Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)

Kathleen Moriarty <> Mon, 12 March 2018 19:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A7E12126CF6; Mon, 12 Mar 2018 12:23:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9z47ky9D3K3U; Mon, 12 Mar 2018 12:23:26 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4001:c06::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 269AC126C3D; Mon, 12 Mar 2018 12:23:26 -0700 (PDT)
Received: by with SMTP id e7so12817698ioj.1; Mon, 12 Mar 2018 12:23:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bWzXcnb/kRlEJv08ueVn7yg4RoNnSQkIz6/2XTqueSw=; b=o7vj7gotK7QstmRvsTa7/S9z4ztdcGvVZ9wWeogu5Af141GehXx36wOWuzfrSwt9ZP p1mejf0pGoG88BLtnmyX77Kfaty+ZVEh5SUo3IZN8J8UAlRkYeaUx1kCulLNLF7uZkzt 5rJmGtDwl+q1Cm9XIEfZ9x83urvHIc2OLHDWyt4VCNxjoXekqZy91ej31bEpFkZyR3mT N3JdxjxGJkrHWPETWYuEEpwyvEryY/CNFkjKrWCaa9D3Id4/F3V0jR4x3WcqIL44OCZ3 O3fvi94bBU83t8IvOEORLak1Cf+EAvowrUTOJDUME8T/HSSvou8uisdDn9H/QWAguE9r ppHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bWzXcnb/kRlEJv08ueVn7yg4RoNnSQkIz6/2XTqueSw=; b=GesbYkToawru4J2fvtHF7U+zZEIKsx0a57ykDDcn2Lo6F21nVBwpvyrfBKJC55npNE Zc2bLnGE9/dxE5E3QglzZvk+hIoptiL30SXj4Lz52pMLz+3M1idx/1unWcK5URbc4WHT zBQVDwsuKbIv+FpQjfzyMgT0HLlqdlJAiFTlBJRvPuKKhyJCBsgjQkpnevVukY3GznXi ID0wt2nqHYkvoub62TT12goHg10W44yiB+b6TQCeNh+8GiEe9fyZoI47n5tgD4azjz+j aocnLupOD2akxuv/bsRdPdZhOsoqZH5EHZyTLHJDmm4WnK0bf1hdTS6wFIrU6BGefkFr OclQ==
X-Gm-Message-State: AElRT7F2HqqDsibbdOQ6v67Fo809LxtOpM3BR+78K87KEyTcIa//MHbl FlA8QYbJlnvft0OBs5nYROmnzrfZ4B5kVVAI1/I=
X-Google-Smtp-Source: AG47ELv8hpfiBX0E5n0KE3Zene2nW8+mCag61PzDpv5rFrwYudxiC0QwifrsKIjYLYP05VF1r1/pg+v574uNZkR08nE=
X-Received: by with SMTP id g8mr9803373iob.163.1520882605497; Mon, 12 Mar 2018 12:23:25 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Mon, 12 Mar 2018 12:22:45 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <>
From: Kathleen Moriarty <>
Date: Mon, 12 Mar 2018 15:22:45 -0400
Message-ID: <>
To: Paul Wouters <>
Cc: Willem Toorop <>, TLS WG <>, Eric Rescorla <>,, The IESG <>, Shumon Huque <>, tls-chairs <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 12 Mar 2018 19:23:28 -0000


Can you please provide updated text that addresses EKR's discuss while
this additional discussion continues?  I'd like to see if it's
possible to get this wrapped up before the plenary in London.
Eliminating discuss points and resolving this additional issue are
required for that.  If this does not get wrapped up before then, it is
likely the draft will have to go on another IESG telechat with Ben as
AD, which is fine if that's needed, but better to avoid.

Thank you,

On Mon, Mar 12, 2018 at 2:29 PM, Paul Wouters <> wrote:
> On Mon, 5 Mar 2018, Willem Toorop wrote:
>> No Paul, the division in sections is irrelevant for a verifier.  The
>> only bit of information in a DNS message that is used by a verifier is
>> the question.  From the question, validation starts and the relevant
>> records are followed and verified.  But the question section is also not
>> needed as the question can be derived from the name and port of the
>> service, i.e. <port>._tcp.<name>. TLSA
>> The order described in the draft is both an optimization to reduce the
>> number of times a verifier has to go over the RRs, and it makes the
>> content easier to read (and understand) for humans too.
>> Also, for non existence answers, DNSSEC validators (and thus also a
>> verifier for the chain extension) simply ignore the DNS message header.
>> Proof of non-existence can and must be derived from the set of RRs in
>> the message body/sections too.
> Willem (and Shumon and Viktor) have convinced me the DNS Header and
> Sections are not needed.
>> The extension already supports Denial of Existence proof b.t.w., because
>> it is also needed for wildcard expansions (which are supported).
> The issue here is the requirement of the TLS server to send these
> records in the absence of any TLS record. This allows the clients to
> detect a rogue webserver cert that is valid in webPKI but not valid
> based on DANE. Without this commitment, the TLS extension does not
> really work, as it can be omitted by an attacker.
> Paul


Best regards,