IETF Logo Mail Archive

[TLS] Re: Last Call: <draft-ietf-dance-client-auth-09.txt> (TLS Client Authentication via DANE TLSA records) to Proposed Standard

"Salz, Rich" <rsalz@akamai.com> Mon, 26 January 2026 17:33 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 530FBAD4123D; Mon, 26 Jan 2026 09:33:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.794
X-Spam-Level:
X-Spam-Status: No, score=-2.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com header.b="UqySYtSj"; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=akamai365.onmicrosoft.com header.b="Ltm9Cm5i"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4KsEMdmhVqwD; Mon, 26 Jan 2026 09:33:49 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [67.231.149.131]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 5BF3FAD41236; Mon, 26 Jan 2026 09:33:49 -0800 (PST)
Received: from pps.filterd (m0409409.ppops.net [127.0.0.1]) by m0409409.ppops.net-00190b01. (8.18.1.11/8.18.1.11) with ESMTP id 60QCcQSK1398752; Mon, 26 Jan 2026 17:33:46 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=jan2016.eng; bh=hQBen+bCBnL0KK7Ci/O/Km dwNYw3UdaD+ilO7msnrDA=; b=UqySYtSjUtCNv85Oz2uPXUrvgx1PTnD3GpdXJG mtVPiWwu9JcWeQCiWNZa7L72PR9qfzwwDi5DRNNaVE+JLbcOuNnSP4ghmiw01DWS 0bnXkuezyKYuQvNv2Ic81NOZF8CL59qcuy/YpLyfc/ZTPtu1+cPNXJKWn3BkPT2L 0AmyCxSM59iz8xFFRCYqe3PJzOqfCj4X0RTfzEq7Qu8ENFgLBSgrGn9LcYrhn1ra bpZO4T/hhuuIIWN5DKA13QAfEarnNMpojHiVcMuQ8puFGR85Me2hle1Ve4OHc1Fe j5KkUSDUNFlxBcELKpMHSC873vddSPxJnk8gncRPATXgbVnQ==
Received: from prod-mail-ppoint4 (a72-247-45-32.deploy.static.akamaitechnologies.com [72.247.45.32] (may be forged)) by m0409409.ppops.net-00190b01. (PPS) with ESMTPS id 4bw89rbd48-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 26 Jan 2026 17:33:45 +0000 (GMT)
Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.18.1.2/8.18.1.2) with ESMTP id 60QEPhTp002821; Mon, 26 Jan 2026 12:33:45 -0500
Received: from email.msg.corp.akamai.com ([172.27.50.221]) by prod-mail-ppoint4.akamai.com (PPS) with ESMTPS id 4bvta3f36v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 26 Jan 2026 12:33:44 -0500
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag5mb4.msg.corp.akamai.com (172.27.50.221) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Mon, 26 Jan 2026 09:33:44 -0800
Received: from ustx2ex-exedge3.msg.corp.akamai.com (172.27.50.214) by ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Mon, 26 Jan 2026 09:33:44 -0800
Received: from CH4PR07CU001.outbound.protection.outlook.com (72.247.45.132) by ustx2ex-exedge3.msg.corp.akamai.com (172.27.50.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.27 via Frontend Transport; Mon, 26 Jan 2026 11:33:44 -0600
