Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension

Melinda Shore <melinda.shore@nomountain.net> Wed, 18 April 2018 20:20 UTC

To: tls@ietf.org
References: <CAOgPGoAhzEtxpW5mzmkf2kv3AcugNy0dAzhvpaqrTSuMSqWqfw@mail.gmail.com> <CAOgPGoCbHzuAZra5+i647gtLbR9ZV0-nEE+A7K6e8cUMNjNYtA@mail.gmail.com>
From: Melinda Shore <melinda.shore@nomountain.net>
Openpgp: preference=signencrypt
Autocrypt: addr=melinda.shore@nomountain.net; prefer-encrypt=mutual; keydata= xsFNBFppZ0gBEADFwxAi5szDOsM/6+CH4pbYTX7D+2gjLY4xEE7ydQcAF1WVLvcWXrpZM0GO /eA4N1PJ+OT5o8o9zVr7izMJkiLwcnQmxHdlYgZ9E+Cm8hDtMyEPBQwsYTkE5kpbGCmBAZ+W rHNHjvDg366uZQHzJejenB1/V4+rxMZs1Ak34Az2MVOz9Doecaiadpw3NpH3+1VXY/qilqnM lznINSANqD0ktxB/CVKjxl3/K5JnVnLp0h2kiUqt19hQPX2JmLcgaHzu+Ceb34/HZWhs0CiF c4auhQ3A9PcccOprQh6IGW1xo6RP3OEbeRFqeovgBWS+DIWzMIM0a3G2LDid0889QYwEv0zZ RPDCcF3g15mlkeUUmwKQ6eAagPyTqLtTiOKULqy9bQahyX2eqlySrF+HqlwGeNoG+A4l1Z2Y S7NCBLPIzUk2RuSKMBaKw86ORzvg2Advrw4bdv7kbDkArGzywky61SEB/q+GqR466mekXx2F O+m8RuoSnWrBsKvD/bhELHcneorIBleGz+VL7i5adU0rIydG3jPTfUeXoCZIeNx1LannxnAR ihKdh5+FE26WiiK6VmZWkvFjaPFwWGjvAsi82Pd9QgHhnG/XzINpXw/3HF4wtBTU5nIExMzC +FbJxCPq1kXpqSxJqg7hgUFvD5jUD9lpN5Br/S2dUgJj95bbPQARAQABzSxNZWxpbmRhIFNo b3JlIDxtZWxpbmRhLnNob3JlQG5vbW91bnRhaW4ubmV0PsLBlwQTAQoAQQIbAwUJCWdTAAUL CQgHAwUVCgkICwUWAgMBAAIeAQIXgBYhBE9oLZMqF5b4IPI0wN+4kXKadtuPBQJaaWd0AhkB AAoJEN+4kXKadtuPmvIQAJvVNnT0qhltq35AQ9Z1Ipx1IkEcQ8+yyMNLgyV9ZYhn9wn9JS/C TSb7HDSyTRiIz8CnaiCIOn2ZpT3sgYFw3cijT6YfRiifCeu4z3ea+XXOA/VyqXo42ARWOvq3 XdY3uj/j1c39PvhbopUwhulHzFJL7cMJCLEws588HdLwT8GVe+aTFPP4buJRqpOM0kSr/gkN 1IYKI0x1w6NgsgrYjCnv/VUwThjcVWPwMvZStvBnGquE6tvEmlnY+5cRktKSFw4X1ijxKzJD m0iqg7P7gNjC0r5uR2fF6BC0OPo9txPnabYph1wZ7V/5gnDwtWimD0ER77EO5Mr3zZHzva5v EwDpEbKXI43XAfpbxz3uc2fmXE2cvOCFgY/fTpX4kjVaxyFvjf1zrsac/7qFzwvgotYrYSc+ E1Ts+n1hWwsDA+qw/9reE1z9w+sn7SKL7zlS9sV54rfcd1AT0aMwlhAkEOaXRutriQ9BWWOv TOZBtRuV5RO/ZieY7lLX2+na2LjxLyak9k6wYwQwKvzvovBrr8zwDfJQDQujdVhk/lrlngAw Qh/U9dOg2hTUNiFHbKe1N+4vNCW/aLqm33LEV/vK/KepGsTl1ezQotOr0d05h2QySsdAgLCX Gv7bb+wTl/8Yx8hZfZO68KoRk8Zy4Yz8kE5LWJir+QQC7m7oo/4wZZcIzsFNBFppZ0gBEACg ZuM18ghzSuhuv+n0kWyWCeEWrx9Ey03EgFj5alBt55+OLv3dOsdyBHJxjtd0cZS1XaKZlgr1 YZ0OpQNv/Wyy8uSW2BZ6hyG1SKN9/1MmfJLNnjjxaBQP4yaMwDdS3wX7hoWY19IpVPZHYDR3 5FAgSnG/s6we+IOITM1TJoOJs4+ygeK5dC7LfRoj+lkEHYrTcglYVuwsyK2FNz/sF8kJW1fE ZHM66phSbhCvwbECWbb4eDGXbKZY92W1RTQ5U5td8DMLXyYipQphrcoeRXpb18DbOnE0WwIQ V0yBgc/rTiUt/wVjasd1RrsCPBQC/uJ+ZHknvr2MoxIWBBsRtKYHG66aOL+nDV8X1miuF6j4 cztvgmdqrwPHpAKVxhfwd/G4suNBunYw4/kAV9b2+eidX5em3NtPPNl/qNjsmEHQGn/5JKRH RvQs0yuigXDhN2N0keoHrbGCE8kyA/d83L7E9d95hsf3JxpRzmeaTze+NpcIaX5uXdKOaCBj Ltx1tOrDA4XX7Y3nY+waKZYa3RvC7yulFJiKfYWDSriWeQXcXj06p8H6vF6sy9LeX9xRRjTI 7qDHFxwuMQIKGqgufXtxu0pxxcMqXTEUPZnxUWUvuFjjYvEmtO92+Ot/NuotV8JvRPwg2OnY jMJodU1X7hzEs8djtgZG+t3FEGK3i1EJUQARAQABwsF8BBgBCgAmFiEET2gtkyoXlvgg8jTA 37iRcpp2248FAlppZ0gCGwwFCQlnUwAACgkQ37iRcpp2248krg/9H896KtAQCAV0RcV3QqZ7 5iY5pCxpRyxAaR0PjE5jiYV5gUHPCKtr9UPZt4Bi+bzNLQ2KJK6Rx4XNf5lQWopEo1IxtOiF PjkrQIpNkYmFWyOGpKpSIDhgsJpswZqxPDLpo+59GNlSUG6v3sMAnx+Gvtvqczkvg6UPDN/J YK75BIGoCGZMyor1B0EmRYj98LdwjT95dQZXjZvWBDeIx+NxUZKoA7AlR/xgsN3PHGq4SApM LL0R/qbiLIzUPnTPt5sBs0peflVvMrtgIMiZ9FdYPE+VWy5+X2AmeFg6Zl5W76HQUP6eYZQV 5abZ+iiW9lY1TmqsqpTIDu/ZMy7pLknxV5E1vQy+wsihluDYydaQ4HWoNaY7QFb+x7TsvjJR i+cH7By4jxohTWUuaukuMmT0eEaesWJSraAmxsffqJwDpsi0chZskuXjEm9gX6rY7MhzOZl7 Vz9F+6MYTtTmT1mpkLAMWf1/JuKUCfnSAHRlDxUOAG6QSJoHWAGqYy3XiF9bN63yQ6xllloS bbMvP9VW0e/iFKMKEIvfIvAg0IrlPcfKAGuuT1axwIU7da/N7LOcXyDDSEUuSzvXL/BkWyjx uLzdLY6eTvC6ZT/fA5iS/PAUj0WbrWNrHQtQ5OY2+al2v6JdLu/w6IZJCBpTosOAOzzmre+3 1fk1HKwqd9xRxC8=
Message-ID: <4dfbb5f1-926f-1ac6-5c0a-974ba6d18431@nomountain.net>
Date: Wed, 18 Apr 2018 12:20:21 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <CAOgPGoCbHzuAZra5+i647gtLbR9ZV0-nEE+A7K6e8cUMNjNYtA@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="q3wu2vzLD2yULRwvEuzcAFQcwnjKsLglN"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/21uymlNt6vGschellx3506s-SJA>
Subject: Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
Precedence: list

