Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
Tim Hollebeek <tim.hollebeek@digicert.com> Mon, 09 April 2018 18:33 UTC
Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A94E4129C51 for <tls@ietfa.amsl.com>; Mon, 9 Apr 2018 11:33:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.102
X-Spam-Level:
X-Spam-Status: No, score=-0.102 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3awR4CdGXYQH for <tls@ietfa.amsl.com>; Mon, 9 Apr 2018 11:33:26 -0700 (PDT)
Received: from mail1.bemta8.messagelabs.com (mail1.bemta8.messagelabs.com [216.82.243.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C29F61273B1 for <tls@ietf.org>; Mon, 9 Apr 2018 11:33:25 -0700 (PDT)
Received: from [216.82.241.100] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-12.bemta-8.messagelabs.com id A2/50-20771-4F1BBCA5; Mon, 09 Apr 2018 18:33:24 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA1WSe0hTcRTH97t3m9fH5DpnnkYSrSFlbcw0NCy ooHwVRRCWBHXN27bcpu1OWf2jYUWpha9JjtRRRvgoNC2zkkoJc0rD9WTYw9QoJUszTcPqbnf2 +O9zzvf7O+f8DofAxY+FUoI2m2ijgdLJhH58h/JSimKquTdVdfwsiv3scmKxk44CtBFLqK2dx RJmqrGdWKpAa0jLNB8QaKpvVWFZQ0nm2bZnKA+1bC1AfgSf/IxByd1HmDsQk+UYNJ504lzwBk HPlx9s4EsISRU87+jG3CwhN0LXC5vAzcFkEgyOn0JcPhmenrvsw3EO2OcKPMwn5TBl7/fUEZH 74O3Lx94GAwLomyrxmHzJTVDdXu5hRC6CGXujpxlOhoJruMbDQEpgsL9XyHEIfBz6KeD8+6Dq a6c3vwwq7zm9/jBw1hQidzMgWzH4PvYB5wQFfLFYvLwdbMVNAs7kRFBc9tqHEyKgo6OLFQiWM +BenYxLx0H+kycY56/FoaKl2etfAkXnS7yF3gjgWvO4Zy9iMh3K6xfGc+Bwsz+Q250UXj09g4 rRSus/P7Wy73GyBkH+/TFk9ewsCHoqh/mcKQIsV0e9vBTaPl3AOY6D83MPhBwvg/LCQR+O18L YwwlkQ0Q9WsHQxhzaqIhcp0wzatUak57S6hSRqlilnmYYSk3rqDRGeTBTfx2xt5XL46FbqOJO fCdaTGCyENHNot5UcWBaZvpRDcVo9huzdTTTiZYQhAxEAewNioOMtJo2H9Lq2ANdkIEIkElE4 W5ZxGRRekar5iQ7UhADraVFuJhvyDTQ0lBRiNtEuk2abMOfEgtn7kRh0mAR4vF44oAs2qjXmv 7XR1EogWTBohtNbJUArcH0p9MoOwTGDjF54JF7CBP1V5LmoTNH2m+n/lrle3tLYtLyd2UN33P W+L/qPubTuDumfT7lhtx1omFPW4F1Q0zCZMuuwxmro0Z4J+WuXMsAYw61P7NO7CjdG93ltyE6 vHC7Mnv/vF2RPuKIqgvmJ8vlm9Xxtm/vd0w3Xdl2+qLFz9VNpjBhlzdNr090XPJXJX5U941I3 sv4jIaKjMCNDPUb4wUO5OEDAAA=
X-Env-Sender: tim.hollebeek@digicert.com
X-Msg-Ref: server-9.tower-220.messagelabs.com!1523298803!200479645!1
X-Originating-IP: [207.46.163.87]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.9.15; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 14663 invoked from network); 9 Apr 2018 18:33:23 -0000
Received: from mail-bl2nam02lp0087.outbound.protection.outlook.com (HELO NAM02-BL2-obe.outbound.protection.outlook.com) (207.46.163.87) by server-9.tower-220.messagelabs.com with AES256-SHA256 encrypted SMTP; 9 Apr 2018 18:33:23 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Ilh1sDrAcR2ibQ8f+mq0XKIPPcEDJOyke1DDc6uJ8dc=; b=oTdfzym0zMYzd/8AZFk7TebCdh096HV7w+QrEKUwewTiMdLO9RlOuQ/+776k5a9orfqnRgXttijPsDZmv7GmCGY0xbcPAmeTqK4n4I8NJtlbfmEzP1p+KVhu0bdOtK58E8xwHF9mZmGcF/y3MmEUd6TEWbApE0L2S34OUWm6GWM=
Received: from MWHPR14MB1376.namprd14.prod.outlook.com (10.173.232.139) by MWHPR14MB1744.namprd14.prod.outlook.com (10.171.147.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.653.12; Mon, 9 Apr 2018 18:33:22 +0000
Received: from MWHPR14MB1376.namprd14.prod.outlook.com ([fe80::ad66:bb50:b8e8:9dfd]) by MWHPR14MB1376.namprd14.prod.outlook.com ([fe80::ad66:bb50:b8e8:9dfd%17]) with mapi id 15.20.0653.015; Mon, 9 Apr 2018 18:33:22 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: Paul Wouters <paul@nohats.ca>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
Thread-Index: AQHTzD153lXhdbKumEK21sHaP8VrkqPxQIwAgAAszYCAAAIWgIAAAgQA////TICAAAWaHv///XmAgAAHIICAAAITgIAAZ0gAgAbgLWA=
Date: Mon, 09 Apr 2018 18:33:22 +0000
Message-ID: <MWHPR14MB1376F7072DDDE11B423BD0A183BF0@MWHPR14MB1376.namprd14.prod.outlook.com>
