[DNSOP] Fwd: New Version Notification for draft-dickson-dprive-adot-auth-06.txt
Brian Dickson <brian.peter.dickson@gmail.com> Wed, 10 November 2021 03:27 UTC
Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E97563A10A2; Tue, 9 Nov 2021 19:27:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M3cczF1YQk_b; Tue, 9 Nov 2021 19:27:47 -0800 (PST)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E6763A109B; Tue, 9 Nov 2021 19:27:47 -0800 (PST)
Received: by mail-lf1-x131.google.com with SMTP id y26so2473968lfa.11; Tue, 09 Nov 2021 19:27:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=ZeU3W4rUUbJZOHMStndZDLSDqA0kcIJcYSDnycWdxXo=; b=W2t5pjwn/QeJn6wRjok4DClOLrPIgihgegzQs5TJabN8QoKABy4zbNT9lfDIVL73ii Qksa6nnUap/xju9tdIqaQ0SDd6nJNvN8sbayAY3Cguo4Bc6d4fI+2CUGtFVIT91glPdH giCX9E57CH8D6HPs5tpTSjQ+romkE3mI1tIF15uaspjJpRPMBm10AF+nWqyjrqphq9go qvzDNC/wCiEOcpxksxYm+bzcLG43FWAohglzXKaj5j5fU/kTUS00TgvpP3RXVZPOM1KH lyFqmzHSQctoqwZ1guJxamsggwxwn68np9j+9TQQYVWP9vIX+arxB+7ne3l08kZHyMiL p00A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=ZeU3W4rUUbJZOHMStndZDLSDqA0kcIJcYSDnycWdxXo=; b=jm/r34J67rpLD6NbWuLDqlz/TykXOf6buxkWGBAHcHDKCuBYF3PU4Mo5qU7ha97Qyv z6NzOZ2e8XitcoTX9KN5tCFIt5tP2s2Yic5HJ6B7vezuuRg5xks+WqLAE6LMjoHiPJiD zjycMd2gUOff/ua+xLdcRQ/D0+CGJw0lgcMYbzu2r/mC2nf2M+wPdulrEWk4JL/zK31m J/+fYQBoSvKORipTkqYYU1BTbySyVdNUI/nGt4jjH6XpDsbkwb49tsMl99eA25bmQB6+ H9Bjx1/7DDrp8a7GfqIW4wJwItPkWXZwbCzXsjkBViCSTdP7wb264CCE+2WuJYkXdolN Jolg==
X-Gm-Message-State: AOAM5308RX7EyvMUnxCywFQ0erzRSnn/Zv5XIkB+swkwjtbrmygaIm15 0Rhc1AN8+BN10ujFzRhm+a6l+XV1XtUZBQ9jOqD4ek8G
X-Google-Smtp-Source: ABdhPJxPvz8cVWu5bOThyMP7Pynu/YGWDWbMDbxXcjhuppJPrrhJfQi40RMxdy9OZFsUVGeqx9Ei8jbQl7V3OK/An1w=
X-Received: by 2002:a05:6512:1023:: with SMTP id r3mr11741966lfr.47.1636514863697; Tue, 09 Nov 2021 19:27:43 -0800 (PST)
MIME-Version: 1.0
References: <163651029181.21064.17796757755605669958@ietfa.amsl.com>
In-Reply-To: <163651029181.21064.17796757755605669958@ietfa.amsl.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
Date: Tue, 09 Nov 2021 19:27:32 -0800
Message-ID: <CAH1iCir-oE9v4dzPLLUGxsySvdk7g2xiHag2BuuSZQ0h9qwUPQ@mail.gmail.com>
To: "dnsop@ietf.org WG" <dnsop@ietf.org>, dprive@ietf.org
Content-Type: multipart/alternative; boundary="0000000000001ed41105d066cf61"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/bUXEAmM1fAt_x7sFAPC7gvsejQA>
Subject: [DNSOP] Fwd: New Version Notification for draft-dickson-dprive-adot-auth-06.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Nov 2021 03:27:52 -0000
Dear DPRIVE and DNSOP, Here is one of the drafts referenced in my presentation(s) on Thursday. Brian ---------- Forwarded message --------- From: <internet-drafts@ietf.org> Date: Tue, Nov 9, 2021 at 6:11 PM Subject: New Version Notification for draft-dickson-dprive-adot-auth-06.txt To: Brian Dickson <brian.peter.dickson@gmail.com> A new version of I-D, draft-dickson-dprive-adot-auth-06.txt has been successfully submitted by Brian Dickson and posted to the IETF repository. Name: draft-dickson-dprive-adot-auth Revision: 06 Title: Authenticated DNS over TLS to Authoritative Servers Document date: 2021-11-09 Group: Individual Submission Pages: 17 URL: https://www.ietf.org/archive/id/draft-dickson-dprive-adot-auth-06.txt Status: https://datatracker.ietf.org/doc/draft-dickson-dprive-adot-auth/ Html: https://www.ietf.org/archive/id/draft-dickson-dprive-adot-auth-06.html Htmlized: https://datatracker.ietf.org/doc/html/draft-dickson-dprive-adot-auth Diff: https://www.ietf.org/rfcdiff?url2=draft-dickson-dprive-adot-auth-06 Abstract: This Internet Draft proposes a mechanism for DNS resolvers to discover support for TLS transport to authoritative DNS servers, to validate this indication of support, and to authenticate the TLS certificates involved. This requires that the name server _names_ are in a DNSSEC signed zone. This also requires that the delegation of the zone served is protected by [I-D.dickson-dnsop-ds-hack], since the NS names are the keys used for discovery of TLS transport support. Additional recommendations relate to use of various techniques for efficiency and scalability, and new EDNS options to minimize round trips and for signaling between clients and resolvers. The IETF Secretariat
- [DNSOP] Fwd: New Version Notification for draft-d… Brian Dickson