Re: [Uta] Depreciation (was Re: Adoption of draft-rsalz-use-san)
Nico Williams <nico@cryptonector.com> Fri, 19 March 2021 16:41 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49F683A1A00 for <uta@ietfa.amsl.com>; Fri, 19 Mar 2021 09:41:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oj3ldGxp7NO3 for <uta@ietfa.amsl.com>; Fri, 19 Mar 2021 09:41:42 -0700 (PDT)
Received: from insect.birch.relay.mailchannels.net (insect.birch.relay.mailchannels.net [23.83.209.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC7873A19FF for <uta@ietf.org>; Fri, 19 Mar 2021 09:41:41 -0700 (PDT)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 117E1361F04; Fri, 19 Mar 2021 16:41:40 +0000 (UTC)
Received: from pdx1-sub0-mail-a26.g.dreamhost.com (100-96-17-75.trex.outbound.svc.cluster.local [100.96.17.75]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 51F67362241; Fri, 19 Mar 2021 16:41:39 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from pdx1-sub0-mail-a26.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by 100.96.17.75 (trex/6.1.1); Fri, 19 Mar 2021 16:41:39 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Keen-Turn: 359494c30a15e5d0_1616172099824_77981030
X-MC-Loop-Signature: 1616172099823:2613676013
X-MC-Ingress-Time: 1616172099823
Received: from pdx1-sub0-mail-a26.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a26.g.dreamhost.com (Postfix) with ESMTP id C54E07F409; Fri, 19 Mar 2021 09:41:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=lUJT4kZK7+BHt3 kMnlFj6chQPwc=; b=nIOfKZE2e028Roza6JVdaGnSlrZKj0853ABXVIQbpOIWCA 9aRXGW87a1HlsKN8mlHl45xCVVoiuPPi4aiCC8AVwICaoJAk0jhaekZOvt1CX7Jd Ow5kSzLBRmfvx1kG5Twuiqv96SQ2Y8wpAWOfujMM+B1HeA10UmWmqdEufoaqU=
Received: from localhost (unknown [24.28.108.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a26.g.dreamhost.com (Postfix) with ESMTPSA id D30DF7E73C; Fri, 19 Mar 2021 09:41:36 -0700 (PDT)
Date: Fri, 19 Mar 2021 11:41:34 -0500
X-DH-BACKEND: pdx1-sub0-mail-a26
From: Nico Williams <nico@cryptonector.com>
To: Eliot Lear <elear=40cisco.com@dmarc.ietf.org>
Cc: Hubert Kario <hkario@redhat.com>, uta@ietf.org
Message-ID: <20210319164133.GQ30153@localhost>
References: <004201d718e1$007959a0$016c0ce0$@gmail.com> <E4D5BAE4-6BCA-4405-B9AA-D83F0F784A81@cisco.com> <CACsn0cky0_HhD-j0GhOZ2VjuYcqoP8eXVHbFrvFm4wGOBH_c3g@mail.gmail.com> <D62376C8-9EB3-4956-8B64-7BDE99B1984F@cisco.com> <c3590f1d-9062-47e8-8d3b-683b1f599a3d@redhat.com> <5B307E1B-7A3B-4A1F-8299-4F9EF433BC8A@cisco.com> <3e24e00d-1fb6-4c60-a31f-c30235c164ce@redhat.com> <080B1D47-F30F-4C3F-8DC7-B4A67372AC6E@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <080B1D47-F30F-4C3F-8DC7-B4A67372AC6E@cisco.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/ir2YUgNrZ1xAUGjMSfNEW97xvGk>
Subject: Re: [Uta] Depreciation (was Re: Adoption of draft-rsalz-use-san)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Mar 2021 16:41:43 -0000
On Fri, Mar 19, 2021 at 05:19:17PM +0100, Eliot Lear wrote: > This is it for me. Apparently you are not going to be convinced that > the world is bigger than the web. This is not about excuses, but the > real world. It is not about lawyering- few of us here, [...] I think you've convinced yourself that there isn't a better alternative to the one you've suggested, and so you feel justified in writing such an aggressive reply to Hubert (which reads to me as "apparently you are not going to be convinced that you're so very very wrong, have a nice day"). My take is that RPs should be prepared to validate certs issued before a certain date using the old DN rules but require SANs in certs issued after. This covers the extant very-long-lived certs use cases while still making progress. Now, there might be other extant issues, like old RPs that can't be upgraded. There's still room for argument. Nico --
- [Uta] Adoption of draft-rsalz-use-san Valery Smyslov
- Re: [Uta] Adoption of draft-rsalz-use-san Loganaden Velvindron
- Re: [Uta] Adoption of draft-rsalz-use-san Alexey Melnikov
- Re: [Uta] Adoption of draft-rsalz-use-san Olle E. Johansson
- Re: [Uta] Adoption of draft-rsalz-use-san Brian Smith
- Re: [Uta] Adoption of draft-rsalz-use-san Eliot Lear
- Re: [Uta] Adoption of draft-rsalz-use-san Viktor Dukhovni
- Re: [Uta] Adoption of draft-rsalz-use-san Henning Krause
- Re: [Uta] Adoption of draft-rsalz-use-san Eliot Lear
- Re: [Uta] Adoption of draft-rsalz-use-san Valery Smyslov
- Re: [Uta] Adoption of draft-rsalz-use-san Salz, Rich
- Re: [Uta] Adoption of draft-rsalz-use-san Salz, Rich
- Re: [Uta] Adoption of draft-rsalz-use-san Eliot Lear
- Re: [Uta] Adoption of draft-rsalz-use-san Salz, Rich
- Re: [Uta] Adoption of draft-rsalz-use-san Salz, Rich
- Re: [Uta] Adoption of draft-rsalz-use-san Leif Johansson
- [Uta] Depreciation (was Re: Adoption of draft-rsa… Watson Ladd
- Re: [Uta] Depreciation (was Re: Adoption of draft… Eliot Lear
- Re: [Uta] Adoption of draft-rsalz-use-san Nico Williams
- Re: [Uta] Adoption of draft-rsalz-use-san Viktor Dukhovni
- Re: [Uta] Adoption of draft-rsalz-use-san Eliot Lear
- Re: [Uta] Adoption of draft-rsalz-use-san Viktor Dukhovni
- Re: [Uta] Adoption of draft-rsalz-use-san Brian Smith
- Re: [Uta] Adoption of draft-rsalz-use-san Salz, Rich
- Re: [Uta] Adoption of draft-rsalz-use-san Hubert Kario
- Re: [Uta] Depreciation (was Re: Adoption of draft… Hubert Kario
- Re: [Uta] Depreciation (was Re: Adoption of draft… Eliot Lear (elear)
- Re: [Uta] Depreciation (was Re: Adoption of draft… Hubert Kario
- Re: [Uta] Depreciation (was Re: Adoption of draft… Eliot Lear
- Re: [Uta] Depreciation (was Re: Adoption of draft… Nico Williams
- Re: [Uta] Depreciation (was Re: Adoption of draft… Nico Williams
- Re: [Uta] Adoption of draft-rsalz-use-san Valery Smyslov
- Re: [Uta] Adoption of draft-rsalz-use-san Salz, Rich
- Re: [Uta] Adoption of draft-rsalz-use-san Valery Smyslov