Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

Petr Špaček <petr.spacek@nic.cz> Thu, 23 April 2020 05:45 UTC

Return-Path: <petr.spacek@nic.cz>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A35113A148F for <dnsop@ietfa.amsl.com>; Wed, 22 Apr 2020 22:45:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nic.cz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NEU07Ck8PQLM for <dnsop@ietfa.amsl.com>; Wed, 22 Apr 2020 22:45:43 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 631833A148E for <dnsop@ietf.org>; Wed, 22 Apr 2020 22:45:41 -0700 (PDT)
Received: from pc-cznic19.fit.vutbr.cz (unknown [IPv6:2001:1488:fffe:6:5c39:29ff:fe8a:696c]) by mail.nic.cz (Postfix) with ESMTPSA id E1FC213FC64 for <dnsop@ietf.org>; Thu, 23 Apr 2020 07:45:38 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nic.cz; s=default; t=1587620739; bh=ftipvVss211iZRHRy7YJQOiuasFINb7rrS33S7uv6oY=; h=To:From:Date; b=Z6nJ2C6uULeqjqBgrYuZ5TkROhf+JQo0EId+VDgUHNA3zqg24udT4kxxijRJ8Y47+ yzvjqZx8EWrYXFFimHg6a3dk9utLk/pVSQjDk3i5PeQi+RsRMlaErqPVowHcRlpC2M oyu+dUSUkJWFFWAR0VHxt7zOT97+f3jLBMqi8sqc=
To: dnsop@ietf.org
References: <CADyWQ+FLrTy0gy8iCyAPsDpiumDNQHX4TGPni43ThA=W3fmZew@mail.gmail.com>
From: =?UTF-8?B?UGV0ciDFoHBhxI1law==?= <petr.spacek@nic.cz>
Autocrypt: addr=petr.spacek@nic.cz; prefer-encrypt=mutual; keydata= mQINBFhri/0BEADByTMkvpHcvPYwyhy0IDQ1B2+uU6AWP0QJQB3upM/YqxoJBeMQ5SxpO+W6 BsU0hTIF90AKIgiiDtMH1oNhHnzRXqePKORIgL3BbH5OxGcbqCYk1fIKk43DliCN1RcbTyRV REnCRQGWMTUbRS/jQ3uyTAX4rT0NhPWhPy6TMLGEg6WJJz0IzhBEw3TitvAlq6XHbi5EZYwU AHqIcuqr3sS+qkWqlIBlahu1hqhTcmYGz7ihjnWkOFi1rjRfLfudAtgFpUSmsixh2tifdy+C d8OBQbtF2kM7V1X5dUzw/nUBXm1Qex2qohRmCspwqivu7nlDMrLoilmPaeoR5evr5hpIDdfP cJAPTJk4n56q6MTHFJWkGa0yq13AJHLANNjQ/dF+W6Dhw9w2KBpuw0iGZQBBf5G9SQ1xJ+tU 9filaldsTAX1gMkVso//kGEbuRIJnJr7Z8foE/zofFyoAv21VWy2vpgQ3CnEWOZMSmYH7/gZ qcM7nfkjk4zAijpjYA3qlXoWa44/nrkAGvt7sAMsxY1C2H7tr3h3/rwyfbBqQ9nMpNwYLXXa Dil7uzyqlpKDjwWCzYd3sH7ATyT4htrd0BY5+IFimSfHyLwixhakH8E14YYyV9tzkrB7fiWd g7+zDThLtZMvtrehtkjVDPT50xg8TMr68hd3GRWBUJHszMTnlQARAQABtCJQZXRyIMWgcGHE jWVrIDxwZXRyLnNwYWNla0BuaWMuY3o+iQJUBBMBCAA+AhsDBQsJCAcCBhUICQoLAgQWAgMB Ah4BAheAFiEEvibrucvgWbORDKNbzo3WoaUKIeQFAl4QsCEFCQeWKZ8ACgkQzo3WoaUKIeRd HBAApKY18pJ+g172AeAefYwPoIZRM5WDNopHw/l7ErfMNzm9Da0/gOy8CUH2gA+qF+ufryIs DY0akLVaL7X21+hAp3gFX+/GHqSjJcmWvEfU7eoLl9OxE8NvQd2V/DPVDqnQscTUUba5taAU OM51bU+vCNQXlT3uuntIOwwbB9W6hMSe16EhB9mzj6hozyTemsfHTjoNJbVrhLzf3Idnp3fY rO0qfqOlwIi+5YWT0SHSVx6zmOBStzT4otRtFyfKD+CXdFOt40Dw1qYlZt2ms3kcaEk/+Uub SKZhr5IsSE5rV8TasKiQvP/ToxPyk1QkqCrzzroGrkMHfzW7MACvpKWnQAjhiVuO++Ne4XMJ h8zL0c31u5MQ76zckowHtGy9plwKFoIrtRB2UgwjtvTSkXn7nC6YVoDlCe/WD7PYfpig9iaO bQwP3fAq+sx+BU6eIZC7edZU8rqi3SWrg4p9jH0SmU1BwO7dwgbMyAEYpiv+mNu9pIBFxLqL ihSk+1M+Y3EaJP0QeKFI6qeZuJAOhkO4Gi7lTLXo4AepjnKPzN15LJJBg3W9t9Zss/Hp11se r/N87fn6XlzV+yfq0gYwJufF2MsDVaU3NQhT/0cXks6Gh4MvUcEircxTaAbaEP7mbMc5o4S4 