[top post at random place in thread ] I'd like everyone to take a breath and step back for a minute. I'd like to (off list) arrange a call with Paul and Eric so we can summarize this to be as concise as possible and then get the WG consensus *on the actual points under discussion*...
W On Monday, October 20, 2014, Osterweil, Eric <[email protected]> wrote: > > On Oct 20, 2014, at 11:54 AM, Paul Hoffman <[email protected] > <javascript:;>> wrote: > > > On Oct 20, 2014, at 8:23 AM, Osterweil, Eric <[email protected] > <javascript:;>> wrote: > > > >> TLS and S/MIME use pretty different security models (session vs. object > security) > > > > Sure, but how is that difference relevant here? DANE is about > distributing certificates and keying information through DNS: it is > agnostic to the security model. > > The relevant information needed during distribution would seem to vary > based on the security model (as evidenced by this thread). Actually, > that’s been one of the main points of this thread. > > >> , so necessarily coupling the RRs doesn’t seem to make sense. > > > > It has so far in the WG. The WG asked us early on to make as few changes > as possible to the TLSA definition. > > Paul, we are all part of the working group. This is the the working > group. I feel like I must be missing some nuanced distinction you have in > mind between working group discussions (like this one) and some other > arbitration? > > >> In addition, to echo what others have already said on the list, I > really don’t think it is reasonable to gate updates to the SMIMEA proposal > on updating TLSA. > > > > Fully agree, and that's not what I was proposing. The two changes that > you have proposed (revocation indication and alternate sources for getting > the information) > > Paul, these were not my proposals. These were proposed by Scott Rose. I > saw merit in them and when they seemed to be dismissed out of hand I voiced > my support. Also, the proposal included the _encr + _sign labels. > > > can be done as new values to the existing RR subfields. Doing so would > make what you want usable for both SMIMEA and TLSA. Proposals to make those > changes can trivially be done as stand-alone Internet Drafts. > > But we are still roughing out this draft. This would seem to be a good > opportunity to try and get things write in the initial work. > > >>> A better process would be for the proponents to offer a standalone > draft for the idea that will be an extension that would be usable to both > TLSA and SMIMEA and any other documents that come later. > >> > >> Just by looking at the list, it seems like there are a number of voices > that disagree with you on this. > > > > Where "a number" means "two", and even they didn't actually disagree > about creating standalone drafts, simply that the assumption that the use > cases might be different. > > I think this thread is devolving. The number is greater than two, and > reviewing the posts of this thread should corroborate the higher level of > interest. > > >> Also, isn’t the SMIMEA work still an evolving draft? > > > > Yes, of course. > > > >> What else does one need besides: articulated rationale, proposed > requirements, operational data, suggested text, and running code from > multiple people in order to support suggested revisions? > > > > Consensus in the WG. That may seem anathema to you, but it's the way > that the IETF works. > > Paul, what constituted ``the WG’’ in your mind? > > Eric > _______________________________________________ > dane mailing list > [email protected] <javascript:;> > https://www.ietf.org/mailman/listinfo/dane > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
