DANE Authentication for Network Clients Everywhere
charter-ietf-dance-01
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2022-03-23
|
01 | Amy Vezza | Responsible AD changed to Paul Wouters from Roman Danyliw |
2021-09-24
|
01 | Cindy Morgan | New version available: charter-ietf-dance-01.txt |
2021-09-24
|
00-02 | Cindy Morgan | State changed to Approved from External Review (Message to Community, Selected by Secretariat) |
2021-09-24
|
00-02 | Cindy Morgan | IESG has approved the charter |
2021-09-24
|
00-02 | Cindy Morgan | Closed "Approve" ballot |
2021-09-24
|
00-02 | Cindy Morgan | WG action text was changed |
2021-09-23
|
00-02 | Francesca Palombini | [Ballot Position Update] New position, No Objection, has been recorded for Francesca Palombini |
2021-09-23
|
00-02 | Robert Wilton | [Ballot Position Update] New position, No Objection, has been recorded for Robert Wilton |
2021-09-22
|
00-02 | Murray Kucherawy | [Ballot Position Update] New position, No Objection, has been recorded for Murray Kucherawy |
2021-09-22
|
00-02 | Benjamin Kaduk | [Ballot Position Update] New position, Yes, has been recorded for Benjamin Kaduk |
2021-09-22
|
00-02 | John Scudder | [Ballot Position Update] New position, No Objection, has been recorded for John Scudder |
2021-09-22
|
00-02 | Erik Kline | [Ballot Position Update] New position, No Objection, has been recorded for Erik Kline |
2021-09-22
|
00-02 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2021-09-20
|
00-02 | Roman Danyliw | Changed charter milestone "TLS extension to indicate DANE identification capability and the client's DANE identity name to WGLC", set description to "TLS extension to indicate … Changed charter milestone "TLS extension to indicate DANE identification capability and the client's DANE identity name to WGLC", set description to "TLS extension to indicate DANE identification capability and the client's DANE identity name to WGLC (PS)" |
2021-09-20
|
00-02 | Roman Danyliw | Changed charter milestone "DANE client authentication and publication practice to WGLC", set description to "DANE client authentication and publication practice to WGLC (PS)" |
2021-09-20
|
00-02 | Roman Danyliw | Changed charter milestone "DANCE architecture and use cases to WGLC", set description to "DANCE architecture and use cases to WGLC (informational)" |
2021-09-20
|
00-02 | Zaheduzzaman Sarker | [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker |
2021-09-20
|
00-02 | Lars Eggert | [Ballot comment] It would be useful if each deliverable/milestones indicated the RFC status that is aimed at. |
2021-09-20
|
00-02 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded for Lars Eggert |
2021-09-17
|
00-02 | Martin Duke | [Ballot Position Update] New position, No Objection, has been recorded for Martin Duke |
2021-09-14
|
00-02 | Roman Danyliw | [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw |
2021-09-10
|
00-02 | Cindy Morgan | Telechat date has been changed to 2021-09-23 from 2021-09-09 |
2021-09-10
|
00-02 | Cindy Morgan | Created "Approve" ballot |
2021-09-10
|
00-02 | Cindy Morgan | Closed "Ready for external review" ballot |
2021-09-10
|
00-02 | Cindy Morgan | State changed to External Review (Message to Community, Selected by Secretariat) from Start Chartering/Rechartering (Internal Steering Group/IAB Review) |
2021-09-10
|
00-02 | Cindy Morgan | WG new work message text was changed |
2021-09-10
|
00-02 | Cindy Morgan | WG review text was changed |
2021-09-10
|
00-02 | Cindy Morgan | WG review text was changed |
2021-09-10
|
00-02 | Cindy Morgan | WG review text was changed |
2021-09-09
|
00-02 | Murray Kucherawy | [Ballot Position Update] New position, No Objection, has been recorded for Murray Kucherawy |
2021-09-09
|
00-02 | Francesca Palombini | [Ballot Position Update] New position, No Objection, has been recorded for Francesca Palombini |
2021-09-09
|
00-02 | John Scudder | [Ballot comment] The charter defines “RPK” as “raw public keys”. This is a near-collision with “RPKI” defined in RFC 6480 as “resource public key infrastructure“. … [Ballot comment] The charter defines “RPK” as “raw public keys”. This is a near-collision with “RPKI” defined in RFC 6480 as “resource public key infrastructure“. Maybe this use of “RPK” is long-standing practice, in which case of course there’s not much to be done. I point it out in case the observation is useful. (Also, the acronym although defined is never referenced in the charter, so the definition could easily be left out if desired. The same is true of a few other acronyms.) |
2021-09-09
|
00-02 | John Scudder | [Ballot Position Update] New position, No Objection, has been recorded for John Scudder |
2021-09-08
|
00-02 | Roman Danyliw | Changed charter milestone "TLS extension to indicate DANE identification capability and the client's DANE identity name to WGLC", set due date to January 2023 from … Changed charter milestone "TLS extension to indicate DANE identification capability and the client's DANE identity name to WGLC", set due date to January 2023 from May 2022 |
2021-09-08
|
00-02 | Roman Danyliw | Changed charter milestone "DANE client authentication and publication practice to WGLC", set due date to January 2023 from May 2022 |
2021-09-08
|
00-02 | Roman Danyliw | New version available: charter-ietf-dance-00-02.txt |
2021-09-08
|
