On Wed, Jul 29, 2015 at 08:45:03AM +0200, Paul Wouters wrote:
> Sounds familiar :)
>
> https://tools.ietf.org/html/draft-ietf-dnsop-edns-chain-query-02
Excellent. Now I don't have to write that :)
Now all we need is a document somewhere explaining how to use DNS (to
the local caching resolver d
Followup
Sorry I guess I see everything as DNSSD... :-/
I meant DDNS ...
-Original Message-
From: Hosnieh Rafiee [mailto:i...@rozanak.com]
Sent: Wednesday, July 29, 2015 11:12 PM
To: 'dane@ietf.org'
Subject: PKI -> what you think?
Hello All,
I had a presentation in SDNRG about a PK
Hello All,
I had a presentation in SDNRG about a PKI model. It is about how to use DANE
and DNSSD in different use case scenarios.
Please take a look and leave me your feedback on whether or not you think it
is useful.
https://www.ietf.org/proceedings/93/slides/slides-93-sdnrg-3.pdf
Thanks,
On Wed, Jul 29, 2015 at 05:38:48PM +, Viktor Dukhovni wrote:
> On Wed, Jul 29, 2015 at 12:01:28PM -0500, Nico Williams wrote:
> > If there's a latency hit, it will be when a sever has both, [...]
>
> This raises an interesting point.
>
> [...optimization discussion elided...]
>
> I don't know
On Wed, Jul 29, 2015 at 12:01:28PM -0500, Nico Williams wrote:
> If there's a latency hit, it will be when a sever has both, a long PKIX
> certificate chain and a long DNSSEC/DANE RRset chain to send (since both
> have to be transmitted, and the client may end up having to validate
> both). Opera
On Wed, Jul 29, 2015 at 08:17:28AM -0700, Barry Leiba wrote:
> NEW
>DANE TLSA records validated by
>DNSSEC can be used to augment or replace the use of trusted public
> END
Thanks, done.
> NEW
>[RFC6698] defines three TLSA record fields, the first with 4 possible
>values, the sec
On Tue, Jul 28, 2015 at 05:26:16PM -0800, Melinda Shore wrote:
> I think the primary concern about that is the possibility
> of introducing additional latency, given that we're trying
> to minimize the DANE performance hit on clients like browsers,
> who tend to be extremely sensitive to delay. [.
Barry Leiba has entered the following ballot position for
draft-ietf-dane-ops-14: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://w
On Wed, Jul 29, 2015 at 4:39 AM, Ian Maddison wrote:
>
> On 29 Jul 2015, at 08:19, Patrick Ben Koetter wrote:
>
> There's no usable client authentication at the moment.
> A first draft for client authentication has been published:
>
> https://datatracker.ietf.org/doc/draft-huque-dane-client-cert
> On Jul 28, 2015, at 5:37 PM, Ian Maddison wrote:
>
>
>> On 29 Jul 2015, at 01:46, Viktor Dukhovni wrote:
>>
>> On Wed, Jul 29, 2015 at 12:42:52AM +0200, Ian Maddison wrote:
>>
>>> I'm looking for a way to run a recursive name server on a public IP address
>>> restricted to pre-configured r
> On 29 Jul 2015, at 08:19, Patrick Ben Koetter wrote:
>
> There's no usable client authentication at the moment.
> A first draft for client authentication has been published:
>
> https://datatracker.ietf.org/doc/draft-huque-dane-client-cert/
>
Thanks. Sorry, I should’ve been clearer, that’s
11 matches
Mail list logo