On 4/18/18 10:22 AM, Joseph Salowey wrote:
> Concerns have been raised about the trade-offs associated with pinning
> and I do not think we currently have consensus to add pinning.  While I
> think it may be possible to come to consensus on pinning I think it may
> take some time.  I believe we can quickly get consensus for the
> following approach:
> 
> 1. Scope the document to the assertive use cases
> 2. Explicitly allow (but do not require) DoE be included
> 3. Remove current text about pinning
> 4. Re-submit the document for publication and start work on a separate
> extension that supports pinning

This sounds reasonable.  I'll talk with co-editors about text
changes.

Melinda

-- 
Software longa, hardware brevis

PGP fingerprint: 4F68 2D93 2A17 96F8 20F2
                 34C0 DFB8 9172 9A76 DB8F

Attachment: signature.asc

[TLS] Consensus Call on draft-ietf-tls-dnssec-cha… Joseph Salowey
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Ilari Liusvaara
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
[TLS] DPRIV has the downgrade too (Re: Consensus … Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Tim Hollebeek
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Willem Toorop
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… James Cloos
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
[TLS] A new argument (Re: Consensus Call on draft… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Kathleen Moriarty
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Willem Toorop
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] [dane] Consensus Call on draft-ietf-tls… John Gilmore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Ilari Liusvaara
Re: [TLS] [dane] Consensus Call on draft-ietf-tls… Viktor Dukhovni
Re: [TLS] [dane] Consensus Call on draft-ietf-tls… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Willem Toorop
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… James Cloos
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Sam Hartman
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Jim Fenton
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Bill Frantz
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Joseph Salowey
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Peter Gutmann
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Joseph Salowey
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Joseph Salowey

Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension

Attachment: signature.asc