IETF Logo Mail Archive

Re: [lamps] Publication has been requested for draft-ietf-lamps-rfc6844bis-02

Rob Stradling <rob@sectigo.com> Mon, 05 November 2018 16:42 UTC

Return-Path: <rob@sectigo.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0B1E124408 for <spasm@ietfa.amsl.com>; Mon, 5 Nov 2018 08:42:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=comodoca.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AQ24hsN5th5Q for <spasm@ietfa.amsl.com>; Mon, 5 Nov 2018 08:42:51 -0800 (PST)
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (mail-eopbgr730041.outbound.protection.outlook.com [40.107.73.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 091A6127133 for <spasm@ietf.org>; Mon, 5 Nov 2018 08:42:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comodoca.onmicrosoft.com; s=selector1-sectigo-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=k/7Af2mrgsBrasA5imwBxqBc2hulrMgKFng3UNm6LD0=; b=gCd2QlKMlNThmWvH3JX6MQpOAIbPGSzEYhYQITkSdkMQN0Yn/irkaT7FAfxOHoXjJ47gSw6bg2IztRaTo/R80Xn8biG/A7rCP5v956h4mDShLtWvO5aeZkTOgB7fB5iGIEHQPHrpRve6BDRsAVFqTUYaabYQq3EuVz8O5XKgpxw=
Received: from BY2PR17MB0486.namprd17.prod.outlook.com (10.163.192.16) by BY2PR17MB0184.namprd17.prod.outlook.com (10.163.66.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.26; Mon, 5 Nov 2018 16:42:47 +0000
Received: from BY2PR17MB0486.namprd17.prod.outlook.com ([fe80::5545:a6ec:be80:b70b]) by BY2PR17MB0486.namprd17.prod.outlook.com ([fe80::5545:a6ec:be80:b70b%8]) with mapi id 15.20.1294.032; Mon, 5 Nov 2018 16:42:47 +0000
From: Rob Stradling <rob@sectigo.com>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [lamps] Publication has been requested for draft-ietf-lamps-rfc6844bis-02
Thread-Index: AQHUdKEHIOcKKXejBkewL/d7fiU2gaVBY96A
Date: Mon, 05 Nov 2018 16:42:47 +0000
Message-ID: <3f3a8c40-d01f-a35c-aefd-2cd0240b635b@sectigo.com>
References: <154137879900.31779.4598074243144707056.idtracker@ietfa.amsl.com>
In-Reply-To: <154137879900.31779.4598074243144707056.idtracker@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: CWLP265CA0200.GBRP265.PROD.OUTLOOK.COM (2603:10a6:401:4e::20) To BY2PR17MB0486.namprd17.prod.outlook.com (2a01:111:e400:5a20::16)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rob@sectigo.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2a02:1788:4ff:1000:f68e:38ff:fe7a:a226]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BY2PR17MB0184; 6:soSvS/6YKE8bfGlt5GyLTUBc9r/107//wGnQ/Fy1OymbOLTlghqJLFGa3MeBkv/335w07ioffGtFJzn1Mi18xRIiTfQLJMImJgUGOxI5KHKzfQaJd85LSRd4joTVLDIVsJIyD3Qrz7hTdLVzU0rsurVoQOa8XUjK6ppySidrrYeoyd6LRNsBOTM6dlE9B97C3Ya9iPYFItDsczT34P2iKpcvauX2wELWROHCEoq1e7OxwqkvtmKCix3iSc5A3sODex8f4GyVSdWHH3kMGi9cjtATTb1yEmwQBYNunrBLijoestXWdlZf4LCf1KXUCgMlWPYMD+yLyCbZIZ4TnVla4kQuApQCtEYtNsT+hFqpe3e0d3wD5bblkS4zePDwFNn1DN8ExoM7u0MK0cZoFUwkDII1RSbDXT3vF6tFh9qrLD9xlxOEDeupwl8+vZIlpNoSeIUlvm8g3jl1zHu0pXunaQ==; 5:Ps3GNAyjXvcAnRDs/KT4+ripoDIKds5L1yxYUi1sNIpBjV2Lf+r6DUo+PCC6oD/DTPS5j93Ozn+C+4XZ58KFL721S6OJV63D89m2RnkGuG/neb6O/qABs7YUz89bmgTzXLhhI2JyqMQftqqXWz5oOKTGQ3j1wLh1JBtPClCGwH0=; 7:dz7KTaNToqmEyyz/cqY5gGNv6fucH7x1ykVZV89RIYK4JH7MHtDrQmmrVZR4SI1hDusvPLJ8u38OPiRbYL3KfyRoS+3x4m9q+RaBzLuc9SjxrO9xt86OQQPAanPLLtr3uP1isP0X3EHgmWHjn6XbzQ==
x-ms-office365-filtering-correlation-id: 14de3f28-2d0e-4084-9524-08d6433db786
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:BY2PR17MB0184;
x-ms-traffictypediagnostic: BY2PR17MB0184:
x-microsoft-antispam-prvs: <BY2PR17MB0184F3C0BE47C38CD3C4591EAACA0@BY2PR17MB0184.namprd17.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(120809045254105)(166708455590820);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(10201501046)(3231382)(944501410)(52105095)(148016)(149066)(150057)(6041310)(20161123564045)(20161123562045)(20161123558120)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051)(76991095); SRVR:BY2PR17MB0184; BCL:0; PCL:0; RULEID:; SRVR:BY2PR17MB0184;
x-forefront-prvs: 08476BC6EF
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(39840400004)(396003)(136003)(366004)(252514010)(189003)(199004)(305945005)(446003)(86362001)(6512007)(7736002)(5640700003)(6306002)(8936002)(6436002)(99286004)(106356001)(14444005)(105586002)(256004)(46003)(478600001)(486006)(14454004)(6486002)(476003)(11346002)(31696002)(966005)(6916009)(229853002)(25786009)(2616005)(6116002)(76176011)(71200400001)(71190400001)(2351001)(5660300001)(36756003)(2906002)(97736004)(2900100001)(186003)(102836004)(2501003)(316002)(6246003)(53936002)(8676002)(1730700003)(81156014)(81166006)(31686004)(386003)(68736007)(52116002)(53546011)(6506007); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR17MB0184; H:BY2PR17MB0486.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: sectigo.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: JsU6SaZ6BOTVBCVK3/XHiJABsCypPdN8G0YeaGaqpQnPxHSy0msj2epNnoeX/0KJb9d4iZubz5760dGgI4jm9/wnHEhOFuBXKOHFckGuukrz1niUrs6xNa8S9dg2pyGxUpdxw5Kwjr5yEH6n3qTHtzTqsLpS0p2Ira5mKJKeI07wi+GdKQsGnUQRyKG8An+wrAOgwGC2VV7lgloQYIIpzTuxe+r8xIuMKfdwX5WY4vkX8xMZcbDUAxXmxZ9Xof4NvQ15DphRU75oAcZIv2sPzLwVEyNGYUGHvvfGTMsVvK8aTuVke5oPMeNi2I58uJSWu2uqKYiV93cmxF5X2PajX2We8AaoJVRoRMAPNMVxBig=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <A5A1DD7BDB469C4FA73190FB44F72056@namprd17.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sectigo.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 14de3f28-2d0e-4084-9524-08d6433db786
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2018 16:42:47.4453 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR17MB0184
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/tCcy99LMAhHk0vzjkEBKHFvINCM>
Subject: Re: [lamps] Publication has been requested for draft-ietf-lamps-rfc6844bis-02
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2018 16:42:55 -0000

