[Secdispatch] Re: Request for Review and Adoption of Internet Draft: High Assurance DIDs with DNS

Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> Mon, 09 September 2024 17:43 UTC

Return-Path: <rifaat.s.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CD7EC15107F for <secdispatch@ietfa.amsl.com>; Mon, 9 Sep 2024 10:43:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8z0MZhlDBpJX for <secdispatch@ietfa.amsl.com>; Mon, 9 Sep 2024 10:43:54 -0700 (PDT)
Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7256EC1840FA for <secdispatch@ietf.org>; Mon, 9 Sep 2024 10:43:54 -0700 (PDT)
Received: by mail-lf1-x12f.google.com with SMTP id 2adb3069b0e04-53659c8d688so2459586e87.1 for <secdispatch@ietf.org>; Mon, 09 Sep 2024 10:43:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725903833; x=1726508633; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ikV/YmtFy54UZSc2WLccNElY24MfW9tMrf2nfO2vTmY=; b=IXb/BPZdXT97GYtWRlMlP+VYAGe+efKzwylu7IrZIeYiGK1DZmrO4aqxwcKU0//oxy Mx26oz2hKR/3UGI9URJVTrog1aCXYm8RNapZNqNzVVu37Lr8iI0nLMQ+zoi4+rc5n6SF cg4Cx/F5ju+CecKU/xU8iRCi98R0JPRiSq8v8FXEuQ7n/aEyeoJvC1L9AgV3kLcdqRHK AsqrqN55j5bm41wox5NlfD42Mxv05RDfOnfZYyTOTc8q4PFBs4119pLeJu2mu+ARzDnu ydsU5uLz5v5cNfg1LU4d4SQT83Isot6nkFYXSIxeeUYFY00keTUyIOzT4+FLCcmN93Iq 8vQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725903833; x=1726508633; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ikV/YmtFy54UZSc2WLccNElY24MfW9tMrf2nfO2vTmY=; b=g3TfBEmQ0blJ/ziFXuvmqmbGcW7Qdx7L1lI5j/Q+DlNXWt+jtvZbzKEIHm6biPv8dT PTsrEvP8iXG4zCljKC8l4ZiPSWVKfgoiZ5Xr1A2u7nDx6HAc9F5lvf8QSIQSx6BWTLYx u7cbTIGkW5WtogUdT82MA5683rFIcc/S+VwlWxrGTiibBr3lrYLX/WIoxhiVS4z2N7j9 Vo8SR7pdykTZqw2Dn9QKTVrU1K5zo/bqmZPQrGhBYYZizHQHjZ9amKeGUuhVkUCI6NP1 DIdhNVESPfXvSxlqmlG1+q3wiu+2mVNznJLoGkyIJZn/KbBLVoYnArah4Y5fa3HtQwVD /QUg==
X-Gm-Message-State: AOJu0YyHlcAWQHQZ+bsQxf6w2yT7DLfi7A66GF1FXSev8ZGCPvre9QBg oA6hxoWcS6Kxpd1z8+b3MA3/kRIvh2FuHpyTrOZa9Dqt6BOt0UcTcnQG5OdgHflOZ2Il0LPLb1A p6kGeGPXKfZMwUwTd73DL1BTpeuE=
X-Google-Smtp-Source: AGHT+IEUTkisGW7Vgk9p1YXMTEPL74DkWTTgJr1KEUDWK6QW2LxLrd+sbXOd81HAILVT6/Q4xP7eDVqIbRqPwFWZJJw=
X-Received: by 2002:a05:6512:6c8:b0:52e:9425:3cc8 with SMTP id 2adb3069b0e04-5366bb2afc0mr153783e87.19.1725903831748; Mon, 09 Sep 2024 10:43:51 -0700 (PDT)
MIME-Version: 1.0
References: <YT2P288MB0252E6E515F3E9A5833C32488A952@YT2P288MB0252.CANP288.PROD.OUTLOOK.COM> <YT2P288MB02523F41AE4C3EBCDE33D38C8A962@YT2P288MB0252.CANP288.PROD.OUTLOOK.COM>
In-Reply-To: <YT2P288MB02523F41AE4C3EBCDE33D38C8A962@YT2P288MB0252.CANP288.PROD.OUTLOOK.COM>
From: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Date: Mon, 09 Sep 2024 13:43:40 -0400
Message-ID: <CADNypP9-Zk3B_hwvpk9z2mQhfxPbgp0g_BFDgj09B=aBOZ_egw@mail.gmail.com>
To: Jacques Latour <Jacques.Latour=40cira.ca@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ced75b0621b34cf4"
Message-ID-Hash: YGUMV4YEMYHMH7AJ2UBCOD6XJWTV5DG5
X-Message-ID-Hash: YGUMV4YEMYHMH7AJ2UBCOD6XJWTV5DG5
X-MailFrom: rifaat.s.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdispatch.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, Jesse Carter <Jesse.Carter@cira.ca>, Mathieu Glaude <mathieu@northernblock.io>, Tim Bouma <tim.bouma@dgc-cgn.org>, Jim Fenton <fenton@bluepopcorn.net>, "Pengshuping (Peng Shuping)" <pengshuping@huawei.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Secdispatch] Re: Request for Review and Adoption of Internet Draft: High Assurance DIDs with DNS
List-Id: Security Dispatch <secdispatch.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/U_KiceQQJEVmt6Y0Qxp94lIQ75U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Owner: <mailto:secdispatch-owner@ietf.org>
List-Post: <mailto:secdispatch@ietf.org>
List-Subscribe: <mailto:secdispatch-join@ietf.org>
List-Unsubscribe: <mailto:secdispatch-leave@ietf.org>

Thanks Jacques!
We will add it to the list of topics to discuss.
Will you be attending in person or remote?

