Re: [dns-privacy] New Version Notification for draft-bretelle-dprive-dot-spki-in-ns-name-00.txt
Bob Harold <rharolde@umich.edu> Thu, 14 March 2019 15:40 UTC
Return-Path: <rharolde@umich.edu>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A505B130E90 for <dns-privacy@ietfa.amsl.com>; Thu, 14 Mar 2019 08:40:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xBHB1A5h9agp for <dns-privacy@ietfa.amsl.com>; Thu, 14 Mar 2019 08:40:08 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB754130E89 for <dns-privacy@ietf.org>; Thu, 14 Mar 2019 08:40:07 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id m13so4584831lfb.6 for <dns-privacy@ietf.org>; Thu, 14 Mar 2019 08:40:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=K8YfwkMRX5DjXlV5JZzWS45RZ6nie4aGMOmBgy3BrZ0=; b=odZ2cPPB7Y/1Duv+RDQFF7SArQ+10nxUOS1aZzoT5xjqncDULGalMtg8M6jQWG6b+8 jeORnfT9kLnkh19Nqoi3T/p71ATG/BikB5OXP/3EAOKyKQZbjahNJKiB6HgQKrVukTx4 2i99IguN1VxWkrfrgjQXqWdLunmV6hKKOyRhmXlL30TuOXPRN1fhAuZnzVK+P3Ul/Vec 8r4z7QTKUDUxeUYkTxF3/ze16D99A0jru0UFckE4f21Dcd1jaIPzmMiy581EAp+KQBDp sUmxYVZGoD8Ooi38/qKBehsjmpErzZvdqb+T4CUaWgnQ+MbOiAAJg9ycpm5IBTByM0ak PGKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=K8YfwkMRX5DjXlV5JZzWS45RZ6nie4aGMOmBgy3BrZ0=; b=FnhsMunBJpjye9ol39rpHDnEKkUpRfQC+hbLxlepEF8hjjsUdHb4xNhVh6/r+rVPvN nuJwbBcKiC2QO0z6AhA0YI5NDDShba0GCdJoGuGhBANUf66PrY76QrgNaEEWomPEERzO AMQveK6d36bdXugCQhE+xq2Mqz+zEdd70I1oYdGjsPRg2TxaI8e1CXgduvOMFNI7a58b fs8mc+y0slNfH4aoeZmbYxA3Hj2CZqJ8xi0mS1EfQwmAtctW39a02g6HaSi3Sk6qb5mP nfNGfLIJf8DzqDURTAkou0NQwR+x/Beh+3QO5SqN8NpStyqfwWjdq6rxYch+1DG9QFBV SFzw==
X-Gm-Message-State: APjAAAVA67oVNEGB2++vhvTF7wz8i9H5NP/P3s8zHlWB3vjumGdGPCNI JLYrbszASvFJPe+Yne4bwatuuycmwggSZLtY87BCkXdYVWw=
X-Google-Smtp-Source: APXvYqxgoHzC3309+uD3nc0kiwZmgAD45z0Wj3bW3K/fStc9N9nA0LqzjNJ1VdZbEgrxYyNM9BAuWY61a5dcplZzeXc=
X-Received: by 2002:a19:d4cf:: with SMTP id l198mr19383073lfg.151.1552578005690; Thu, 14 Mar 2019 08:40:05 -0700 (PDT)
MIME-Version: 1.0
References: <CAArYzrLkzYgruSwGLuHEBqH-GqhGQOAKnk=m_4QZJRfW1zEeGw@mail.gmail.com>
In-Reply-To: <CAArYzrLkzYgruSwGLuHEBqH-GqhGQOAKnk=m_4QZJRfW1zEeGw@mail.gmail.com>
From: Bob Harold <rharolde@umich.edu>
Date: Thu, 14 Mar 2019 11:39:54 -0400
Message-ID: <CA+nkc8CV=FXc2BP89NVVande4cVnnV9eBQbxVCC1HKUy5uCWZA@mail.gmail.com>
To: manu tman <chantr4@gmail.com>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008403a605840fbc19"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/oZaYB5rm-LNcUkrhA6wxYNCNYDw>
Subject: Re: [dns-privacy] New Version Notification for draft-bretelle-dprive-dot-spki-in-ns-name-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2019 15:40:11 -0000
