Re: [TLS] Ben Campbell's Yes on draft-ietf-tls-dnssec-chain-extension-06: (with COMMENT)
Shumon Huque <shuque@gmail.com> Thu, 08 February 2018 02:09 UTC
Return-Path: <shuque@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5696128954; Wed, 7 Feb 2018 18:09:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fvRP_7XkyqaO; Wed, 7 Feb 2018 18:09:12 -0800 (PST)
Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D9A0124B18; Wed, 7 Feb 2018 18:09:12 -0800 (PST)
Received: by mail-io0-x233.google.com with SMTP id z6so4165599iob.11; Wed, 07 Feb 2018 18:09:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=aeOYvn2HZdAaqA38yxsPDMG/nyMgMwY1mh61vDzKEQ0=; b=XKXBMy4b5+NpxzNnHPFzFbJQz7qw8Hal3HRtdX5+AUNH6OXsvocrhu37myXoY/+rs+ gOsucDB/TAQ46572AaQk2f1mY0c2AUFlks9pWzR5JNBJwNVN61MN0eC4YX0n/ATSA4LS 4Qbtgx5u7TerBZ+nfwX6eulMs0zDVR8I6IxQ2m4kEnei5pnHa44vJMcRaeMjcW5pOjGX OCb9hsRpX6tZuAckpKsP8GikMi4iWKu+rE1H3XXUTihB7l2dd46hBWaZDMNlsLu6ntas BBLjl0GyUlyIr0pL7nXv7wqOghE+0Lw3jz2XFjgUL55Hj5Twd865jd0PsEouqBF04zxh ZprA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=aeOYvn2HZdAaqA38yxsPDMG/nyMgMwY1mh61vDzKEQ0=; b=qddOV1C1Nnymccy9+LPyAk+Elyw7TX6Z7xmApq2ag49pYibmosaWbHCsop8f5tvHhw xEvYIhoMvQ7wr61yI9SfkSAURTq6flXuMMCL52sEdt9YvjnMeYYlrKTPMDS1TKckIdEY +zU7dPq/b3YvcIHTR/OlryxRwgkcSvF2KnBGOhSVbtcj3rwi6cfiXbSxh2c1ld0hgivX ndJpSfxmqrhBXI+J2aoLgLgWwKfFwqpM5AzuXTNkvSpXhwaTR0Capp6iL/NwwKsOv9qW LOge4g4AgHPPR6G6X6lu+FHSU4DbtPzGocZP3a6s0i47nrKqTeGxlIEF3lRf1xOkQwms Yelw==
X-Gm-Message-State: APf1xPDZFzTlX3HGw5oKfwgqfJMEIqGI340LqVrRrz9OoUYQWBazAA9V B+2nTxxJc6H8ELOqmJJoFWF93hkKq5HGdMgP5GA=
X-Google-Smtp-Source: AH8x225thSQ+4kq3wdLwOvOVzsu+IwM/xs+dOnpB/968/BD9DQBLMFkv4fPD2jkVfcatA3I4K4QYo2BnXOfxkQhG+zI=
X-Received: by 10.107.89.11 with SMTP id n11mr10411308iob.154.1518055751723; Wed, 07 Feb 2018 18:09:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.79.201.198 with HTTP; Wed, 7 Feb 2018 18:09:11 -0800 (PST)
In-Reply-To: <151804574240.17212.10913434710504079523.idtracker@ietfa.amsl.com>
References: <151804574240.17212.10913434710504079523.idtracker@ietfa.amsl.com>
From: Shumon Huque <shuque@gmail.com>
Date: Wed, 07 Feb 2018 21:09:11 -0500
Message-ID: <CAHPuVdVTdZAH30f_SxgjgqtM_7Bq=QNYUXUs3d_CuBG-7v9rrg@mail.gmail.com>
To: Ben Campbell <ben@nostrum.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-tls-dnssec-chain-extension@ietf.org, Joseph Salowey <joe@salowey.net>, tls-chairs@ietf.org, TLS WG <tls@ietf.org>
Content-Type: multipart/alternative; boundary="f4f5e8067198d4b0a30564a9e501"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/g6GNvE6dlzMfphIESsFNN9_u6a8>
Subject: Re: [TLS] Ben Campbell's Yes on draft-ietf-tls-dnssec-chain-extension-06: (with COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Feb 2018 02:09:14 -0000
On Wed, Feb 7, 2018 at 6:22 PM, Ben Campbell <ben@nostrum.com> wrote: > Ben Campbell has entered the following ballot position for > draft-ietf-tls-dnssec-chain-extension-06: Yes > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I am happy to see this published, but have a few minor comments: > > - I agree with Alexey's comments. > Yup, addressed previously in email .. > > -3.4: "If the TLSA record set was synthesized by a DNS wildcard, the chain > must include the signed NSEC or NSEC3 records that prove that there > was no explicit match of the TLSA record name and no closer wildcard > match." > > Should that "must" be a "MUST"? > Yes, thanks for catching that. > > - Nit in Authors List: Unless I've missed something, Richard's affiliation > is > no longer current. (I only point it out in case it's an oversight; I have > no > objection if it's that way on purpose.) > I'll let Richard chime in .. Shumon
- [TLS] Ben Campbell's Yes on draft-ietf-tls-dnssec… Ben Campbell
- Re: [TLS] Ben Campbell's Yes on draft-ietf-tls-dn… Shumon Huque