IETF Logo Mail Archive

Re: [homenet] [DNSOP] Fwd: New Version Notification for draft-mglt-homenet-dnssec-validator-dhc-options-02.txt

Joe Abley <jabley@hopcount.ca> Mon, 21 October 2013 18:27 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB24411E8467 for <homenet@ietfa.amsl.com>; Mon, 21 Oct 2013 11:27:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.557
X-Spam-Level:
X-Spam-Status: No, score=-102.557 tagged_above=-999 required=5 tests=[AWL=0.042, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AHfhZ3-H9N6A for <homenet@ietfa.amsl.com>; Mon, 21 Oct 2013 11:27:20 -0700 (PDT)
Received: from mail-ie0-x22f.google.com (mail-ie0-x22f.google.com [IPv6:2607:f8b0:4001:c03::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 7658511E8220 for <homenet@ietf.org>; Mon, 21 Oct 2013 11:27:19 -0700 (PDT)
Received: by mail-ie0-f175.google.com with SMTP id aq17so11943008iec.6 for <homenet@ietf.org>; Mon, 21 Oct 2013 11:27:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=WFGaRYLhC+Rw7Rsr3U72CzI/JUcIf2f0LFXaSgz64zk=; b=N5awJ8evAodK4Rcf1mnRcwiiuVrFzY3045XH91ujL4vGndag/xULSZNaMYGezRLP6c BA6Vz7or6FxKamyPdgwUKcvYGE9DAcYQpi3b6nCjEzUZR3gyrqDTtnzRTkRIU8rufQnh yE6C45hyLoMhy2XHRYuy7RQsk8qSckBv+1tus=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=WFGaRYLhC+Rw7Rsr3U72CzI/JUcIf2f0LFXaSgz64zk=; b=B0USY1NeKNFyGACHNgai7FTKHcLGMorC0S3eEsDT7DhryubRL/Pqw1nsunkktOrjHb bxygYNMWamUUiYo1GGJnF8ZkhvnE4l2L9MmGa8smbCD6vNXbsJxourRFPNN8L0SJEpxt fTGSMohTWavRWdimg8X7pJuo3o0D537U5Wfy4xibYtlv9D2ulw2GvZIcs3DqkYDY/Tqd SipHp98N1tMLeYa61qFxpxi6n0ATKCZ2bKv47KYVAxudUsI5/MF38QP/paYTjGeXooyZ d/6U98vj9hooaVRCrCm0UhQg3hfzZNmc3cTvBrnScM0RX2JW0K18jZ+v+Bg4RA+d4Kjn iUWg==
X-Gm-Message-State: ALoCoQm9mKoJoJJ0wOEaTBHzqALELgHozPkY/91iMOvmp37GuvvW6liAA/HZJPjei8GVkB3USONP
X-Received: by 10.50.50.225 with SMTP id f1mr10630484igo.2.1382380038975; Mon, 21 Oct 2013 11:27:18 -0700 (PDT)
Received: from [192.168.1.163] (CPEd85d4ca3c203-CM00222dd65b0d.cpe.net.cable.rogers.com. [99.250.3.202]) by mx.google.com with ESMTPSA id q6sm31635667igi.0.2013.10.21.11.27.18 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 21 Oct 2013 11:27:18 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <alpine.LFD.2.10.1310211341050.24547@bofh.nohats.ca>
Date: Mon, 21 Oct 2013 14:27:20 -0400
Content-Transfer-Encoding: 7bit
Message-Id: <829622C6-AE6A-45DC-B650-E7E2A5D9DC31@hopcount.ca>
References: <20131021071220.8650.43280.idtracker@ietfa.amsl.com> <CADZyTknNZD_L8Jr1zndAH7_Ckd7Ga-d=y1twF4KT9=NONXzjpA@mail.gmail.com> <alpine.LFD.2.10.1310211341050.24547@bofh.nohats.ca>
To: Paul Wouters <paul@cypherpunks.ca>
X-Mailer: Apple Mail (2.1510)
X-Mailman-Approved-At: Tue, 22 Oct 2013 01:15:15 -0700
Cc: homenet@ietf.org, dnsop <dnsop@ietf.org>, Daniel Migault <mglt.ietf@gmail.com>
Subject: Re: [homenet] [DNSOP] Fwd: New Version Notification for draft-mglt-homenet-dnssec-validator-dhc-options-02.txt
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homenet>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Oct 2013 18:27:21 -0000

On 2013-10-21, at 14:16, Paul Wouters <paul@cypherpunks.ca> wrote:

> For CPE devices, I think querying for the root key without dnssec to
> use as time and possible TA is something it could possibly prompt the
> user for. It would work without DHCP and not require new DHCP options.
> CPE devices could also insecurely query for the proper ICANN website and
> grab the trust anchor bundle (i.e. what unbound-anchor does) and use the
> certificate of ICANN.

See also draft-jabley-dnsop-validator-bootstrap-00.


Joe

v2.23.0 | Report a Bug | By Email