Protocol Action: 'The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA' to Proposed Standard (draft-ietf-dane-protocol-23.txt)

The IESG <iesg-secretary@ietf.org> Fri, 15 June 2012 12:12 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B83D821F85C7; Fri, 15 Jun 2012 05:12:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.502
X-Spam-Level:
X-Spam-Status: No, score=-102.502 tagged_above=-999 required=5 tests=[AWL=0.097, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tHtQ99EbiMqi; Fri, 15 Jun 2012 05:12:39 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3CE921F860E; Fri, 15 Jun 2012 05:12:39 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA' to Proposed Standard (draft-ietf-dane-protocol-23.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 4.20
Message-ID: <20120615121239.13766.94700.idtracker@ietfa.amsl.com>
Date: Fri, 15 Jun 2012 05:12:39 -0700
Cc: dane mailing list <dane@ietf.org>, dane chair <dane-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2012 12:12:41 -0000

The IESG has approved the following document:
- 'The DNS-Based Authentication of Named Entities (DANE) Transport Layer
   Security (TLS) Protocol: TLSA'
  (draft-ietf-dane-protocol-23.txt) as Proposed Standard

This document is the product of the DNS-based Authentication of Named
Entities Working Group.

The IESG contact persons are Stephen Farrell and Sean Turner.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-dane-protocol/




Technical Summary

Encrypted communication on the Internet often uses Transport Level
Security (TLS), which depends on third parties to certify the keys
used. This document improves on that situation by enabling the
administrator of a domain name to publish the keys used in the
DNS, secured with DNSSEC.

Working Group Summary

 
The working group made extensive use of the issue tracker:
listing, opening, discussing and then calling consensus on
each issue. This gave everyone the opportunity to participate
and be heard. There have been approximately 2,000 messages
discussing this (and closely related) documents.

Document Quality

There is a tool (Swede - https://github.com/pieterlexis/swede)
that generates TLSA records, and a proof-of-concept implementation
of DANE for NSS (https://mattmccutchen.net/cryptid/#nss-dane)
A number of vendors have mentioned that they are planning on
implementing the specification.

I do not think that it would be fair (or possible) to single
out any specific reviewers -- we have had a large number of very
active reviewers / participants and they have all been very diligent
(and sometimes vocal :-)) in providing feedback.

Personnel

Warren Kumari is acting as the Document Shepherd.
Stephen Farrell is the Responsible Area Director.