References: <CAOgPGoAhzEtxpW5mzmkf2kv3AcugNy0dAzhvpaqrTSuMSqWqfw@mail.gmail.com> <EDB0F480-1272-4364-9A3D-23F9E1A02141@dukhovni.org> <CABkgnnWBdp=KtmBVDcrR9-5tdVPfhWG7pWR0FE57H=iWS37dWw@mail.gmail.com> <C52564E1-ABCD-4E1A-8517-19743BD2180B@dukhovni.org> <CABcZeBMcvtQ6Ko-2Rmoq3BSVBOqdQwJ65vVrPK0cpSJ9nQCS3w@mail.gmail.com> <20180405022007.GG25259@localhost> <CAL02cgSOQVZR96Veh7EEMCoQO7-+5ucdBiAUcAXGt6QFEopXNA@mail.gmail.com> <CAL02cgTQgpAGBv1+-2GTCPSgNDD5TMd0xQw8bQDpe9BiacBarA@mail.gmail.com> <20180405023106.GJ25259@localhost> <CABcZeBPcqLrSdAcJaeXKsLY6vzT1UquCdiQX0yHSBDoV0re7eA@mail.gmail.com> <CAL02cgTB3FsBYz5jjF2xbOWXSr38q3dVsi1Qo-Ptyhhzeh=60Q@mail.gmail.com> <alpine.LRH.2.21.1804050507100.22565@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1804050507100.22565@bofh.nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [12.153.98.139]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR14MB1744; 7:RurQboqCsZURsWlanCDAzNl3Xr6g7eTp+H60dMvffSLRyWxpweaLSda4bFXXiHKXjvJp8p4dD/ESh8xLckSq+yZHvsgg3q8DbqBoB+Z+v+7j0163EEWd5JyZPsNCu75Cb/HFEfWWXRFsIEW6pZ9V4bIS9FEnmqWrgZMJMw58FXoPzidxyVpomrfChnBGPdNPJBKKpCTC1LTKoLWlmNU8oZI+1f/MEjD41rfdy1jIH+YYWaBNqgoN8ldhEcPPcO63
x-ms-exchange-antispam-srfa-diagnostics: SOS;
X-MS-Office365-Filtering-Correlation-Id: 694bf85d-8c95-492a-2a42-08d59e485fe1
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(49563074)(7193020); SRVR:MWHPR14MB1744;
x-ms-traffictypediagnostic: MWHPR14MB1744:
x-microsoft-antispam-prvs: <MWHPR14MB17446157C29E84AFE02C074683BF0@MWHPR14MB1744.namprd14.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(100405760836317);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415395)(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3231221)(944501327)(52105095)(3002001)(6041310)(20161123558120)(20161123564045)(20161123562045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:MWHPR14MB1744; BCL:0; PCL:0; RULEID:; SRVR:MWHPR14MB1744;
x-forefront-prvs: 0637FCE711
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(376002)(39860400002)(346002)(366004)(39380400002)(199004)(189003)(5660300001)(229853002)(53936002)(3280700002)(81156014)(6246003)(2906002)(2900100001)(8936002)(76176011)(446003)(59450400001)(476003)(6506007)(5250100002)(7696005)(486006)(11346002)(81166006)(8676002)(68736007)(110136005)(2501003)(6436002)(55016002)(9686003)(86362001)(99286004)(66066001)(93886005)(106356001)(102836004)(186003)(316002)(26005)(33656002)(478600001)(99936001)(7736002)(74316002)(97736004)(25786009)(14454004)(105586002)(305945005)(3660700001)(6116002)(3846002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR14MB1744; H:MWHPR14MB1376.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: CuhJWpXsfJNOvUfPJyybxLZAXGV5PYo2VULPsXLrIWPnUmRisX0RxBX51DNTlimc0lCH6HAJRyS11JBJV+iXxN5NMpgbWM9e3lRkSSsgszBOxI/XMVdnPddXtf/Dp4hZSyIPoHH/Lf+7+AjMNwgpWbLEWWvIkOPiAFcAtJK1XVSTT3Dnlj/ZkUuQTbcysS7AsauVMZ5UvZjFuWEoKeMIFtHWclFs/x+MJcv4VZh0geFehR0NyiZ+P8EcdzH5ANMSrTXFlqwe5WuKOOik29nC7c56r1ScOaeY6Q6Vz93hGaWU0MG/Iif8hegaaWu0Li/FtF4waZpfsy9V5hhU3ZUVVuPJWpcBMuznCQqIWruDpigjFv85VMxugncIHrnRnkfFbCrhmaBj43prvrPCLPxyST7H85eQhP+u1WC73gYf2jE=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0A2E_01D3D00F.B31E7180"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 694bf85d-8c95-492a-2a42-08d59e485fe1
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2018 18:33:22.4656 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR14MB1744
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/RCQRN0be2rPEpW7i28Yju0TLNUA>
Subject: Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Apr 2018 18:33:28 -0000
> The webpki is changing dramatically. The amount of CAB/forum violations > seems to be increasing, partially as a result of these violations getting > exposed > by certificate transparancy and perhaps partially because of the financial > strain > caused by the free LetsEncrypt. Uniformed speculations that are just flat out wrong do not help anyone. LetsEncrypt, if anything, has been a big help to the CA industry. Both free and paid offerings are seeing significant growth. Let's not spread FUD about "financial strain" that does not actually exist. And furthermore, it's best not suggest hypothetical unproved ("seems to be") observations are