On Mon, Mar 11, 2019 at 12:21 PM manu tman <chantr4@gmail.com> wrote: > Hi all, > > I have captured in a draft the mechanism I used during IETF 103 hackathon > and which is available aan experimental module in knot-resolver[0]. I was > taken short with time before cit-off date, but I hope this will better > explain how it works. > > Manu > > [0] > https://gitlab.labs.nic.cz/knot/knot-resolver/tree/master/modules/experimental_dot_auth > > ——— > > > > A new version of I-D, draft-bretelle-dprive-dot-spki-in-ns-name-00.txt > > has been successfully submitted by Emmanuel Bretelle and posted to the > > IETF repository. > > > > Name: draft-bretelle-dprive-dot-spki-in-ns-name > > Revision: 00 > > Title: Encoding DNS-over-TLS (DoT) Subject Public Key Info (SPKI) in Name > Server name > > Document date: 2019-03-11 > > Group: Individual Submission > > Pages: 7 > > URL: > https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_internet-2Ddrafts_draft-2Dbretelle-2Ddprive-2Ddot-2Dspki-2Din-2Dns-2Dname-2D00.txt&d=DwICaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=aRgHK985qD76PXQaxDKSjA&m=jSTn0YgV5vZZxmSgDChO302kZVyakva0HQhlXmV_Ks0&s=9TmF-DXxE_0nJ6WyhRNoNSiya3N7h_pVwyRn4qIfD7U&e= > > Status: > https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dbretelle-2Ddprive-2Ddot-2Dspki-2Din-2Dns-2Dname_&d=DwICaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=aRgHK985qD76PXQaxDKSjA&m=jSTn0YgV5vZZxmSgDChO302kZVyakva0HQhlXmV_Ks0&s=5eZd00_oyy5t1SFYXYCMfv1fSl22SudK5I3pkCozKFs&e= > > Htmlized: > https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dbretelle-2Ddprive-2Ddot-2Dspki-2Din-2Dns-2Dname-2D00&d=DwICaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=aRgHK985qD76PXQaxDKSjA&m=jSTn0YgV5vZZxmSgDChO302kZVyakva0HQhlXmV_Ks0&s=ZTRurE9sjAPDCKcx8dBXgYPs0dE9LmmJ194vl04cn3Q&e= > > Htmlized: > https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_html_draft-2Dbretelle-2Ddprive-2Ddot-2Dspki-2Din-2Dns-2Dname&d=DwICaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=aRgHK985qD76PXQaxDKSjA&m=jSTn0YgV5vZZxmSgDChO302kZVyakva0HQhlXmV_Ks0&s=H0At0r1sQEdFc1snO7kIVALaFf-F1zRRHGPf3aUqkk4&e= > > > > > > Abstract: > > This document describes a mechanism to exchange the Subject Public > > Key Info (SPKI) ([RFC5280] Section 4.1.2.7) fingerprint associated > > with a DNS-over-TLS (DoT [RFC7858]) authoritative server by encoding > > it as part of its name. The fingerprint can thereafter be used to > > validate the certificate received from the DoT server as well as > > being able to discover support for DoT on the server. > > 6. IANA Considerations " TODO: This document requires IANA actions (new RR type)." What new RR type is needed? Looks to me like all standard RR's. -- Bob Harold
- [dns-privacy] New Version Notification for draft-… manu tman
- Re: [dns-privacy] New Version Notification for dr… A. Schulze
- Re: [dns-privacy] New Version Notification for dr… manu tman
- Re: [dns-privacy] New Version Notification for dr… A. Schulze
- Re: [dns-privacy] New Version Notification for dr… Bob Harold
- Re: [dns-privacy] New Version Notification for dr… manu tman