Re: [lamps] WG Last Call for rfc6844bis
Ryan Sleevi <ryan-ietf@sleevi.com> Thu, 11 October 2018 23:12 UTC
Return-Path: <ryan.sleevi@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64FB6130EC3 for <spasm@ietfa.amsl.com>; Thu, 11 Oct 2018 16:12:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IZw5KC2NBB65 for <spasm@ietfa.amsl.com>; Thu, 11 Oct 2018 16:12:54 -0700 (PDT)
Received: from mail-it1-f173.google.com (mail-it1-f173.google.com [209.85.166.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40BBF12DD85 for <spasm@ietf.org>; Thu, 11 Oct 2018 16:12:54 -0700 (PDT)
Received: by mail-it1-f173.google.com with SMTP id l191-v6so16118508ita.4 for <spasm@ietf.org>; Thu, 11 Oct 2018 16:12:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7nE4k42kTIyx3fFaIjS1ZDm94oE3T+9i2xTmXI0QaO8=; b=jajApiy/5DyhZp/dV0sPVMKk2RctVHk0UwVxq5Nwj847lT2z/5aIVR0ixHsUt9nJh8 LMGSa7o2ThE9rO56JX7LaBJLDStpALaMnfIFKPE7pwzRHdZiqeBlw1F1R2XL+1OTau8z grcNGzQJW3XqP2ELLXCHxbsRUK/45JogapHFLrZ7epoPQwFpCen/mi+4er/JcKgYss1P zmfJc+vnh3xfcK2EiLMSIrtkJZsa6qP/bC0ZZdfEKv/SLOZlYsCDiT9IPsfbgrU4Hh79 ej2idcRGrg0CiH61Ne11oBStB+JE6qAPQYEP3Pgtz2ZkHol9hcps77+dmINJZ+C3q8TI oVAQ==
X-Gm-Message-State: ABuFfogKn8M+JKlEJNIE7jU5t5PQAYNguPJVLoSh2P3LbJaxYiRFSncp AEEyTSjzuyMkZo1ML2uJhniN/f1Paae0bA==
X-Google-Smtp-Source: ACcGV63Dqiw61ruP9EUyjFvRToj3264Oo31obcuI5BVaIpjBZ8xsKUS6/hclrm/AbixUnE4LxMuHzg==
X-Received: by 2002:a02:1e07:: with SMTP id m7-v6mr3041666jad.128.1539299573228; Thu, 11 Oct 2018 16:12:53 -0700 (PDT)
Received: from mail-io1-f41.google.com (mail-io1-f41.google.com. [209.85.166.41]) by smtp.gmail.com with ESMTPSA id 127-v6sm15700196itj.36.2018.10.11.16.12.52 for <spasm@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 11 Oct 2018 16:12:52 -0700 (PDT)
Received: by mail-io1-f41.google.com with SMTP id w11-v6so7930323iob.2 for <spasm@ietf.org>; Thu, 11 Oct 2018 16:12:52 -0700 (PDT)
X-Received: by 2002:a6b:e415:: with SMTP id u21-v6mr2830037iog.78.1539299572001; Thu, 11 Oct 2018 16:12:52 -0700 (PDT)
MIME-Version: 1.0
References: <F72DABEA-234C-4644-914A-81FBCC86D11B@vigilsec.com> <BN6PR14MB11063B4401B3C6BEBAF7A68D83E10@BN6PR14MB1106.namprd14.prod.outlook.com>
In-Reply-To: <BN6PR14MB11063B4401B3C6BEBAF7A68D83E10@BN6PR14MB1106.namprd14.prod.outlook.com>
From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Fri, 12 Oct 2018 08:12:41 +0900
X-Gmail-Original-Message-ID: <CAErg=HE4iNQGJnyB7Jjm8AK-wmzQZa188cF=XcJqG1Bsp65cng@mail.gmail.com>
Message-ID: <CAErg=HE4iNQGJnyB7Jjm8AK-wmzQZa188cF=XcJqG1Bsp65cng@mail.gmail.com>
To: Tim Hollebeek <tim.hollebeek@digicert.com>
Cc: Russ Housley <housley@vigilsec.com>, SPASM <spasm@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000313b7d0577fc1cd0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/GqUtfY6QeqzeDxcXXUtrT4tCKps>
Subject: Re: [lamps] WG Last Call for rfc6844bis
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2018 23:12:56 -0000
