[DNSOP] Fwd: New Version Notification for draft-dickson-dprive-adot-auth-06.txt

Brian Dickson <brian.peter.dickson@gmail.com> Wed, 10 November 2021 03:27 UTC

Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E97563A10A2; Tue, 9 Nov 2021 19:27:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M3cczF1YQk_b; Tue, 9 Nov 2021 19:27:47 -0800 (PST)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E6763A109B; Tue, 9 Nov 2021 19:27:47 -0800 (PST)
Received: by mail-lf1-x131.google.com with SMTP id y26so2473968lfa.11; Tue, 09 Nov 2021 19:27:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=ZeU3W4rUUbJZOHMStndZDLSDqA0kcIJcYSDnycWdxXo=; b=W2t5pjwn/QeJn6wRjok4DClOLrPIgihgegzQs5TJabN8QoKABy4zbNT9lfDIVL73ii Qksa6nnUap/xju9tdIqaQ0SDd6nJNvN8sbayAY3Cguo4Bc6d4fI+2CUGtFVIT91glPdH giCX9E57CH8D6HPs5tpTSjQ+romkE3mI1tIF15uaspjJpRPMBm10AF+nWqyjrqphq9go qvzDNC/wCiEOcpxksxYm+bzcLG43FWAohglzXKaj5j5fU/kTUS00TgvpP3RXVZPOM1KH lyFqmzHSQctoqwZ1guJxamsggwxwn68np9j+9TQQYVWP9vIX+arxB+7ne3l08kZHyMiL p00A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=ZeU3W4rUUbJZOHMStndZDLSDqA0kcIJcYSDnycWdxXo=; b=jm/r34J67rpLD6NbWuLDqlz/TykXOf6buxkWGBAHcHDKCuBYF3PU4Mo5qU7ha97Qyv z6NzOZ2e8XitcoTX9KN5tCFIt5tP2s2Yic5HJ6B7vezuuRg5xks+WqLAE6LMjoHiPJiD zjycMd2gUOff/ua+xLdcRQ/D0+CGJw0lgcMYbzu2r/mC2nf2M+wPdulrEWk4JL/zK31m J/+fYQBoSvKORipTkqYYU1BTbySyVdNUI/nGt4jjH6XpDsbkwb49tsMl99eA25bmQB6+ H9Bjx1/7DDrp8a7GfqIW4wJwItPkWXZwbCzXsjkBViCSTdP7wb264CCE+2WuJYkXdolN Jolg==
X-Gm-Message-State: AOAM5308RX7EyvMUnxCywFQ0erzRSnn/Zv5XIkB+swkwjtbrmygaIm15 0Rhc1AN8+BN10ujFzRhm+a6l+XV1XtUZBQ9jOqD4ek8G
X-Google-Smtp-Source: ABdhPJxPvz8cVWu5bOThyMP7Pynu/YGWDWbMDbxXcjhuppJPrrhJfQi40RMxdy9OZFsUVGeqx9Ei8jbQl7V3OK/An1w=
X-Received: by 2002:a05:6512:1023:: with SMTP id r3mr11741966lfr.47.1636514863697; Tue, 09 Nov 2021 19:27:43 -0800 (PST)
MIME-Version: 1.0
References: <163651029181.21064.17796757755605669958@ietfa.amsl.com>
In-Reply-To: <163651029181.21064.17796757755605669958@ietfa.amsl.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
Date: Tue, 09 Nov 2021 19:27:32 -0800
Message-ID: <CAH1iCir-oE9v4dzPLLUGxsySvdk7g2xiHag2BuuSZQ0h9qwUPQ@mail.gmail.com>
To: "dnsop@ietf.org WG" <dnsop@ietf.org>, dprive@ietf.org
Content-Type: multipart/alternative; boundary="0000000000001ed41105d066cf61"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/bUXEAmM1fAt_x7sFAPC7gvsejQA>
Subject: [DNSOP] Fwd: New Version Notification for draft-dickson-dprive-adot-auth-06.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Nov 2021 03:27:52 -0000

Dear DPRIVE and DNSOP,
Here is one of the drafts referenced in my presentation(s) on Thursday.
Brian

---------- Forwarded message ---------
From: <internet-drafts@ietf.org>
Date: Tue, Nov 9, 2021 at 6:11 PM
Subject: New Version Notification for draft-dickson-dprive-adot-auth-06.txt
To: Brian Dickson <brian.peter.dickson@gmail.com>



A new version of I-D, draft-dickson-dprive-adot-auth-06.txt
has been successfully submitted by Brian Dickson and posted to the
IETF repository.

Name:           draft-dickson-dprive-adot-auth
Revision:       06
Title:          Authenticated DNS over TLS to Authoritative Servers
Document date:  2021-11-09
Group:          Individual Submission
Pages:          17
URL:
https://www.ietf.org/archive/id/draft-dickson-dprive-adot-auth-06.txt
Status:
https://datatracker.ietf.org/doc/draft-dickson-dprive-adot-auth/
Html:
https://www.ietf.org/archive/id/draft-dickson-dprive-adot-auth-06.html
Htmlized:
https://datatracker.ietf.org/doc/html/draft-dickson-dprive-adot-auth
Diff:
https://www.ietf.org/rfcdiff?url2=draft-dickson-dprive-adot-auth-06

Abstract:
   This Internet Draft proposes a mechanism for DNS resolvers to
   discover support for TLS transport to authoritative DNS servers, to
   validate this indication of support, and to authenticate the TLS
   certificates involved.

   This requires that the name server _names_ are in a DNSSEC signed
   zone.

   This also requires that the delegation of the zone served is
   protected by [I-D.dickson-dnsop-ds-hack], since the NS names are the
   keys used for discovery of TLS transport support.

   Additional recommendations relate to use of various techniques for
   efficiency and scalability, and new EDNS options to minimize round
   trips and for signaling between clients and resolvers.




The IETF Secretariat