Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension

Nico Williams <> Thu, 05 April 2018 02:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 136A812D7F0 for <>; Wed, 4 Apr 2018 19:40:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rw0XFg3reJam for <>; Wed, 4 Apr 2018 19:40:28 -0700 (PDT)
Received: from ( []) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BF93112426E for <>; Wed, 4 Apr 2018 19:40:28 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id 2A439A004012; Wed, 4 Apr 2018 19:40:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to;; bh=O5PePXAZEWLH5Z ZnOuC2hBa3oNc=; b=entGX4PrL9or6EehYBpAq4dqgAzs3RrsKFPizKj0WwGm0i VTp4TFSkP2TOnDFoxCSvFdxpo8ep43+yJi405KMLogPEHwZ0ITeoMiOzlwmg1nxL rUoiiV+vFy2wV0LHxW+fkGtZ0MktDcoAKo1RCgbCqZ2jKQ5p9wl6aKByDLd9s=
Received: from localhost ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: by (Postfix) with ESMTPSA id A3B12A004017; Wed, 4 Apr 2018 19:40:27 -0700 (PDT)
Date: Wed, 04 Apr 2018 21:25:32 -0500
From: Nico Williams <>
To: Paul Wouters <>
Cc: Joseph Salowey <>, "<>" <>
Message-ID: <20180405022531.GI25259@localhost>
References: <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <>
Subject: Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Apr 2018 02:40:30 -0000

On Wed, Apr 04, 2018 at 05:33:27PM -0400, Paul Wouters wrote:
> On Wed, 4 Apr 2018, Joseph Salowey wrote:
> >A) Recommendation of adding denial of existence proofs in the chain provided by the extension
> >B) Adding signaling to require the use of this extension for a period of time (Pinning with TTL)
> >C) Both
> These options need a bit of clarification.
> If you do A) then by publishing the proof of non-existance records, you
> can cancel any outstanding kind of pin done. And you would not need B)

Hmm, not quite.  You might want to publish the "clear the pin" (TTL ==
zero) without having to first stop publishing TLSA RRs.

The idea is to first ramp up the TTL, and if there's any problems /
change of mind, ramp it down and remove the TLSA RRs when the last
possible extant pin must have expired.

Therefore I think (B) is more urgent.  (A) is even more trivial than
(B), so there's no reason not to do both ((C)).

> [..]
> So to support all cases, I would say C) but I think B) would get us
> pretty far on a lot of deployments.


> The document's intension is clearly to staple DNSSEC answers for the
> TLSA query on the TLS handshake. Omiting proof of non-existence means
> it fails to achieve its specified goal and makes this TLS extension
> completely useless[*]