IETF Logo Mail Archive

Re: Using DNS system as a Global Root Certificate Authority - possible ?

Alexey Eromenko <al4321@gmail.com> Sat, 26 December 2015 20:33 UTC

Return-Path: <al4321@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B96961ACEA6 for <ietf@ietfa.amsl.com>; Sat, 26 Dec 2015 12:33:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lJhVMXYwwkq2 for <ietf@ietfa.amsl.com>; Sat, 26 Dec 2015 12:33:11 -0800 (PST)
Received: from mail-ig0-x231.google.com (mail-ig0-x231.google.com [IPv6:2607:f8b0:4001:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C4E81A90AC for <ietf@ietf.org>; Sat, 26 Dec 2015 12:33:11 -0800 (PST)
Received: by mail-ig0-x231.google.com with SMTP id mv3so103207614igc.0 for <ietf@ietf.org>; Sat, 26 Dec 2015 12:33:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=boqRryBL4HKEwp59ZDJedhvRlmLYTDSE/Fc19PJoGR0=; b=dE1kRFmhON7K9yEUt8qjllorAmkovFatMFU4iVqM+S7rsRsPBf57oERUDzJLFez1Ww 1WkSpFUHPUYNBCUxIQpAGjo1J2FaM8cyTqINF9Qca4kGAHvRrput8mt9M+tNdIQpiR4S +0W6RniGre7i/uRTp2+2zoYd4SNmB6z7orYwV/kJx0473pIDaGfnoRyF6/sz6msOiGzd KAppve6vow2IWIwZue+sMwkUaBfSCSiuoiLSy56fWj66Y1aSqWEnVWsVBm9w3YzH0JYX +s6g3psIBDbv2o78G0fEJLN+0N1rBYtAU1w3KNYPvatqtoxzxQuM/DlhBtk3nLB1TXUT EyfA==
X-Received: by 10.50.110.33 with SMTP id hx1mr8795843igb.59.1451161990911; Sat, 26 Dec 2015 12:33:10 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.136.194 with HTTP; Sat, 26 Dec 2015 12:32:51 -0800 (PST)
In-Reply-To: <CAHw9_i+78nnrAZt647pjEUkwscQ5mN4vr=pX01GH6krxmMFNuQ@mail.gmail.com>
References: <CAOJ6w=EdXPzK7f=zS0epuYXkkEcwtop11Ttt6QUR1-FtN1rGWg@mail.gmail.com> <CAHw9_i+78nnrAZt647pjEUkwscQ5mN4vr=pX01GH6krxmMFNuQ@mail.gmail.com>
From: Alexey Eromenko <al4321@gmail.com>
Date: Sat, 26 Dec 2015 22:32:51 +0200
Message-ID: <CAOJ6w=ErnoenUJ_g29V02upExzNdHw-rj8iGM2NDdQmOTHYtoQ@mail.gmail.com>
Subject: Re: Using DNS system as a Global Root Certificate Authority - possible ?
To: Warren Kumari <warren@kumari.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/R8F8sdoG4sZGaEoocU0df0T-AJg>
Cc: ietf <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Dec 2015 20:33:12 -0000

On Sat, Dec 26, 2015 at 10:29 PM, Warren Kumari <warren@kumari.net> wrote:
> This is very similar to what the DANE working group is working on -
> https://datatracker.ietf.org/wg/dane/charter/
>
> I'd suggest you start with RFC6394, and then RFC6698, followed by RFC7671.

Thanks.

--
-Alexey Eromenko "Technologov"

v2.23.0 | Report a Bug | By Email