On Fri, Oct 12, 2018 at 4:25 AM Tim Hollebeek <tim.hollebeek@digicert.com> wrote: > LAMPS chair hat off; CABF Validation Subcommittee (formerly, Validation > Working Group) hat on. > > Recently at the CA/Browser Forum, allowing customers to use CAA to limit > the validation methods that can be used for a domain has been identified > as one of the Forum's highest priorities. I started a thread on the idea > back > in December: > > https://mailarchive.ietf.org/arch/msg/spasm/Jse-FslACq3wair2B2_YSwpViNs > > While CAs can potentially unilaterally implement this on their own outside > the Forum with parameters (as in the acme-caa draft), uniformity > throughout > the industry would be desirable. The Forum also has the ability to > mandate > implementation by a specific date. > > This was discussed on this morning's Validation Subcommittee call, and it > was suggested we ask the group if there is interest in including this in > RFC > > 6844-bis, or whether it would be preferable to handle it as a separate > draft. > Handle it as a separate draft, and recharter the WG If there is consensus to adopt draft text. The charter we have does not include that effort, and there are more ways to botch it then to get it right. It’s an extension, in theory, so let it be defined as such in a separate document. Personally, I believe such an extension would be better spec’d as Informational (thus, at odds with 6844-bis, which is Standards Track), because what the Forum “wants” is an extension whose namespace is defined and maintained by the CA/Browser Forum, not the IETF or IANA, and not designed to interoperate with other PKIs that use CPs other than the Baseline Requirements. If members of the Forum want Lamps to adopt such work, they should first work through what it is they want before asking Lamps to recharter to consider their industry-specific use case. So no, don’t add a rechartering discussion for WGLC just because some folks had an extension they want to figure out. > -Tim > > > -----Original Message----- > > From: Spasm <spasm-bounces@ietf.org> On Behalf Of Russ Housley > > Sent: Thursday, October 11, 2018 2:01 PM > > To: SPASM <spasm@ietf.org> > > Subject: [lamps] WG Last Call for rfc6844bis > > > > This is the LAMPS WG Last Call for "DNS Certification Authority > Authorization > > (CAA) Resource Record" <draft-ietf-lamps-rfc6844bis-01>. > > > > Please review the document and send your comments to the list by 22 > > October 2018. > > > > If no concerns are raised, the document will be forwarded to the IESG > with > a > > request for publication as Proposed Standard. > > > > Russ & Tim > > _______________________________________________ > > Spasm mailing list > > Spasm@ietf.org > > https://www.ietf.org/mailman/listinfo/spasm > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm >
- [lamps] WG Last Call for rfc6844bis Russ Housley
- Re: [lamps] WG Last Call for rfc6844bis Tim Hollebeek
- Re: [lamps] WG Last Call for rfc6844bis Ryan Sleevi
- Re: [lamps] WG Last Call for rfc6844bis Tim Hollebeek
- Re: [lamps] WG Last Call for rfc6844bis Ryan Sleevi
- Re: [lamps] WG Last Call for rfc6844bis Tim Hollebeek
- Re: [lamps] WG Last Call for rfc6844bis Stephen Farrell
- Re: [lamps] WG Last Call for rfc6844bis Sean Turner
- Re: [lamps] WG Last Call for rfc6844bis Salz, Rich
- Re: [lamps] WG Last Call for rfc6844bis Tim Hollebeek
- Re: [lamps] WG Last Call for rfc6844bis Jacob Hoffman-Andrews
- Re: [lamps] WG Last Call for rfc6844bis Jacob Hoffman-Andrews
- Re: [lamps] WG Last Call for rfc6844bis Tim Hollebeek
- Re: [lamps] WG Last Call for rfc6844bis Russ Housley