3226)
X-OutGoing-Spam-Status: No, score=-2.9
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - shcp01.hosting.zen.net.uk
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - sinodun.com
X-Get-Message-Sender-Via: shcp01.hosting.zen.net.uk: authenticated_id: sara+sinodun.com/only user confirmed/virtual account not confirmed
X-Authenticated-Sender: shcp01.hosting.zen.net.uk: sara@sinodun.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/NS26wtoyJ-iQC6_tRpXFDRKFYt8>
Cc: dns-privacy@ietf.org
Subject: Re: [dns-privacy] draft-ietf-dprive-dtls-and-tls-profiles: configuration
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Oct 2016 13:25:00 -0000

> On 23 Oct 2016, at 00:26, Paul Hoffman <paul.hoffman@vpnc.org> wrote:
> 
> Greetings. Someone reading this document for the first time might not understand where the DNS name that is being discussed in the main body of the document was found. It is not until Section 8 ("Out of Band Sources of Domain Name") that this is mentioned, and that feels much too late.
> 
> The document might be much more approachable if Section 8 was moved to immediately after Section 3, and if it was re-titled "Configuration of the Domain Name for Verification

Hi Paul, 

This is a good point. As suggested in my other email I propose including a definition in the Terminology section of ‘authentication domain name’. Here is what I suggest:

* Authentication domain name: A domain name that can be used to authenticate a DNS Privacy enabling server. Sources of authentication domain names are
   discussed in Section * and Section *. 

And then also moving sections 7 and 8 to immediately after section 4. I suggest after section 4 rather than 3 because 4 is currently the ‘Discussion’.  However I’m not averse to splitting the Discussion section up as it is rather large now….

Sara