Re: [TLS] TLS DNSSEC chain consensus text, please speak up...
Tim Hollebeek <tim.hollebeek@digicert.com> Thu, 17 May 2018 23:44 UTC
Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E493112420B for <tls@ietfa.amsl.com>; Thu, 17 May 2018 16:44:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.599, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PfifTngehQl9 for <tls@ietfa.amsl.com>; Thu, 17 May 2018 16:44:43 -0700 (PDT)
Received: from mail1.bemta12.messagelabs.com (mail1.bemta12.messagelabs.com [216.82.251.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B1FD120454 for <tls@ietf.org>; Thu, 17 May 2018 16:44:43 -0700 (PDT)
Received: from [216.82.249.212] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-10.bemta-12.messagelabs.com id FC/94-21411-AE31EFA5; Thu, 17 May 2018 23:44:42 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA1WTbUhTYRTH99x7d3cNF7c7zdNyWavodeaiQJG o/GBGCAV9SbS66nUbbXPtzjI/lFQWvpW4WSmZhi/UqAgrtOzFLHsv07Iow1AHZSVaBmHRpd09 0+rb75z/Oc//PA/nYUjuDa1lhFyX4LTzVj09heqMrttkGNJIKTGFB+fEdlWfpGO/nLtLxH7rL EJryKT9zxtVSfX140RSd90V5UYyRWmxp2fnbleaG8s6aMfhNbnSJR+Zj3pWFaEpDMWWkHB/rI uWA44tI+CqNKbCwXsEpVUDVBEKYWg2Bl7duE/IHMauhQ8PnillJtm54JbeqWTWsIlw9NZBCte sg7slx1WYE6C3dz8tM8XOh6GK4cA5ajYVRgqaSWzWiuBZVQ+ShRC/WcNYX4AROx1+PDpHYLMI eOurCTCwYdDf9ZjGHA5Dg5IS16dC9Vh7MK+HJ735FGYddNcUI9kM2MsEeEZOKbFggNGKChILb Qhevv8Y7FgMPa/cQbcdcOheYZDj4cCLF0GeBd7Sfgo33yDB97sGYSESTjQWBh1KaXB7jDJzbC Z4vO00bhhE8GH8GCpDS6r+uR7mGgRNgwlVgXeaBg8rfRTOG+DazTYScxQ0D58Mcjyc+Hmbxjw HPMX9Kswr4XPHV1SLGC9aKArOXYLTsDwuOt1pMZldNt5iNRiNy6NtgijyJsHKp4vRGdm2JuRf s30KBWpB0vfkdjSDIfTh6iPSrxRuanp25h4zL5q3OXOsgtiOIhlGD+oWTkrhpjkFk5CbZbH6d 3VCBiZUH6beJctq0cHbRIsJS4+QgXl3ubyE5Ch7tl3QRqhH5SJWLjLn2CePmNj4bqTTatRIoV BwoQ7BabO4/tc/oQgG6TXqpf6PwYVa7K5Jp0/+IQj/EKjtlzyEi/8rafPRluchC98sSmaJvfX nvRma6zpTZVxWs6q2o29Dw+a+O5Ur1l5wRy4Th9JM4YnzB2aenr3bHLp1M5/c7f18sWCpvcHj G/+WlHimV6VrLSxvPN8zMq94rnbA2/Y076Fxp6HAQabti3q82rc6T6LjDkSNvq4jOxccTTxLZ kWkaiq8pev1lGjmjYtJp8j/AQ/ghmnsAwAA
X-Env-Sender: tim.hollebeek@digicert.com
X-Msg-Ref: server-7.tower-219.messagelabs.com!1526600680!185285239!1
X-Originating-IP: [207.46.163.81]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.9.15; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 26975 invoked from network); 17 May 2018 23:44:41 -0000
Received: from mail-bl2nam02lp0081.outbound.protection.outlook.com (HELO NAM02-BL2-obe.outbound.protection.outlook.com) (207.46.163.81) by server-7.tower-219.messagelabs.com with AES256-GCM-SHA384 encrypted SMTP; 17 May 2018 23:44:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UNgg6440FdcI2mfkv1EEZrUNV6wYkatW+66LSQ4yZ6M=; b=bNX0Xn4gDF/Y+jmRas2vIv+d59ncx+aCEZKVFT138ztkO3FGFDpfmJeKjO9UICtYbs0nfrM04a/qkF1rpwnM/xpVxkDWpdXfdL+ncBzShP0brZGNrc1IE4c0+TGM9MX/vbY0ZtPYxEu55FA9MNIL5BqY+kgdzUTWbpbR5yuUSNk=
Received: from BN6PR14MB1106.namprd14.prod.outlook.com (10.173.161.15) by BN6PR14MB1169.namprd14.prod.outlook.com (10.173.161.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.776.11; Thu, 17 May 2018 23:44:39 +0000
Received: from BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::40d8:6bed:a1a5:de4e]) by BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::40d8:6bed:a1a5:de4e%3]) with mapi id 15.20.0776.010; Thu, 17 May 2018 23:44:39 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: James Cloos <cloos@jhcloos.com>, Ted Lemon <mellon@fugue.com>
CC: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] TLS DNSSEC chain consensus text, please speak up...