Received: from MN2PR17MB4031.namprd17.prod.outlook.com (2603:10b6:208:200::22) by SA1PR17MB7563.namprd17.prod.outlook.com (2603:10b6:806:4b5::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.14; Mon, 26 Jan 2026 17:33:42 +0000
Received: from MN2PR17MB4031.namprd17.prod.outlook.com ([fe80::4082:17d0:7c11:1730]) by MN2PR17MB4031.namprd17.prod.outlook.com ([fe80::4082:17d0:7c11:1730%4]) with mapi id 15.20.9542.015; Mon, 26 Jan 2026 17:33:42 +0000
From: "Salz, Rich" <rsalz@akamai.com>
To: Paul Wouters <paul.wouters@aiven.io>, Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [TLS] Re: Last Call: <draft-ietf-dance-client-auth-09.txt> (TLS Client Authentication via DANE TLSA records) to Proposed Standard
Thread-Index: AQHcjtoGm0cX6ugd1Uejyjk6dCVo8LVkl70IgAAPRICAAAMWAIAACnmAgAABQm4=
Date: Mon, 26 Jan 2026 17:33:42 +0000
Message-ID: <MN2PR17MB403164FBAA225182559058B3CD93A@MN2PR17MB4031.namprd17.prod.outlook.com>
References: <176529902699.1146491.1360588667931244217@dt-datatracker-5bd94c585b-wk4l4> <CABcZeBOCNZf-mYJ2DM1YTnUAYpvtyc5Ba2qQ6aOmsYhS1y5fvA@mail.gmail.com> <CAHPuVdV4TvP4kHsEC=7K5QNFZUktYCRU44LqJr33fzB5Md+Q1Q@mail.gmail.com> <MN2PR17MB4031E3807DE7137A169C2E24CD93A@MN2PR17MB4031.namprd17.prod.outlook.com> <CAHPuVdWssWuFsZNjKHOXc=sRyEDwAzpbtaUkZuTMvZW0=BXGJA@mail.gmail.com> <CABcZeBMcShiaC-Rrd8zdH=xa4OU2dtKtAVVfZF496t=2qJS-fw@mail.gmail.com> <CAGL5yWY3xqxaxgkNg6sYH_GSSha9tVCbcam59OiEnm=7JAyTMw@mail.gmail.com>
In-Reply-To: <CAGL5yWY3xqxaxgkNg6sYH_GSSha9tVCbcam59OiEnm=7JAyTMw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR17MB4031:EE_|SA1PR17MB7563:EE_
x-ms-office365-filtering-correlation-id: 78a3c40a-74b6-4406-75e1-08de5d010cd1
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|10070799003|376014|366016|1800799024|8096899003|38070700021;
x-microsoft-antispam-message-info: 0Uuqy8ZjG27CiOJyP9D0+fwCP4dVPpsxwudtMs525uEqr/paALZvVIJSTN+P9kBYV8b/pZxkOPgNJVHlyNbDdRL4OafN1Y1DnawpNJhdxWeB3g2uR4gMyRsEKhFU6HPRDZCm+BnrO8xk5DD58uXJqPOy3etpTOvPXTCJBP5rMCWWSwP2LijGgFrS5Bx4bR9tJAHlESzDdUj8fmcFxBzVdSQE3agF3CWL3eNp4gbz/hhYtb4wHRLAviHmwB58TlTE7fAS67+9C1uJMBoX6s+8neJDFpX8jsmrzAUOH48futbH8vpmRgDtbZvchQf64eJD1A5zcz5qjBf0VuNU7i/b7FlVY29HsDFbW4K/Kj1QpRiOodE12ouBLnDYWXG2CO+gK230+PI/b2S5nnIXjtaY9lLxs2QVjZaFgbNrVJGMQOk0YOVXC3gmzI0JvvirRtgHqxNcAFXkNkQ+Tvdda0d/NMDgxCxAILdqvdBgjZsUu0o40hvjLSuo6ospkwf3TrDjEnXUtGBI2yv0MLItB0aZeCQaURoB+IElO+AzYVkz2hcsxmB8KsSm4iXYsomTRay6Y+vlGAhS7zt2fH75GORiCsyuDEQDkDbNipfwxCFoZJjkacRPxEVGNW6jTkE4abSMsISAQICgr/Cbcgl6W6SJnyFBVhRjX3DddnHbhUMsXe34G10VeASdM6ZxQZZ6JYXm6L1Twf+Ix7cAJf3qmnf1JW8Apx5ktksHDvM8FoYwhUCx94kFr/6WE3esKxXUsun98eJMcn64xqxZ7TqITSqyDAMnKVy7+cGhhIsk7m8nuKugl6yunwx8CVWyb4GLz3wwOM4+QcSzxmsOdqE7r9X7Mq6Gyezoxh3BLnoQqVP7t2SGu+85ucNhkmUkkTF4uSgD5DV0NwBcYb90U5nlyaS4vyGQdjN5xp0H1e2DRdVO1dnGXErTHaMNAD80AyL89rgptMmoR9KVj7EdC6jzdDgvMgTnwc2Dk5JdUkdiKNw11lSck8PbSvo0/R7L67RE882/+JKmdqe0Q6FI3VFYselIlL6OvnLo2VjnvWLAB+9xR5vrTR+1giF9zVty7375MY3qEpdleIqttHQz7qbg4lgCP4Dr3vGWGCKPaFI0uzttkyJpXYrYUamxFPifuUJrkw2Nz1rlTRw714fnIQ9nDNPwa8WYlfVzCb7drazeDlN+K0Z5Hz71LeQUsjZglGHPIuXi6CxM78i7LQWdSBzC78xum790HLJpxMhXM63S/hbdOi/wDT50fSdLKns+OfoAwd/uR7OONlVSmQbT0Pkk/8KlQ+Om5NSDqvsX+KQnkhTjeRRER6Xk2uAnVvTGd9AWGMAZP9rFJD69Qm6o7+gYeH5/5dVclM8gibZkiHaiQH1XVCwD5Gfdp2mVD2qZETP6hvwtUK4NL5vU+8Dr2MiDlZPqO86YaMQR1m2sBvgT+LVgvgHe0RB4x+5ZvVTNANadHrv5DTh3QUMzwyBspfMI5Z73EvIB7dh87T3KhWiWGqjzmzhiNqn+DZoWMOLi5XU8Pp5Pkb6dDFDYfauMRxTWKe9DFqp9ydgbe8rCNuR01QH6vDwiO68p2StkC1PfENgBUYiXUoz5/A5AQ3+qj9RUKAEJFmeRD5cioVDUB8o1NT7Qfto=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR17MB4031.namprd17.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(376014)(366016)(1800799024)(8096899003)(38070700021);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: wYXpkMxjSHal/cjrkI5teKx7q95kM1p1mEenfjyLLUrB9MCQaQJGHy1zmdNlFheSfwKbB1uZRBGuY5804fp9LHkDpfZzhnzEJ0o71S7p4bA8RtOmzpi78dfmrw4VQsBe3tPI4OyoZWn3fj7PsHAS7lzIhIHQvfHQXlVLwXb2zFQQDgVo0smk7CS1kJMbp3uBCgTvrUU4tWsIl4lGY/XGY0c4WDyifXTe9MavBn6w9x0kA+xwzY0r9x+1pcBdvwnCeJAM4NcQa7XnH3XjyO+VbR9fXL/Qcu36/MUtQcGlOah6OK8SXZHc5QHU4IfKcc+eDR01grajSmo0EN6U0hF5SNKrKZ1MD/V0vnucNlGQvvZCLwIw95Uno6Rbgtlz1kep8SZ0HYqF4xxYap9mok+hcC74tqoAO6DJ7v1wDr5bxGO/zM3/4rxxXPFom9KvndJ46IRI49lMjZL4ssT/Ot3OzkZXxwlnXf7flmuzAkLnv1N4RFcKMbMj2YfH0qNFIYMarkflW1gAE7qWrba4X8DbDEUJNtGbaTzil7nDcMGHVfzzDRx+kFprTNFY+9gXhTdL0mp2VspEBh449XuZRBbh8WSkp1wJWjdJnUz6DbTja0uCsy2UMXgYdRFsXM91QKtglH6C++/2e2aLMImR6cqXjkzy32QX4GHWgxPQ4XSNCRwiRNtWUbhLcumt9HydwkGoRGTHxVn0wbdRLKoHxDWF7OilSBocVI2KQEKKNTzYuCNzBPWxQemULDqGDcVJcB3D+Q97nB4m0hKzTUSTJ4cSoWBVdryt68W0ByveTawMau9ZRraJuBNKNuGbGTZJTHmUdpynvrx9VlEAbM2p/fAjpGSpFEel+xU6L6OuMVY1+Zx34Skrp8Uf1ChIhdDSZcMqJvDQ+witbETGeOAiiZAGZir079PsG6HIn5AxrDb98ZU+P+9nXkaSV2z/IlhLYRoRZGyDg8gNvcBmijySRDDu7Jwm7tI5CManX48FeUsOlcCFbFPzZ3H6m946PXaWigoYKTJEm7Z9YFxbXd+RC/Xl7PjxitpFo2pEd2KGzIAuPgN+E08zcczcEsmy/ferdaaujH6kMSU5ja7oppRcNk1sMdq+jG2kUZa/pwgPd208A7aCNMkH8cvaugVozYRfjFw0lcMFl3QAtPzRECGNR6NXiZqbTA3z4XTpp6goeSEZ84zvdMc9JbGofW4qVfsmVZH5ZYxMeLljCQGV8QLq3u5zpReVqc9p1bm68RudCLSQG19kfoICJsxERvtX0/iWtOu+xIbsUminhkKSsmTqhmvbwooNbuF3EppFA7CoHDpRQ70T7IFY3bYYvHuBlHoBLFVlywZjNQFXnWxgjNtPkQCWzEMUOCTlfupvNTsRiQyF0f2UX/BsWo3Lx+1ZtmFYchGDUVGHrIHHOCUWaYB0Cgyluog4Eh6RaLa+CB0VzrUA+mGHpzf8E9UyagvVlXMD2cnMBAWSs2gYmokj3F9Fx2+6CGvy1LF8NkwzK/V+a2edgtA3LiAAGkimBaRULK4SWKnCiPE81uf0nNObIG+Y9+OWDoHp03x2YPYyw/q2H8aK3Pnuk2VtuTPhSaqOy00JLhva6xmqLydmgD7YvgcScy8nri5HPQCmRMRYEiA3O6KpK+MKRolC5NoeqYLwL/FRC/616RlNUwlWNbTysx0m3TuZ98iU1kH+nKVsk2hQCorvZhPMOQBbXUAgHiOXBuXc7LpAhqU8LOMdpNrLOn/WnvvnEaGYxzgnhyVAzB74GjxvgQRRpKa+gp6WID9scoAENGlV44qVh56f
