IETF Logo Mail Archive

Re: https at ietf.org

Joe Abley <jabley@hopcount.ca> Mon, 25 November 2013 15:38 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C9601ADEA7 for <ietf@ietfa.amsl.com>; Mon, 25 Nov 2013 07:38:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A15J2pr3dtuO for <ietf@ietfa.amsl.com>; Mon, 25 Nov 2013 07:38:57 -0800 (PST)
Received: from mail-qe0-x229.google.com (mail-qe0-x229.google.com [IPv6:2607:f8b0:400d:c02::229]) by ietfa.amsl.com (Postfix) with ESMTP id 1E54F1ADBCA for <ietf@ietf.org>; Mon, 25 Nov 2013 07:38:57 -0800 (PST)
Received: by mail-qe0-f41.google.com with SMTP id gh4so1502710qeb.28 for <ietf@ietf.org>; Mon, 25 Nov 2013 07:38:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=HT8NsfRVaQoNdsCBAzYS8gQiMsNwgsMuPRvZw+Z2cLM=; b=aXxr0TF63ViXLka0FRaHZyZ+CNtOe9wLKYAa47tdDi/oRdQubw/+ImTxj8bT56qhhG cXqaA8NsGgkf3cpJXjqAgFuY0Z+6xhd3K6CPBPMORpQGp2XMs76RVelyzA6Bzthpd9zI SJUEJg2lSfLCEj0Z07FWzUSBARGvr12LtosIg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; bh=HT8NsfRVaQoNdsCBAzYS8gQiMsNwgsMuPRvZw+Z2cLM=; b=QzeuMWOJ3cTYqHl5QC4zNzcbK/B5nDerravZrc4fYBv06jy9wT5FzcyUGvDJgxLbuW 1MAitp7Wf8bK6zr1BZTyO6+Y6BRzzeydZm7CIxyMtQZSWdr9W0E+8kUrqxtMbB+UtSpB XYRNNqNaJt22OqaEKhmXvN5HW0/ceY32nBAaVT9j9XsJ9n7YgCgvkWu3eNPi8YQfvw4S 6rPiSUnV3f40URjvaikAFnZEGwZhj5iz9x0Z86morqX+TxT0M380D2CKB+vuNyBgMcnr iHptH0NMdxO1OaQW3lUIaLihkvuwD4R/Mb0q3KD0OrX5LE61z/RknDCZhibgCYY3y/j/ OHwA==
X-Gm-Message-State: ALoCoQmK932x29LZtGNuk448XC33xk7zQp7h5lnxrv47grS+qr/9V+dafDLUYrl+zdqaJVkupxfU
X-Received: by 10.224.8.65 with SMTP id g1mr47394806qag.68.1385393937097; Mon, 25 Nov 2013 07:38:57 -0800 (PST)
Received: from ?IPv6:2001:4900:1042:1:e15f:b548:8134:aa24? ([2001:4900:1042:1:e15f:b548:8134:aa24]) by mx.google.com with ESMTPSA id b4sm8527809qai.7.2013.11.25.07.38.55 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 25 Nov 2013 07:38:56 -0800 (PST)
Content-Type: multipart/signed; boundary="Apple-Mail=_14B88005-1310-472B-9F4C-5D15D7390484"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\))
Subject: Re: https at ietf.org
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <731D4B97-BC19-4AC8-BEF6-DA702073069A@standardstrack.com>
Date: Mon, 25 Nov 2013 10:38:53 -0500
Message-Id: <A1F7405B-CD8D-4DB8-9817-71F29AE14266@hopcount.ca>
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <CAHBU6ivZS33r4HHbCC391Ug9fMtZkJ3nojEeeqH5L+0+o3ZqGQ@mail.gmail.com> <01P0FU0CS96Q00004G@mauve.mrochek.com> <26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com> <CAKHUCzzzT-0p89uT62zrxGqF1XACG+Ok7hNLcuTaDad7R7eCTQ@mail.gmail.com> <527C2233.3030605@cis-india.org> <CAKHUCzzcNros1=O=D1zkEU1n+XdRcdYdgK2Hkik=AvxbuUJX3w@mail.gmail.com> <731D4B97-BC19-4AC8-BEF6-DA702073069A@standardstrack.com>
To: Eric Burger <eburger@standardstrack.com>
X-Mailer: Apple Mail (2.1822)
Cc: IETF-Discussion Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Nov 2013 15:38:59 -0000

On 2013-11-25, at 07:08, Eric Burger <eburger@standardstrack.com> wrote:

> I like where this has ended up. I am pretty convinced that HTTPS is mostly a dead end because of the CA problem.

Isn't this at least part of the motivation behind DANE?

(I realise DANE requires moving parts in the client and signatures in the published zone, but it seems odd that it hasn't been mentioned.)


Joe

v2.23.0 | Report a Bug | By Email