n0V+MoU+ohqRrPW9gngGxIziKeFey4RBIKfpLgC0IFBldHIgU3BhY2VrIDxwZXRyLnNwYWNl a0BuaWMuY3o+iQJUBBMBCAA+AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAFiEEvibrucvg WbORDKNbzo3WoaUKIeQFAl4QsBwFCQeWKZ8ACgkQzo3WoaUKIeTkEQ//eyj4Odb1AoZJk6Y0 wkPG+9vvC1UwIOMPlerIzHv3ukrSCBdNQG/1vfaDH/xM8ywHHGKnvrIoGbuAyO6llLvo8Mir JwnqRmcChkFPwx78piJPHdWGQzQT9lWObEgwwonB9xQmxU7ih8WKfBpB+ME9knYycoYJwXiJ vLTjQg5Xe2eXa8fbiNY+v2B3Wwza41Ke7dzYUcdPAMaDPhX4x3GeWUv+y1WP7mFAi2JxQV/L ZZuiYVDR526wwWOe6DZyUZC9S6qD6qaPvqJ/j3hzgSBpJUvSDlvmsdWAZZd9bUbMgU4BpwLv 7yh/6NyQGRs3SuCjmRKek7rS+dngqYNAYISSKnFDvst00kGBmT8/Ys2oB/VXqAsP+ej0Qp1g XyV2gfIbzSIHwFOXgX7+fVN8qqqcToOZJ8ibfbshSrrEZ69QGHTZcU/wbVRmLl1Nrk0BEEd8 lTFhbl13eJkUN5jlWdTofW/mYoccvySMJP7IzVri+6UjS2JB/CcCR/v9g0vl2tmt5hc+XGNu m6sVfLcF2fbG+tkmm1tjzwSYcbhGetQ8Gq0mtpuglnetRPLqvEvbcJBISMG2Dnu1o7epMVbe qmFqRuYrEWncuK/k2BCla1G+a+0PUwNdRXHpBlHnWnaE9FzT8GU0L23p1dcj/vCUH9Z5b9uz OygWMJcrpXjAxMUsUPa5Ag0EWGuL/QEQAMWnhl/FKgpMBp3QiQUr0JWhnpcrLBgsU08+HPD7 6Bu8cvYRftCqESypuxYxikfiNz8qrnk5hhT+UhxQu4PRj2gNHbpcVCi7QV5I2fNEZvrTtTw4 U49D56L3YybVg9DfcY+PwaptCmQCnfmx+MnrhMf8RBjfxE3feOwdGSHC1ZT/rKj5FmztwVG6 KG4uXwW6g/QDm7/H6U014gGTx/bstVisXzU1IMMNiOc5sJqH5AvMYDAYO2NaQFVrCmgdbCrn w5BLHmmLDI4KcUl4U41FxNGA7Pbf2uwQDkt5h+Y4Zyc3AboIegnll1YnDk5X0GgDtRMcb3nF UdXlCISbqrqKAjrApXZG0VLtGh7Ra3wfuALjUl6popNSwaTPq4mtoXyaYrJLwT6ZKHd2Oap0 k0cXWkmorEDE9gD1jSM+dhZ4Qfh8945HZi8GPO2zJ72c6/UC4o27Td27OhzJT3kN8/+XA0mv lIf3XxV/W3tZwmP12Don0lzks7CDXdCvfVO5mKOsx2ozsskoL/S06RJ5c2gyUck4ipuqbs3j XgjQfK1sQ1/sCLIPE0DlPMkqQHR4E8ubYUxAIct9qwkeBsKtC63qdjDd/caff48PMYQcj2x9 C/+Zi87vuhFIbD7cfLVOjEidwiKsDJGlrkp08uSUOkAO+l+ReO4voh9lnQ4hYotJFr8NABEB AAGJAjwEGAEIACYCGwwWIQS+Juu5y+BZs5EMo1vOjdahpQoh5AUCXhCwQQUJB5YpxAAKCRDO jdahpQoh5KUKEACZrrC0gOit1Ur0UQ/DL0wqIFPGmNW6bvBuyASm8HMpBA/ip6SqIebejC/Q lGU88Of7csaadKXlcAtN2W2eyKX+pwrIGlL9+laHDu+Gn8wG+0uUDSIEIS7juhycLRa2rNwh dx89ArwmAs+UNglXPqIc9nfMXK4tXdJSAjk7yekd/0WRc2fjsY292C4hQ51/vUpMpU+cDFw/ bwW7t7HEL/oRkRpDkPufFSLPfGVX2rqRnKaDM4xmpUXB5N2PC65umPxRq/YY3f+j/jAfaWWB 27SFiRpC4T48HNse0ZGKoeWnfYZpyYqnIRSURLu0ykYr9B90S/MteKxHDALNfllocQOgM0Bn Ama5S+cVqew97CJEAthW7PGe6Oa3k+dH340svGvrTFdJGH/3hCGDw3b3o4vV8F653fBk0qHJ UO7QoFaCuTFhQhCUEP3EVGFeT/TR4lGGUtmdeiyUgymzp3yVVYNgf+t4LO/+CIK8uFQAA+cx xNlj5NXS5+vyy2bQ8paZIw0B0pInOSvxQywwLPr8hv0gnOLMTmBPwPAsJsW4wwFe6CIHSNW1 Ctj7N4X/CwAzGZ1s8jTuWXoaJT7UaycXQpi8mRnMBoDM/mS/xiKMlXPbAbKgbhaVpziTNJzo IX3KjUN/6ZGVnN22b886q+lffrx5QYuxHwIA0gHzJiBopEjrOQ==
Organization: CZ.NIC
Message-ID: <c46c57f7-f99c-526c-cefc-8c385061f875@nic.cz>
Date: Thu, 23 Apr 2020 07:45:38 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <CADyWQ+FLrTy0gy8iCyAPsDpiumDNQHX4TGPni43ThA=W3fmZew@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US-large
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.4 at mail
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/tj4YmFM26Evx8t57usunJejY4Lo>
Subject: Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2020 05:45:50 -0000