On 05/11/2018 00:46, Russ Housley wrote:
> Russ Housley has requested publication of draft-ietf-lamps-rfc6844bis-02 as Proposed Standard on behalf of the LAMPS working group.
> 
> Please verify the document's state at https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc6844bis/

Sorry, I realize it's rather late in the day for these comments, so 
please consider or ignore/reject them as you see fit:

1. "Comodo Group, Inc" was never my employer.  My real employer, "Comodo 
CA Limited", just changed its name to "Sectigo Limited".
https://github.com/jsha/caa-simplification/pull/2

2. Typo: amount -> among.
https://github.com/jsha/caa-simplification/pull/3

3. Section 4 says:
   "The search for a CAA record climbs the DNS name tree from the
    specified label up to but not including the DNS root '.' until CAA
    records are found.
What if a CAA lookup returns just a single record (that contains, for 
example, an "issue" property)?  That wouldn't be a plurality of "CAA 
records", and so (by that wording) ISTM that the tree climbing must 
continue.  I think "...until a CAA Resource Record set is found" would 
be a better description of what's intended.
Related to this, ISTM that "The search for a CAA record..." should be 
"The search for a CAA Resource Record set...", since CAs must always 
consider the full RRset.  For example, CAs should not consider an 
"issue" property whilst ignoring an "issuewild" property in the same RRset.
https://github.com/jsha/caa-simplification/pull/4

-- 
Rob Stradling
Senior Research & Development Scientist
Email: rob@sectigo.com

v2.23.0 | Report a Bug | By Email