00-01 | Benjamin Kaduk | [Ballot comment] The DNS namespace, together with DNSSEC, forms the most widely-recognized namespace and authenticated lookup mechanism on the … [Ballot comment] The DNS namespace, together with DNSSEC, forms the most widely-recognized namespace and authenticated lookup mechanism on the Internet. DANE builds on this authenticated lookup mechanism to enable public key-based TLS authentication which is resilient to impersonation, but only for TLS server identities. We might reference RFC 6698 for DANE. OVERLY PEDANTIC NITS The process of establishing trust in public-key-authenticated identity typically involves the use of a Public Key Infrastructure (PKI), and a shared PKI root of trust between the parties exchanging public keys. "shared PKI root of trust" seems to imply that both parties have credentials that chain up to the same root of trust (or at least that the level of trust in the root is shared between parties), which need not be the case. In principle the parties can use credentials anchored at different roots of trust, so long as the verifier is willing to use the corresponding root of trust for this purpose. So we might say instead "and a root of trust deemed valid by the entity validating the authenticated identity". Or we could ignore it, and try to not be overly pedantic. |
2021-09-08
|
00-01 | Benjamin Kaduk | [Ballot Position Update] New position, Yes, has been recorded for Benjamin Kaduk |
2021-09-08
|
00-01 | Robert Wilton | [Ballot comment] Sounds useful. I'm wondering whether restricting the initial use case to TLS client only will limit its usefulness in IOT onboarding? I'm not … [Ballot comment] Sounds useful. I'm wondering whether restricting the initial use case to TLS client only will limit its usefulness in IOT onboarding? I'm not sure if it is important, but from the scope of work, it is unclear to me whether the format of DNS DANE records would need to change, or whether this is use a new use of the existing DANE records. Nits: Para 3: "DANE builds on" => "DANE built on"? Or otherwise perhaps change "DANE did not" to "the DANE WG did not". Para 4: "large deployment" => "large deployments"? Are the milestone dates correct (i.e., the architecture and use cases is expected to be standardized after the solution)? |
2021-09-08
|
00-01 | Robert Wilton | [Ballot Position Update] New position, No Objection, has been recorded for Robert Wilton |
2021-09-08
|
00-01 | Martin Vigoureux | [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux |
2021-09-07
|
00-01 | Erik Kline | [Ballot Position Update] New position, Yes, has been recorded for Erik Kline |
2021-09-07
|
00-01 | Roman Danyliw | New version available: charter-ietf-dance-00-01.txt |
2021-09-07
|
00-00 | Martin Duke | [Ballot Position Update] New position, No Objection, has been recorded for Martin Duke |
2021-09-07
|
00-00 | Zaheduzzaman Sarker | [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker |
2021-09-06
|
00-00 | Éric Vyncke | [Ballot comment] In the first item in the scope of the WG there is no mention of DANE. Should there be one ? |
2021-09-06
|
00-00 | Éric Vyncke | [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke |
2021-09-06
|
00-00 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded for Lars Eggert |
2021-09-03
|
00-00 | Alvaro Retana | [Ballot comment] Just a nit: s/any required TLS protocol updates required to support/any TLS protocol updates required to support |
2021-09-03
|
00-00 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2021-09-02
|
00-00 | Roman Danyliw | [Ballot comment] To the IESG -- As you review this charter text and the associate background, note that DANCE is motivated by the two DANISH … [Ballot comment] To the IESG -- As you review this charter text and the associate background, note that DANCE is motivated by the two DANISH BoFs held during IETF 110 and 111. One of the items of feedback was to generalize the proposal to remove the IoT focus, hence the renaming of the group (from DANISH to DANCE). Background materials from the BOF are at: * DANISH BoFs: * DANISH mailing list archive: |
2021-09-02
|
00-00 | Roman Danyliw | [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw |
2021-09-02
|
00-00 | Amy Vezza | Placed on agenda for telechat - 2021-09-09 |
2021-09-02
|
00-00 | Roman Danyliw | Added charter milestone "DANCE architecture and use cases to WGLC", due July 2022 |
2021-09-02
|
00-00 | Roman Danyliw | Added charter milestone "TLS extension to indicate DANE identification capability and the client's DANE identity name to WGLC", due May 2022 |
2021-09-02
|
00-00 | Roman Danyliw | Added charter milestone "DANE client authentication and publication practice to WGLC", due May 2022 |
2021-09-02
|
00-00 | Roman Danyliw | WG action text was changed |
2021-09-02
|
00-00 | Roman Danyliw | WG review text was changed |
2021-09-02
|
00-00 | Roman Danyliw | WG review text was changed |
2021-09-02
|
00-00 | Roman Danyliw | Created "Ready for external review" ballot |
2021-09-02
|
00-00 | Roman Danyliw | State changed to Start Chartering/Rechartering (Internal Steering Group/IAB Review) from Draft Charter |
2021-09-01
|
00-00 | Cindy Morgan | Initial review time expires 2021-09-08 |
2021-09-01
|
00-00 | Cindy Morgan | State changed to Draft Charter from Not currently under review |
2021-09-01
|
00-00 | Cindy Morgan | New version available: charter-ietf-dance-00-00.txt |