Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-17 Thread Viktor Dukhovni
> On Jun 17, 2018, at 11:14 PM, Paul Wouters wrote: > > I'm not sure if that's worth bringing into the errata. If we have the > errata as is, it might actually mislead developers into thiking they > must treet an indeterminate response as insecure and use it for TLSA. I don't think that's a p

Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-17 Thread Paul Wouters
On Sat, 16 Jun 2018, RFC Errata System wrote: Original Text - DNS records that would be classified "indeterminate" in the sense of [RFC4035] are simply classified as "insecure". Corrected Text -- DNS records that would be classified "indeterminate" in the sense

Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-16 Thread Viktor Dukhovni
> On Jun 16, 2018, at 7:10 PM, Paul Hoffman wrote: > > This erratum should be rejected. RFC 4035 defines "indeterminate" in Section > 4.4.3. (That'd be section 4.3, for anyone reading along). > RFC 4035 and RFC 4033 define "indeterminate" differently. Actually, the erratum is correct. RFC

Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-16 Thread Paul Hoffman
My apologies: you are correct. The erratum is fine. I remembered the discussion leading to this text incorrectly. --Paul Hoffman ___ dane mailing list dane@ietf.org https://www.ietf.org/mailman/listinfo/dane

Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-16 Thread Benjamin Kaduk
On Sat, Jun 16, 2018 at 04:10:28PM -0700, Paul Hoffman wrote: > This erratum should be rejected. RFC 4035 defines "indeterminate" in > Section 4.4.3. RFC 4035 and RFC 4033 define "indeterminate" differently. This statement is in the context of resolving the discrepancy; the full context is: A

Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-16 Thread Paul Hoffman
This erratum should be rejected. RFC 4035 defines "indeterminate" in Section 4.4.3. RFC 4035 and RFC 4033 define "indeterminate" differently. --Paul Hoffman On 16 Jun 2018, at 7:29, RFC Errata System wrote: The following errata report has been submitted for RFC7672, "SMTP Security via Opportu

Re: [dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-16 Thread Viktor Dukhovni
The reported erratum is correct, the text should have been as "Corrected". > On Jun 16, 2018, at 10:29 AM, RFC Errata System > wrote: > > The following errata report has been submitted for RFC7672, > "SMTP Security via Opportunistic DNS-Based Authentication of Named Entities > (DANE) Transport

[dane] [Technical Errata Reported] RFC7672 (5395)

2018-06-16 Thread RFC Errata System
The following errata report has been submitted for RFC7672, "SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS)". -- You may review the report below and at: http://www.rfc-editor.org/errata/eid5395