Re: [TLS] A few comments on draft-ietf-tls-dnssec-chain-extension-02.txt
Melinda Shore <melinda.shore@nomountain.net> Thu, 23 March 2017 16:31 UTC
Return-Path: <melinda.shore@nomountain.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85A2F1299AF for <tls@ietfa.amsl.com>; Thu, 23 Mar 2017 09:31:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nomountain-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U5MdoVBNnRP7 for <tls@ietfa.amsl.com>; Thu, 23 Mar 2017 09:31:32 -0700 (PDT)
Received: from mail-pg0-x22e.google.com (mail-pg0-x22e.google.com [IPv6:2607:f8b0:400e:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47B7E1299B2 for <tls@ietf.org>; Thu, 23 Mar 2017 09:31:28 -0700 (PDT)
Received: by mail-pg0-x22e.google.com with SMTP id t143so60479255pgb.2 for <tls@ietf.org>; Thu, 23 Mar 2017 09:31:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nomountain-net.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=ynUuBIgW/vX2wmhY2uX7b1sR+xpHOSmjaBC3qr1ww50=; b=eNKd+fGI5OgXvIUedQuacooP61W524wPuCDrSC+oq0FkioPgj0ZfkSlmiiGmfAO5P6 ynIyuqBp7P4+82qmzDn78ScNWjnsz0NQVmeIw8DR3Fok/l1OBCCgd6efDCucGgihMhKE ONqdewMxDa++d/1Tb05KEKLBq1/FuHRXUJS1EwbOW7+lQySi9XHpJnXnybhCprZydvm6 d31togk99BaOSLpHLNp0q1nDZ64/GHb8TNuK+kBrLVzQcnNDJb3qXYZjs+AjMd3Bn1hx LuQ+mOHNEcBHeN3mgnNWY3r9FSJ3r0aH7syHDT6ZpvhWtC/X/9uLD+Jfy+/vUzwyq9cq iaBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=ynUuBIgW/vX2wmhY2uX7b1sR+xpHOSmjaBC3qr1ww50=; b=G7ysb1q5rUBWSk3wY3leLCD6kds3+8gR9FpoL2tqbgcyQpl22T6DUrcRchJK+FP2p6 c4+9PmTuXoOfCBTwfxTRKsn9r4JGxslJnI3lI3rfNRcGg4n6jNc+HHKD3gLPAkjEBYmH FzVAckSoj6B8uJlGwqpzWo4m8AXFJm1RjZ0kNN62T4WGIU0F96eReYCDbg5IKb6n5A++ /qBxRIRFowCSq3MpHAJ2GDC+czR1HFIif6fQzQtxosZXZ6mFzTZ4nviSvEW8FJTtO7va 1BdOTymZvFyT6BjgRnI2AAweqsxwZNvjZ+Z2qWDuldfwMB+JNQ2cw5JyfSq4ds28chcy X0Lg==
X-Gm-Message-State: AFeK/H0H2bcSCPxuF2/nYx2fNijQWE+5Wqm0MaFY1QH+bnYcXSV65X+jzDftbKPqi3bpyw==
X-Received: by 10.99.127.76 with SMTP id p12mr3959915pgn.42.1490286687622; Thu, 23 Mar 2017 09:31:27 -0700 (PDT)
Received: from Melindas-MacBook-Pro.local (74-124-98-225-radius.dynamic.acsalaska.net. [74.124.98.225]) by smtp.gmail.com with ESMTPSA id 189sm7735192pgd.30.2017.03.23.09.31.26 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 23 Mar 2017 09:31:26 -0700 (PDT)
To: tls@ietf.org
References: <CABcZeBMM-67C5KQx1pcd=phBkd7htJB7QSR4VGp+kXpq6gbCFg@mail.gmail.com> <1362c5bd-99c6-c806-ce2a-b51f86a31f38@nomountain.net> <54343047-7620-4A96-BD39-6E60AE7EA5A2@sn3rd.com> <5f39565c-5417-b94f-f1e6-32261c473455@nomountain.net> <BE38E78E-86ED-40B6-B179-FE2A1967BB86@dukhovni.org> <27455360-f4ee-4918-ee08-5ccf99a94ec9@nomountain.net> <F22BF712-162E-4716-962A-4C5B7516D187@dukhovni.org>
From: Melinda Shore <melinda.shore@nomountain.net>
Message-ID: <896987d1-4bb4-3f04-a34e-c09b245d038b@nomountain.net>
Date: Thu, 23 Mar 2017 08:31:24 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <F22BF712-162E-4716-962A-4C5B7516D187@dukhovni.org>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="ox3xteVJ1L6hmxHf6qF5qKtIOrfxxdAhq"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/e64glZiELed6lO1-Sdud3TZKfrc>
Subject: Re: [TLS] A few comments on draft-ietf-tls-dnssec-chain-extension-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Mar 2017 16:31:34 -0000
On 3/23/17 8:14 AM, Viktor Dukhovni wrote: > I don't know how many other folks on the TLS WG list are prepared > to do a thorough review the DNSSEC aspects of this draft... > Perhaps the TLS and DNS communities overlap sufficiently that my > concern is not warranted? I think it's quite warranted, and we're sending requests for review to both the dane mailing list (still open even though the wg shut down) and to dnsop. The DNS parts are more complicated than the actual extension mechanism and need expert review. We'll be requesting review once the new version is posted. Melinda
- [TLS] A few comments on draft-ietf-tls-dnssec-cha… Eric Rescorla
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Sean Turner
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Martin Thomson
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Viktor Dukhovni
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Melinda Shore
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Sean Turner
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Shumon Huque
- Re: [TLS] A few comments on draft-ietf-tls-dnssec… Shumon Huque