Hi dnsop,

I support adoption under condition that the envisioned "DNSSEC Transparency" mechanism is documented and somewhat tested before "powerbind" draft progresses into form of RFC.

At the moment there are insufficient details published for the dnsop WG to judge whether powerbind+transparency proposals together fulfill intended purpose.

I would hate to see "powerbind" published for vendors to implement before (at least!) proof-of-concept implementations of powerbind _and_ Transparency are done. That's the only way to make sure some little details are not preventing vendors from implementing practical proposals.

RFCs 7901 (CHAIN extension) and 8094 (DTLS) should serve us as warnings.

Petr Špaček  @  CZ.NIC


On 20. 04. 20 20:03, Tim Wicinski wrote:
> 
> All,
> 
> As we stated in the meeting and in our chairs actions, we're going to run
> regular call for adoptions over next few months.  
> 
> From the presentation during the last meeting, there was interest in
> adtoping this document around the idea of DNSSEC transparency.  This
> interest comes the privacy side of things, more than the DNS side.  
> 
> This starts a Call for Adoption for draft-pwouters-powerbind
> 
> The draft is available here: https://datatracker.ietf.org/doc/draft-pwouters-powerbind/
> 
> Please review this draft to see if you think it is suitable for adoption
> by DNSOP, and comments to the list, clearly stating your view.
> 
> We are looking for *explicit* support for adoption.
> 
> Please also indicate if you are willing to contribute text, review, etc.
> 
> This call for adoption ends: 4 May 2020
> 
> Thanks,
> tim wicinski
> DNSOP co-chair