caused by the previously mentioned cause that doesn't actually exist. That's irresponsible. Tools like cablint have actually contributed far more to improvements in the technical compliance of certificates from vendors who previously didn't adhere that closely to strict compliance with RFCs, CABF requirements, required certificate profiles, and so on. CT is less responsible, as it is only required for EV (though many large CAs have voluntarily started logging all certificates). Many bad certificates were still found the old fashioned way: by crawling for them. There's an old story about an intelligence analyst who found a handful of suspicious structures in a remote desert. More resources were assigned to figure out what they were. A few months later, the number of structures was observed to be increasing rapidly. More resources were assigned. Pretty soon, new ones were found every day. People started panicking, and someone was dispatched to investigate on the ground. It turned out to be a kind of water condenser common in the region, and the increase in numbers was only because people had started looking for them. They had always been there, just no one paid attention to them. The truth is that the increase in activity around problems with various certificates is because people are just paying far more attention to even the smallest, most obscure details of every issued web PKI certificate these days: far, far more than they did even just two or three years ago. And that's a good thing, not a bad thing. Progress is being made. The certificates being issued by almost every CA out there are much technically cleaner than they were when I first started doing CA things, maybe five years ago. The Symantec swamp cleanup effort is also responsible for a significant fraction (the majority?) of recent reports. -Tim
- [TLS] Consensus Call on draft-ietf-tls-dnssec-cha… Joseph Salowey
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Ilari Liusvaara
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- [TLS] DPRIV has the downgrade too (Re: Consensus … Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Tim Hollebeek
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Willem Toorop
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… James Cloos
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- [TLS] A new argument (Re: Consensus Call on draft… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Kathleen Moriarty
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Benjamin Kaduk
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Willem Toorop
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] [dane] Consensus Call on draft-ietf-tls… John Gilmore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Ilari Liusvaara
- Re: [TLS] [dane] Consensus Call on draft-ietf-tls… Viktor Dukhovni
- Re: [TLS] [dane] Consensus Call on draft-ietf-tls… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Martin Thomson
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Willem Toorop
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… James Cloos
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Eric Rescorla
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Sam Hartman
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Jim Fenton
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Bill Frantz
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Joseph Salowey
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Paul Wouters
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Richard Barnes
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Shumon Huque
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Peter Gutmann
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Nico Williams
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Joseph Salowey
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] Consensus Call on draft-ietf-tls-dnssec… Joseph Salowey