It has been seven months since the DANE WG "adopted" my very short
draft that repealed the CA-motivated anti-interoperability
prohibitions in RFC 6698 and simply specified how DANE authenticates
or publishes raw public keys. Therefore, the draft has expired. In
the meantime, as far as I can tell, nothing has been done.
All the urgency to actually solve this problem evaporated as soon as I
allowed RFC 7250 to issue despite containing no text that addressed
this problem. I was assured by my friend Olafur and my colleagues
Warren and Stephen, the people in authority over this working group
and this whole security area, that they would address the issue "ASAP"
if I would just follow their recommended procedures. Yet it did not
happen.
I did it the way you-all recommended, and nothing got done. So the
self-serving CA lobby won (delay is a win), and the NSA won (delay is
a win for them too), and the public lost.
Where do we go from here?
John
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