Thread-Index: AQHT7QmbIQKQEvxNFUCQ6qh7cVr1J6Qyc2kAgAB6y8uAAamNkA==
Date: Thu, 17 May 2018 23:44:38 +0000
Message-ID: <BN6PR14MB11065C19155D61983D1954C283910@BN6PR14MB1106.namprd14.prod.outlook.com>
References: <CADyc_gYyyOiBPTMvfm4EkmN3z+8QjzC6WGjzXeEmnXGgKiP_qA@mail.gmail.com> <CAPt1N1kv2S+0ZfdXR4DKJphC4O7xruNdB-rGEBO=N8PzwnSucQ@mail.gmail.com> <m3tvr7450c.fsf@carbon.jhcloos.org>
In-Reply-To: <m3tvr7450c.fsf@carbon.jhcloos.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [173.71.184.143]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR14MB1169; 7:FCUgGdEiVEFn9yAH5A8Gb3LN4TH9wNDddvnRu4ZbCH3z89XQsWPx9fcrKPCqwCHuQsB0pyaiV48ZLQkQ2FWSIwHibpiXkRKccYfFtFzNsAo+XamhK2CQPortZCFJJkcuGJfQvsXVGhdGd1pgSxEuVI66N1Lo0jx/vhbzeVZJGws5Lb9kEig07kZYXLRMQUNT/r6f/DYDvCrrhOoBv80GZRUDFHoa7X5K5PmYpBOzBfOMa+iUBjSlUNQ5ec+nImGj
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(49563074)(7193020); SRVR:BN6PR14MB1169;
x-ms-traffictypediagnostic: BN6PR14MB1169:
x-microsoft-antispam-prvs: <BN6PR14MB1169ECCB0D16F7F18D28E50A83910@BN6PR14MB1169.namprd14.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(100405760836317);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415395)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231254)(944501410)(52105095)(149027)(150027)(6041310)(20161123560045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011)(7699016); SRVR:BN6PR14MB1169; BCL:0; PCL:0; RULEID:; SRVR:BN6PR14MB1169;
x-forefront-prvs: 067553F396
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(396003)(39860400002)(39380400002)(376002)(366004)(199004)(189003)(13464003)(3280700002)(476003)(81166006)(81156014)(9686003)(966005)(33656002)(486006)(99936001)(6246003)(97736004)(114624004)(14454004)(55016002)(5250100002)(86362001)(26005)(3660700001)(44832011)(99286004)(8676002)(478600001)(2906002)(2900100001)(8936002)(53936002)(106356001)(105586002)(25786009)(110136005)(446003)(6306002)(11346002)(186003)(5660300001)(74316002)(6436002)(7736002)(305945005)(4326008)(68736007)(7696005)(3846002)(316002)(66066001)(76176011)(102836004)(53546011)(6116002)(229853002)(6506007)(217873001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR14MB1169; H:BN6PR14MB1106.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: M2YM7RliVMWrfDomDzq4K3hcy1JIEIMxtM2SF+XcmD9m8GyNRE/l9298Z1PICRGR9uI7V/jIwB7f+LeCeEPssFxKgU8AYwCKt0fsZAFX0Mh70ZYuV8n3Jul/4z2f5SAEXt5mEMgKaxadLuDZ6zUp+L3PsZGexPSv1r/jY6yizh8SxvTdIb4T2Jb71Sj4Maqz
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0B97_01D3EE17.7CEF6A80"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: ee2e593d-898c-4be2-d8a4-08d5bc5027a0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ee2e593d-898c-4be2-d8a4-08d5bc5027a0
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 May 2018 23:44:38.9500 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR14MB1169
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nZ4hYhHwu6ktMsXSJlmJ13TWIgI>
Subject: Re: [TLS] TLS DNSSEC chain consensus text, please speak up...
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 May 2018 23:44:46 -0000
Making things more complicated with no obvious benefit just makes things more complicated. I oppose adding two bytes for some nebulous future purpose. -Tim > -----Original Message----- > From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of James Cloos > Sent: Wednesday, May 16, 2018 6:20 PM > To: Ted Lemon <mellon@fugue.com> > Cc: <tls@ietf.org> <tls@ietf.org> > Subject: Re: [TLS] TLS DNSSEC chain consensus text, please speak up... > > >>>>> "TL" == Ted Lemon <mellon@fugue.com> writes: > > TL> Melinda made a pretty serious technical objection. Your response is not > TL> responsive to her objection. She explicitly said that her objection was > TL> not the two bytes. > > I don't see anything in her note today which is a technical objection. > > And I've seen no useful or reasonable objections to Viktor's suggestion. > > The sixteen bit field harms no one, and when defined and used provides > significant benefit to many. > > -JimC > -- > James Cloos <cloos@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6 > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] TLS DNSSEC chain consensus text, please spe… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Melinda Shore
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Melinda Shore
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Thomas Lund
- Re: [TLS] TLS DNSSEC chain consensus text, please… Ted Lemon
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Tom Ritter
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Christian Huitema
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Christian Huitema
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Melinda Shore
- Re: [TLS] TLS DNSSEC chain consensus text, please… James Cloos
- Re: [TLS] TLS DNSSEC chain consensus text, please… Melinda Shore
- Re: [TLS] TLS DNSSEC chain consensus text, please… Peter Gutmann
- Re: [TLS] TLS DNSSEC chain consensus text, please… Viktor Dukhovni
- Re: [TLS] TLS DNSSEC chain consensus text, please… Tim Hollebeek
- Re: [TLS] TLS DNSSEC chain consensus text, please… Paul Wouters
- Re: [TLS] TLS DNSSEC chain consensus text, please… Tim Hollebeek
- Re: [TLS] TLS DNSSEC chain consensus text, please… Melinda Shore
- Re: [TLS] TLS DNSSEC chain consensus text, please… Tim Hollebeek