IETF Logo Mail Archive

Re: [openpgp] The DANE draft

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 24 July 2015 22:23 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FD4F1A8AA0 for <openpgp@ietfa.amsl.com>; Fri, 24 Jul 2015 15:23:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.243
X-Spam-Level:
X-Spam-Status: No, score=0.243 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, J_CHICKENPOX_34=0.6] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wL3LenXUn9m9 for <openpgp@ietfa.amsl.com>; Fri, 24 Jul 2015 15:23:03 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 9A8DB1A92F8 for <openpgp@ietf.org>; Fri, 24 Jul 2015 15:19:47 -0700 (PDT)
Received: from fifthhorseman.net (unknown [89.206.243.216]) by che.mayfirst.org (Postfix) with ESMTPSA id 3FADDF985; Fri, 24 Jul 2015 18:19:46 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 0B8102027B; Fri, 24 Jul 2015 16:53:48 +0200 (CEST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Phillip Hallam-Baker <phill@hallambaker.com>, IETF OpenPGP <openpgp@ietf.org>
In-Reply-To: <CAMm+LwhYdBLXM8Td8q8SCnzgwywRgMx3wNKeS_Q0JSN4Lh7rZQ@mail.gmail.com>
References: <CAMm+LwhYdBLXM8Td8q8SCnzgwywRgMx3wNKeS_Q0JSN4Lh7rZQ@mail.gmail.com>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Fri, 24 Jul 2015 16:53:48 +0200
Message-ID: <87bnf1hair.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/rUK2JELrojtEZTbnyw11bSC_q5k>
Subject: Re: [openpgp] The DANE draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 22:23:04 -0000

On Fri 2015-07-24 12:40:31 +0200, Phillip Hallam-Baker wrote:
> 1) The draft is approaching IETF last call. People working on OpenPGP
> should review it now.

I looked at it with Petr Spacek after the meeting, and i plan on
providing Paul with a more detailed review shortly.

> DANE is trying to do three different things. It is trying to be a key
> discovery service, a security policy publication mechanism and a way
> of validating keys using the DNSSEC.

I think this overview is accurate.  I also think all these things are
necessary.  While i'm not particularly excited at the prospect of a
hierarchically controlled system like DNS being the One True System, we
do need to find ways to address these three goals anyway.

> So the way that I would approach using DNSSEC to validate a key for '
> alice@example.com' would be to introduce a record in the DNS with the
> semantics 'X is authorized to sign for *@example.com'.

I think you mean "X is authorized to certify any key+User ID where the
user ID matches *.example.com", not that X is allowed to make sign mail
for *@example.com.  right?  I like this idea as a way of validating keys
for the DNSSEC (the third of your three prongs of DANE).  If you were to
make a record with the semantics "any OpenPGP key+User ID where the User
ID matches *@example.com should not be considered valid *unless* it is
certified by this key", then you could use it as a security policy
mechanism (prong two).

> I would not attempt to fill the DNS with keys for Alice, Billybob,
> Carol, Doug, Ethelred and co. It is not working for TLS and I don't
> think it will work for OpenPGP or S/MIME.

So it sounds like the part you disagree with is the use of DNS/DANE as a
key discovery service (prong one).

> I do not find the idea of relying on the DNS for my keys remotely
> comforting and would not want to rely on such a record directly. The DNS
> has no persistence to it. Give me the MIT keyserver any day.
>
> What would interest me is if I could take a DNSSEC trust chain and intern
> it in a blockchain. At that point the whole process becomes transparent and
> I have a key I can place quite a bit of reliance on.

It sounds to me like you're interested in DNSSEC Transparency.  Perhaps
you could take that up in the trans WG?  I know there are other people
interested there (i am!) but this discussion doesn't belong on the
OpenPGP mailing list.

        --dkg

v2.23.0 | Report a Bug | By Email