Hi Kathleen, Sorry for the delay. We'll have an updated draft addressing the IESG discuss/comments shortly after the I-D submission window opens early this week.
The one other sticking point is the issue that Viktor has raised about extending the protocol to provide pinning to prevent downgrade to PKIX. That has not been resolved on list yet, so I assume will be discussed at Wednesday's TLS session. Shumon. On Mon, Mar 12, 2018 at 7:22 PM, Kathleen Moriarty < kathleen.moriarty.i...@gmail.com> wrote: > Hello, > > Can you please provide updated text that addresses EKR's discuss while > this additional discussion continues? I'd like to see if it's > possible to get this wrapped up before the plenary in London. > Eliminating discuss points and resolving this additional issue are > required for that. If this does not get wrapped up before then, it is > likely the draft will have to go on another IESG telechat with Ben as > AD, which is fine if that's needed, but better to avoid. > > Thank you, > Kathleen > > On Mon, Mar 12, 2018 at 2:29 PM, Paul Wouters <p...@nohats.ca> wrote: > > On Mon, 5 Mar 2018, Willem Toorop wrote: > > > >> No Paul, the division in sections is irrelevant for a verifier. The > >> only bit of information in a DNS message that is used by a verifier is > >> the question. From the question, validation starts and the relevant > >> records are followed and verified. But the question section is also not > >> needed as the question can be derived from the name and port of the > >> service, i.e. <port>._tcp.<name>. TLSA > >> > >> The order described in the draft is both an optimization to reduce the > >> number of times a verifier has to go over the RRs, and it makes the > >> content easier to read (and understand) for humans too. > >> > >> Also, for non existence answers, DNSSEC validators (and thus also a > >> verifier for the chain extension) simply ignore the DNS message header. > >> Proof of non-existence can and must be derived from the set of RRs in > >> the message body/sections too. > > > > > > Willem (and Shumon and Viktor) have convinced me the DNS Header and > > Sections are not needed. > > > >> The extension already supports Denial of Existence proof b.t.w., because > >> it is also needed for wildcard expansions (which are supported). > > > > > > The issue here is the requirement of the TLS server to send these > > records in the absence of any TLS record. This allows the clients to > > detect a rogue webserver cert that is valid in webPKI but not valid > > based on DANE. Without this commitment, the TLS extension does not > > really work, as it can be omitted by an attacker. > > > > Paul > > > > > > -- > > Best regards, > Kathleen >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
