Re: [therightkey] [dane] DANE and CT
James Cloos <cloos@jhcloos.com> Sat, 17 November 2012 01:05 UTC
Return-Path: <cloos@jhcloos.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EE6421F8AE4; Fri, 16 Nov 2012 17:05:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QSGG1dzgyAEQ; Fri, 16 Nov 2012 17:05:52 -0800 (PST)
Received: from eagle.jhcloos.com (eagle.jhcloos.com [IPv6:2001:1938:12d::53]) by ietfa.amsl.com (Postfix) with ESMTP id 7D35621F8A22; Fri, 16 Nov 2012 17:05:49 -0800 (PST)
Received: by eagle.jhcloos.com (Postfix, from userid 10) id CD94840107; Sat, 17 Nov 2012 01:05:22 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhcloos.com; s=eagle; t=1353114346; bh=O7YCXcXAEjGb8LMdpe2tJ4r+WSaDu5TWmTTib0Vu2Nw=; h=From:To:Cc:Subject:In-Reply-To:References:Date:Message-ID: MIME-Version:Content-Type; b=d4uEfrcwqkKwCu+nxxWqVmaoNqB74FwSXJ4APa80NPU13r23fmm0CslOYHCaSjMcf e25VaCpTT+2aK8wulqZSHVeDl/GZzNOZxqULBcCjBh11k9iKol4G64ZpWjoAyFCxsp VI+6EH1VFyI5tVs5qijwXwkJ/5zsn/dz5OqnaaJU=
Received: by carbon.jhcloos.org (Postfix, from userid 500) id 25E1460119; Sat, 17 Nov 2012 00:50:47 +0000 (UTC)
From: James Cloos <cloos@jhcloos.com>
To: therightkey@ietf.org
In-Reply-To: <70D44D23-477C-44AC-AE5F-7EAB7BFA0207@vpnc.org> (Paul Hoffman's message of "Fri, 16 Nov 2012 11:06:50 -0800")
References: <CABrd9SRyv+UerPJBf+gw47nWj3t4ekHRnWsKC0pHcadHV5mvmw@mail.gmail.com> <alpine.LSU.2.00.1211141601220.27013@hermes-1.csi.cam.ac.uk> <CABrd9SQ7mt_DSkVimrJ03K9suXEQzYSc_vZ3qUtGLCiphvRetQ@mail.gmail.com> <alpine.LFD.2.02.1211141124490.4326@bofh.nohats.ca> <CABrd9SSv7vfxOhogGmYSWC8hROyXL_z4TJC8mxNMW-apSg5Y0Q@mail.gmail.com> <alpine.LFD.2.02.1211151501490.17666@bofh.nohats.ca> <CABrd9SQPg+5CJk_Quv3J_kOedd+NeDc2aqregdcbWnZofjb8kg@mail.gmail.com> <70D44D23-477C-44AC-AE5F-7EAB7BFA0207@vpnc.org>
User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux)
Face: iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAgMAAABinRfyAAAACVBMVEX///8ZGXBQKKnCrDQ3 AAAAJElEQVQImWNgQAAXzwQg4SKASgAlXIEEiwsSIYBEcLaAtMEAADJnB+kKcKioAAAAAElFTkSu QmCC
Copyright: Copyright 2012 James Cloos
OpenPGP: ED7DAEA6; url=http://jhcloos.com/public_key/0xED7DAEA6.asc
OpenPGP-Fingerprint: E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6
Date: Fri, 16 Nov 2012 19:50:47 -0500
Message-ID: <m3lie1hx1b.fsf@carbon.jhcloos.org>
Lines: 12
MIME-Version: 1.0
Content-Type: text/plain
X-Hashcash: 1:30:121117:therightkey@ietf.org::HQJLgewKY+T8MqBS:0000000000000000000000000000000000000000fnUbO
X-Hashcash: 1:30:121117:paul.hoffman@vpnc.org::GuplIm+EdG17hjeM:000000000000000000000000000000000000000BmTai
X-Hashcash: 1:30:121117:benl@google.com::YXtCvA0g/8x4kdNo:0zKyBB
X-Hashcash: 1:30:121117:dane@ietf.org::ifU0jUUHziyVNRv6:000Hnjo2
Cc: Ben Laurie <benl@google.com>, Paul Hoffman <paul.hoffman@vpnc.org>, dane@ietf.org
Subject: Re: [therightkey] [dane] DANE and CT
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Nov 2012 01:05:52 -0000
>>>>> "PH" == Paul Hoffman <paul.hoffman@vpnc.org> writes: PH> Proposal: we take this off the DANE list and keep it on therightkey PH> list, focused on DS instead of DANE. +1 TLSA is only one relevant vector for dnssec attacks. Any such discussion should be more general. And tracking DS RRs feels like enough to provide tamper evidence, at least. -JimC -- James Cloos <cloos@jhcloos.com> OpenPGP: 1024D/ED7DAEA6
- [therightkey] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Tony Finch
- Re: [therightkey] [dane] DANE and CT Warren Kumari
- Re: [therightkey] [dane] DANE and CT Paul Wouters
- Re: [therightkey] [dane] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Tom Ritter
- Re: [therightkey] [dane] DANE and CT Tony Finch
- Re: [therightkey] [dane] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Shumon Huque
- Re: [therightkey] [dane] DANE and CT Tom Ritter
- Re: [therightkey] [dane] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Carl Wallace
- Re: [therightkey] [dane] DANE and CT Shumon Huque
- Re: [therightkey] [dane] DANE and CT Frederico A C Neves
- Re: [therightkey] [dane] DANE and CT Phillip Hallam-Baker
- Re: [therightkey] [dane] DANE and CT Paul Hoffman
- Re: [therightkey] [dane] DANE and CT Shumon Huque
- Re: [therightkey] [dane] DANE and CT Paul Wouters
- Re: [therightkey] [dane] DANE and CT Paul Wouters
- Re: [therightkey] [dane] DANE and CT Danny McPherson
- Re: [therightkey] [dane] DANE and CT Phillip Hallam-Baker
- Re: [therightkey] [dane] DANE and CT Danny McPherson
- Re: [therightkey] [dane] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Ben Laurie
- Re: [therightkey] [dane] DANE and CT Paul Wouters
- Re: [therightkey] [dane] DANE and CT Paul Wouters
- Re: [therightkey] [dane] DANE and CT Paul Hoffman
- Re: [therightkey] [dane] DANE and CT Phillip Hallam-Baker
- Re: [therightkey] [dane] DANE and CT James Cloos
- Re: [therightkey] [dane] DANE and CT Ben Laurie