[TLS] Alexey Melnikov's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
Alexey Melnikov <aamelnikov@fastmail.fm> Wed, 07 February 2018 18:22 UTC
Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: tls@ietf.org
Delivered-To: tls@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 748E81270AE; Wed, 7 Feb 2018 10:22:44 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-tls-dnssec-chain-extension@ietf.org, Joseph Salowey <joe@salowey.net>, shuque@gmail.com, tls-chairs@ietf.org, joe@salowey.net, tls@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.72.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151802776446.4849.12008167318274714913.idtracker@ietfa.amsl.com>
Date: Wed, 07 Feb 2018 10:22:44 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gckg6oyz2GUweIMcYBxf86vxvZo>
Subject: [TLS] Alexey Melnikov's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2018 18:22:44 -0000
Alexey Melnikov has entered the following ballot position for draft-ietf-tls-dnssec-chain-extension-06: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-dnssec-chain-extension/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I think this is a useful document and I will ballot Yes once my small issues are resolved: 1) In 3.4: The first RRset in the chain MUST contain the TLSA record set being presented. However, if the owner name of the TLSA record set is an alias (CNAME or DNAME), then it MUST be preceded by the chain of alias records needed to resolve it. DNAME chains should omit SHOULD? What are the implications if this is not followed? unsigned CNAME records that may have been synthesized in the response from a DNS resolver. 2) TLS 1.3 needs to be a normative reference, but it is not even listed in References. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- The first mention of NSEC3 need a normative reference.
- [TLS] Alexey Melnikov's Discuss on draft-ietf-tls… Alexey Melnikov
- Re: [TLS] Alexey Melnikov's Discuss on draft-ietf… Shumon Huque
- Re: [TLS] Alexey Melnikov's Discuss on draft-ietf… Shumon Huque
- Re: [TLS] Alexey Melnikov's Discuss on draft-ietf… Alexey Melnikov