x-ms-exchange-antispam-messagedata-1: msX8z6YYs8JAiQ==
arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=pxZ59aQpNbUINH33HTzmrYi9zVkHfYEsCS4w6ouidXowtE1a0qL9LR88Unh5+3dkoGfOjLkHfdjJsUFu5ak9/K8r2+zLPWe7q+WTKb8uYQUWQfvDLdkPB9SGeenwvCnGpxyvtSQTC25FM7oV8WplqhUPLFa0nD1U73hFh3il2iVVE5DAYqnxFrJVk5g75BfcmadWJeQcSAZ4ex17wgkom6D0QU+ud9QC3/ESUawC6PI++KdMMmKtgSB1inrpqhfrLTHjmZk3iXGrVR3U7pJMfyUMrMEbMKaXoWUh99NJe6z+h3azntzbfBldwZbg2LR0nK9pftROUiAJ01PGLDFf0Q==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ehoy8qtSkuO3AUnUla7CobI4BcXkShliBNS5FMLj2wM=; b=Sj0PNl6F9hOrDDIo9mtezQZVrrcwjbRRsEAeGPm7XpkT3a5hxK6WO7ZqNo/PFSE5l66p4/qP4d6IPpTNWFokxmI01LTXDsp5u0FPAGhlBx5bF2JXujD908BV02Wf4NTsrosdLwVrBNrRKiKUC9+Hu3HmfxR+vLJd09RFYXxp7E+hx9aPtpbH783qRjxbtAUsje1B5TBw2uRToOWf7DzJK95EU36RePIHtHr43oXKpjmDoYj0wWdkW9YbRuiFfTb16Dnt4JnfnBt5wkCXqwuR5GwaDQpSofAvhSh2RiIQPQM0KcLgCimmrwC7GmxxgKu8Nzel28+/gHcrVqtBrt2jpw==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=akamai.com; dmarc=pass action=none header.from=akamai.com; dkim=pass header.d=akamai.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai365.onmicrosoft.com; s=selector1-akamai365-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ehoy8qtSkuO3AUnUla7CobI4BcXkShliBNS5FMLj2wM=; b=Ltm9Cm5io2+4SqaPVB34WesTo087NnTnou0ngrvZL+8lzA1mnKxg21TeVDN846AvvcaKJaQabIS+444/KuSit1lY5rn5dtfGonSuaGL1eb6t915CqqMxEBytSpmdMhWB/tZNiADok/3Yoylxlsaj3bW0lgRWr0RkHTBmeagAfJY=
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR17MB4031.namprd17.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 78a3c40a-74b6-4406-75e1-08de5d010cd1
x-ms-exchange-crosstenant-originalarrivaltime: 26 Jan 2026 17:33:42.3996 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 514876bd-5965-4b40-b0c8-e336cf72c743
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: OPaL1zlBcaDPUI5uBuXKjkHiamA6XIr8umW83tPUF26xAk2Hr8uveQPx0YEJCuf/snP6Z8I6yVK3i9kaaXqsFw==
x-ms-exchange-transport-crosstenantheadersstamped: SA1PR17MB7563
Content-Type: multipart/alternative; boundary="_000_MN2PR17MB403164FBAA225182559058B3CD93AMN2PR17MB4031namp_"
MIME-Version: 1.0
X-OriginatorOrg: akamai.com
