I haven't been following this WG closely but read the draft and discussion to see what this was all about, so here's an opinion from a somewhat external reviewer, not in the room in London:
On 4/4/18 10:50 AM, Joseph Salowey wrote: > Hi Folks, > > Some objections were raised late during the review of > the draft-ietf-tls-dnssec-chain-extension. The question before the > working group is either to publish the document as is or to bring the > document back into the working group to address the following issues: > > - Recommendation of adding denial of existence proofs in the chain > provided by the extension > - Adding signaling to require the use of this extension for a period > of time (Pinning with TTL) From reading the abstract and introduction to this draft, it appears to be proposing mostly a performance improvement for retrieving web pages using DANE authentication. There is some security improvement, but that seems to be incidental to the performance improvement. That would argue in favor of publishing the draft as-is. However: > > This is a consensus call on how to progress this document. Please > answer the following questions: > > 1) Do you support publication of the document as is, leaving these two > issues to potentially be addressed in follow-up work? > > If the answer to 1) is no then please indicate if you think the > working group should work on the document to include > > A) Recommendation of adding denial of existence proofs in the chain > provided by the extension There seems to be some disagreement whether the draft as written allows inclusion of denial-of-existence proofs. So that's an ambiguity in the spec, and I support resolving that ambiguity (hopefully in favor of including them). > B) Adding signaling to require the use of this extension for a period > of time (Pinning with TTL) From the discussion I have read, there seems to be disagreement about what even the semantics of this pinning would be. And if it's unclear to the WG participants, it's going to be even less clear to others that are implementing this. I am also of the opinion that pinning is somewhat subtle; it requires a detailed understanding of the mechanism to remove (expire) the pin, and if done wrong can result in availability problems. In addition, the pins here would be maintained in individual browsers. There is less benefit from pinning because unlike some other pinning mechanisms, there isn't any leverage of the TOFU experience had by others. This requires further thought, and I do not support adding pinning to this draft. Perhaps as a separate draft, but the WG needs to decide on that. > C) Both Summary: (A) -Jim
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