Regards,
 Rifaat


On Thu, Aug 29, 2024 at 8:57 AM Jacques Latour <Jacques.Latour=
40cira.ca@dmarc.ietf.org> wrote:

> Hi,
>
>
>
> ACME recommended this should be sent here for considerations.
>
>
>
> Looking forward to see what you think and where home is 😉.
>
>
>
> Jacques
>
>
>
>
>
> *From:* Jacques Latour <Jacques.Latour@cira.ca>
> *Sent:* August 28, 2024 4:30 PM
> *To:* acme@ietf.org
> *Cc:* Jacques Latour <Jacques.Latour@cira.ca>; Jesse Carter <
> Jesse.Carter@cira.ca>; Mathieu Glaude <mathieu@northernblock.io>; Tim
> Bouma <tim.bouma@dgc-cgn.org>
> *Subject:* Request for Review and Adoption of Internet Draft: High
> Assurance DIDs with DNS
>
>
>
> Hi all!
>
>
>
> First time asking for an internet draft adoption.
>
>
>
> ·
> https://datatracker.ietf.org/doc/draft-carter-high-assurance-dids-with-dns/
>
>
>
> As one of the authors of the internet draft titled "High Assurance DIDs
> with DNS" (draft-carter-high-assurance-dids-with-dns), I am writing to
> request the ACME Working Group to review and consider adopting this draft
> as part of your working group.
>
>
> The draft proposes a method for integrating high assurance Decentralized
> Identifiers (DIDs) with the Domain Name System (DNS), aiming to enhance the
> security and reliability of DIDs by leveraging the established trust
> infrastructure of DNS. We believe that this integration aligns well with
> the goals and expertise of the ACME Working Group, particularly in the
> areas of secure and automated certificate management.
>
> We would greatly appreciate the opportunity to present this draft to the
> working group and discuss its potential benefits and implementation
> details. Your feedback and guidance would be invaluable in refining the
> draft and ensuring its alignment with the broader objectives of the IETF.
>
> Please let us know if there are any specific procedures or additional
> information required for this request. We are eager to collaborate with the
> ACME Working Group and contribute to the advancement of secure and reliable
> internet standards.
>
> In terms of support and reference for this draft, we have the following
> references that may help justify our ask.
>
>
>
> ·
> https://dhs-svip.github.io/requirements-for-decentralized-identity/TrustArchitecture/
>
> ·         DID Specification Registries (w3c.github.io)
> <https://w3c.github.io/did-spec-registries/#dnsvalidationdomain>
>
> ·         Trust DID Web - The did:tdw DID Method (bcgov.github.io)
> <https://bcgov.github.io/trustdidweb/>
>
>
>
> Example DNS implementation:
>
>
>
> $ dig _did.trustroot.ca uri +dnssec +multi
>
>
>
> _did.trustroot.ca.      3518 IN URI 0 0 "did:web:trustroot.ca"
>
> _did.trustroot.ca.      3518 IN RRSIG URI 13 3 3600 (
>
>                                 20240905000000 20240815000000 17999
> trustroot.ca.
>
>
> 4CJsquY7BEcA2YX1iWHIKzXx4lEvWa7k8JWNbp4zu3dp
>
>
> KQXdwZ73geTKgzfNz9g5+HyckxTyNyz8LU8lA+G4lg== )
>
>
>
> $ dig _did.trustroot.ca tlsa +dnssec +multi
>
>
>
> _did.trustroot.ca.      3527 IN TLSA 3 1 1 (
>
>
> CEEAD59AAE176DDD8889DF0B02083CB393D07655CBA9
>
>                                 D668EA334ABDBDB72A39 )
>
> _did.trustroot.ca.      3527 IN TLSA 3 1 0 (
>
>
> 302A300506032B6570032100C300A443F0427440AC90
>
>
> BDA85B4F97896879564A7AB649B976FA7D15FEAFC225 )
>
> _did.trustroot.ca.      3527 IN RRSIG TLSA 13 3 3600 (
>
>                                 20240905000000 20240815000000 17999
> trustroot.ca.
>
>
> z/E+jECtQzNi0zcBcrVa8P8UKiHx5SHcSEmN2vR6Oe4t
>
>
> nfvjso/8/ZXo/IlWtoqgIYrCeJJ9NLFTu/q0cGwUIg== )
>
>
>
> Thank you for your time and consideration.
>
> Best regards,
>
> Jacques, Jesse, Mathieu and Tim.
>
>
>
>
>
>
>
> CLASSIFICATION:CONFIDENTIAL
> _______________________________________________
> Secdispatch mailing list -- secdispatch@ietf.org
> To unsubscribe send an email to secdispatch-leave@ietf.org
>