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.20,FMLib:17.12.100.49 definitions=2026-01-26_04,2026-01-26_01,2025-10-01_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 mlxlogscore=999 bulkscore=0 suspectscore=0 phishscore=0 mlxscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2601150000 definitions=main-2601260150
X-Proofpoint-GUID: 6WLBKYH-mlqwQAKDFyOuVv-4pvicgT6o
X-Proofpoint-ORIG-GUID: 6WLBKYH-mlqwQAKDFyOuVv-4pvicgT6o
X-Authority-Analysis: v=2.4 cv=WYkBqkhX c=1 sm=1 tr=0 ts=6977a579 cx=c_pps a=NaJOksh5yBwW9//Q5C/Ubg==:117 a=NaJOksh5yBwW9//Q5C/Ubg==:17 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=vUbySO9Y5rIA:10 a=g1y_e2JewP0A:10 a=VkNPw1HP01LnGYTKEx00:22 a=5X1t24A5Si3yeKl6NnoA:9 a=pILNOxqGKmIA:10 a=ZXulRonScM0A:10 a=mj4MkApJra8wprrb:21 a=_W_S_7VecoQA:10
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMTI2MDE1MCBTYWx0ZWRfXyhZTR2RCv7IR yfpJpUGq+y1e6uPsTIeia5hNnCQFYlDGJM/vGRjykJeyYZjeoK5IBZnixNRkxk84MdchBAmLVJQ c+O/MXdXD0Q30Y8I3PBi9Ej2BX3kn2mCxZqoJkK11L5Pd8J6m3mWz/ChFQ4FN611uGhQtR3KRyw kW3zZaHybvVvQjYQfWRT3TYirqToL55elUjH2hlmKOYDZNj93Km6rOvk5JeCBuCH0iBvaghf+RD 21faMgx7h04a3pzyDZ4XlOyX2A+q59H9FyVvc8ibU5E1hDaNFNOBdhPvquzPuVmegatNBwERfWO /0lcbPZNZ63qJDka2YQN91FewdWrwfVXJKOa5tmsF+308dPnz24SluV12LIuGA85N+4cWqWKQbm M2QEQToVRfawkM1O3tZ4LQOAfFlraCuegXe1S9CfFHyDuROrB26x3XKYQzVplJATB7BKcMQcbhs 7PxxDlzpjGsDLgyR3xQ==
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.20,FMLib:17.12.100.49 definitions=2026-01-26_04,2026-01-26_01,2025-10-01_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 phishscore=0 bulkscore=0 lowpriorityscore=0 adultscore=0 malwarescore=0 priorityscore=1501 impostorscore=0 spamscore=0 clxscore=1015 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2601150000 definitions=main-2601260150
Message-ID-Hash: M2OVUB52GXZ23QBI5L7QEDIVLZEK2MXS
X-Message-ID-Hash: M2OVUB52GXZ23QBI5L7QEDIVLZEK2MXS
X-MailFrom: rsalz@akamai.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "last-call@ietf.org" <last-call@ietf.org>, "dance-chairs@ietf.org" <dance-chairs@ietf.org>, "dance@ietf.org" <dance@ietf.org>, "draft-ietf-dance-client-auth@ietf.org" <draft-ietf-dance-client-auth@ietf.org>, "mcr+ietf@sandelman.ca" <mcr+ietf@sandelman.ca>, TLS WG <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Last Call: <draft-ietf-dance-client-auth-09.txt> (TLS Client Authentication via DANE TLSA records) to Proposed Standard
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/WZtf358WfNG2sT1gpXIpqQcX61k>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

  *
The use cases involved do not have endusers with privacy concerns.

I don’t recall seeing that stated. As a minimum, then, it seems appropriate to add some description in the security considerations.

v2.37.1 | Report a Bug | By Email | System Status