Arrgh, truncated But if folks could read the diffs at least:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-dtls-and-tls-profiles-10 we can get the ADs to approve and clear their DISCUSS positions to move this forward. thanks tim On Mon, Jul 3, 2017 at 5:15 PM, tjw ietf <[email protected]> wrote: > All > > The diffs between -09 and -10 are fairly large as they address the issues > raised during IESG review. Before we go and poke the ADs to clear their > DISCUSS positions, we want to make sure the WG has reviewed Sarah's updates. > > I know everyone is busily updating their latest set of drafts before the > cutoff so I don't expect anything for a few days. But if folks could read > the diffs at least: > > > On Fri, Jun 16, 2017 at 4:52 AM, Sara Dickinson <[email protected]> wrote: > >> Hi All, >> >> Here is an update to the draft which attempts to address the majority of >> the comments received during IESG review so far. Given the number and >> extent of the changes I would request further careful review of this >> version, particularly from the working group. >> >> Changes are: >> >> * Clarified the specific attacks the Usage Profiles mitigate against. >> * Revised wording in the draft relating to 'security/privacy guarantees’ >> and generally improved consistency of wording throughout the document. >> * Corrected and added a number of references: >> - RFC7924 is now Normative >> - RFC7918 and RFC8094 are now Normative (and therefore Downrefs) >> - draft-ietf-tls-tls13, draft-ietf-dprive-padding-policy,RFC3315 and >> RFC7227 added >> * Terminology: Update definition of Privacy-enabling DNS server and moved >> normative definition to section 4. >> * Section 5 and 6.3: Included discussion of the additional attacks >> possible when using meta-queries to bootstrap the DNS service >> * Section 5: Added sentence on why Opportunistic Profile may fallback for >> latency reasons. >> * Section 5.1: Added discussion of when clients might change Usage >> Profiles. >> * Section 6.4: Added caveat on use of combined authentication re RFC7469. >> * Section 6.5: Added more detail on how authentication results might be >> used in Opportunistic. Opportunistic clients now SHOULD try for the best >> case. >> * Section 7.3: Re-worked this section and the discussion of DHCP. >> * Section 9: Removed unnecessary text, added condition on use of RFC7250 >> (Raw public keys). >> * Section 11.: More detail on padding policies. >> * Numerous editorial corrections. >> >> Regards >> >> Sara. >> >> > On 16 Jun 2017, at 09:49, [email protected] wrote: >> > >> > >> > A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> > This draft is a work item of the DNS PRIVate Exchange of the IETF. >> > >> > Title : Usage and (D)TLS Profiles for DNS-over-(D)TLS >> > Authors : Sara Dickinson >> > Daniel Kahn Gillmor >> > Tirumaleswar Reddy >> > Filename : draft-ietf-dprive-dtls-and-tls-profiles-10.txt >> > Pages : 29 >> > Date : 2017-06-16 >> > >> > Abstract: >> > This document discusses Usage Profiles, based on one or more >> > authentication mechanisms, which can be used for DNS over Transport >> > Layer Security (TLS) or Datagram TLS (DTLS). These profiles can >> > increase the privacy of DNS transactions compared to using only clear >> > text DNS. This document also specifies new authentication mechanisms >> > - it describes several ways a DNS client can use an authentication >> > domain name to authenticate a (D)TLS connection to a DNS server. >> > Additionally, it defines (D)TLS protocol profiles for DNS clients and >> > servers implementing DNS-over-(D)TLS. This document updates RFC >> > 7858. >> > >> > >> > The IETF datatracker status page for this draft is: >> > https://datatracker.ietf.org/doc/draft-ietf-dprive-dtls-and- >> tls-profiles/ >> > >> > There are also htmlized versions available at: >> > https://tools.ietf.org/html/draft-ietf-dprive-dtls-and-tls-profiles-10 >> > https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dtls >> -and-tls-profiles-10 >> > >> > A diff from the previous version is available at: >> > https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-dtls-and >> -tls-profiles-10 >> > >> > >> > Please note that it may take a couple of minutes from the time of >> submission >> > until the htmlized version and diff are available at tools.ietf.org. >> > >> > Internet-Drafts are also available by anonymous FTP at: >> > ftp://ftp.ietf.org/internet-drafts/ >> > >> > _______________________________________________ >> > dns-privacy mailing list >> > [email protected] >> > https://www.ietf.org/mailman/listinfo/dns-privacy >> >> _______________________________________________ >> dns-privacy mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dns-privacy >> > >
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
