Re: Quic: the Elephant in the Room
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 21 April 2021 17:03 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE3CA3A2FBB for <quic@ietfa.amsl.com>; Wed, 21 Apr 2021 10:03:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2DecXBoHm-Al for <quic@ietfa.amsl.com>; Wed, 21 Apr 2021 10:03:55 -0700 (PDT)
Received: from mail-yb1-f169.google.com (mail-yb1-f169.google.com [209.85.219.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 122303A2F9D for <quic@ietf.org>; Wed, 21 Apr 2021 10:03:51 -0700 (PDT)
Received: by mail-yb1-f169.google.com with SMTP id 130so4221522ybd.10 for <quic@ietf.org>; Wed, 21 Apr 2021 10:03:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GQ6lJ/TxPbmYlQocBBo0aVUsSofh9vyUY4m7vFjeMK4=; b=KCQ22dnfK/o3HxHwB5ng/8wS3AGjOrCXguI/P+ICDH55WDOEhZHadfRuOnmN+Umbrr /mZR6iZpzSg7yW/f14XvgwH8meusF/FJMIGWnbEcxSVz0WqOUahh1WpiDRVR+8+zQHlm fiKTlbkE9D3zv9u68qiqM9PYIPawaoJMzGxNQ2e2CyaM7V4XGB4Tw5vo+ynubAwKHeUC 0MDx8gjxyrkuwo324/AgCi6iVC51rTrr3i0V4UihXFSjX4GCd2/jYzeckAwteKjVRWBm fvB7JecZ86TVwS+jcNIqkdC6PtfTGQFNPLqlnJQl8NX5Kz7t1V5LC8QLFs8sslF6l84w PpbQ==
X-Gm-Message-State: AOAM5314nnF+JM+4CSScL6oy4Hymp6ju7gCHLgJfF3kMd9KWfGb49KEu RjL74wlnu4A+hOzHvu9MU1kukrtdhghQ9mMAkImfsnFltAuvKg==
X-Google-Smtp-Source: ABdhPJwfTufjVtvffjdGC/INWNlgRdMDEG1rLsBe0g6pIZIKRLcQ8fVbiBOwjYm7JUiDIkp05pL5uv3vq+15f6xBMT8=
X-Received: by 2002:a5b:48c:: with SMTP id n12mr35442889ybp.273.1619024631179; Wed, 21 Apr 2021 10:03:51 -0700 (PDT)
MIME-Version: 1.0
References: <311e3e67-2e87-1650-22b3-614378fbf88f@mtcc.com> <CADdTf+jRMfNo1EiFBj-fOeZJkKM2TCvN9yJFEmJEVcZj5JMD_Q@mail.gmail.com> <e5856173-5c7a-1f2b-3be0-b2a155786ff8@mtcc.com> <CALGR9oY0-aVT+Hv0gj45pxwH7zxTw=TVpQGqCVC2NFCa+y16JA@mail.gmail.com> <4191ed66-11e4-7ac6-bd0d-d4713dd0873b@mtcc.com> <CAPDSy+6rWkgB49RKThFCsBLdMjquBBX9=h-Mz9AMAknu=2KhEA@mail.gmail.com> <2c400bd6-30cf-c46f-6e87-9ca62ef25ed2@mtcc.com> <CAPDSy+55oPNi8DBkQO+XGyrBMMB4kMLtVnDVU75Myh116jnwbw@mail.gmail.com> <CABcZeBPDDLbOkVDLQy0JkOBDrOXop6RORQ5YQYdKxJ4QLg+6LQ@mail.gmail.com> <CAMm+LwiDA-DWCPwB+N-dxTs-cuQrtaKb=_wtc-CP=Ckn4_sg7g@mail.gmail.com> <9b21b764-bdd4-7d1c-a89f-b7d2e947fdb8@mtcc.com> <CABcZeBNW3zShZU=HrQA=oKr82UeNTQEr3P=9GkpnFgzaJoG19A@mail.gmail.com> <7a0f6733-d084-0d2b-d054-a3ed5890cdbd@mtcc.com> <B557B8E7-45ED-4BE1-8ECB-E65826E04DF9@eggert.org> <513baf35-5ec5-e9f1-95a3-0bb1547c08be@mtcc.com> <8BA5A095-268D-494B-A272-D43B5CA5F7F4@eggert.org> <11194e47-bf5d-13b4-3df0-20565472722a@mtcc.com>
In-Reply-To: <11194e47-bf5d-13b4-3df0-20565472722a@mtcc.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 21 Apr 2021 13:03:41 -0400
Message-ID: <CAMm+LwhTKH67xLqUJwbO=gerEjW+BqiGNuCFcO1Ahowg8RgY5w@mail.gmail.com>
Subject: Re: Quic: the Elephant in the Room
To: Michael Thomas <mike@mtcc.com>
Cc: Lars Eggert <lars@eggert.org>, Eric Rescorla <ekr@rtfm.com>, Matt Joras <matt.joras@gmail.com>, Lucas Pardue <lucaspardue.24.7@gmail.com>, David Schinazi <dschinazi.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000062cbb05c07e8c03"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/nZEdnxTUZnaKVl9dGJDhFblVbL8>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2021 17:04:03 -0000
On Wed, Apr 21, 2021 at 12:56 PM Michael Thomas <mike@mtcc.com> wrote: > > On 4/21/21 9:46 AM, Lars Eggert wrote: > > > > I also got told that signing a zone is tantamount to "boiling the ocean". > > You're misquoting David. He said: > > > > On 2021-4-20, at 20:20, David Schinazi <dschinazi.ietf@gmail.com> wrote: > >> I'm not saying that a 3-packet handshake would be bad, I'm saying > >> that it's not worth boiling the ocean to remove 2 packets. > > Nowhere in that sentence or the rest of David's email do I see any > mention of signing zones. > > > Again, not a topic for *this* mailing list. > > Chrome has already implemented DANE once upon a time. The only thing > left is for Google to DNSSec sign their zone. That's it. If there is > something else, I'm all ears. > It is very rare that I make an assertion on a public mailing list and refer to reasons I am not prepared to discuss in public but I am going to do that on this occasion. There are very good reasons why Google and other large international network service providers should not sign their DNSSEC zones. Securing the Internet is about rather more than securing the Internet.
- Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Matt Joras
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Paul Vixie
- Re: Quic: the Elephant in the Room Matt Joras
- Re: Quic: the Elephant in the Room Roberto Peon
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Lucas Pardue
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room David Schinazi
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room David Schinazi
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Lucas Pardue
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Eric Rescorla
- Re: Quic: the Elephant in the Room Phillip Hallam-Baker
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Eric Rescorla
- Re: Quic: the Elephant in the Room Lucas Pardue
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Lars Eggert
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Lars Eggert
- Re: Quic: the Elephant in the Room Michael Thomas
- Re: Quic: the Elephant in the Room Phillip Hallam-Baker