DNS-based Authentication of Named Entities
charter-ietf-dane-02
Yes
(Richard Barnes)
(Stephen Farrell)
No Objection
(Alissa Cooper)
(Brian Haberman)
(Jari Arkko)
(Kathleen Moriarty)
(Martin Stiemerling)
(Spencer Dawkins)
(Ted Lemon)
Note: This ballot was opened for revision 01-00 and is now closed.
Ballot question: "Is this charter ready for external review?"
Richard Barnes Former IESG member
Yes
Yes
(for -01-02)
Unknown
Stephen Farrell Former IESG member
Yes
Yes
(for -01-00)
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
(2014-06-04 for -01-00)
Unknown
These issues are nits. I'd love for them to be fixed, but they are not so important... Although those skilled in the art may know what "DANE and DANE-like functionality" is, I think the charter would do well to set this out in the first sentence such as: DANE is a set of mechanisms and techniques that allow Internet applications to establish cryptographically secured communications by using information distributed through DNSSEC for discovering and authenticating public keys which are associated with a service located at a domain name. There are three instances of "The group may..." (the last three paragraphs. I understand the desire to encourage the WG to do things and to be clear that doing them is not out of scope, but I wish that there was a stronger directive to do stuff or that it was simply left off the charter.
Alissa Cooper Former IESG member
No Objection
No Objection
(for -01-02)
Unknown
Barry Leiba Former IESG member
No Objection
No Objection
(2014-05-22 for -01-00)
Unknown
Editorial (bad grammar, and very hard to read): OLD DANE supports both Certificates and raw keys, further more Certificates and raw keys can be either the full key or a hash of the key. NEW DANE supports both certificates and raw keys. Furthermore, the keys (raw, or imbedded in certificates) can be full keys or hashes of keys. END Though, really, I think the sentence could just as well be removed as fixed.
Brian Haberman Former IESG member
No Objection
No Objection
(for -01-02)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -01-02)
Unknown
Kathleen Moriarty Former IESG member
No Objection
No Objection
(for -01-00)
Unknown
Martin Stiemerling Former IESG member
No Objection
No Objection
(for -01-02)
Unknown
Pete Resnick Former IESG member
No Objection
No Objection
(2014-06-10 for -01-02)
Unknown
I thought we were skipping external review? Is the ballot just wrong? Not quite worth a block, but I do think these changes should be made: The DANE WG will process documents that describe how to incorporate DANE and DANE-like functionality in protocols, and mechanisms to facilitate adoption of this functionality. Instead: "The DANE WG will specify how to incorporate DANE and DANE-like functionality into protocols." Also, specify the list (given that below it says no new items without rechartering): "The WG will specify such mechanisms for SMTP, SMIME, OPENPGP, and IPSEC." (It's not clear to me if the SRV document fits in this category.) The DANE working group will also assist other working groups with adding DANE functionality to their work. How does that differ from the above? In addition the working group will monitor and provide guidance to operators and tool developers. Strike that, or make it something the WG can actually accomplish like, "The DANE WG shall also produce a set of implementation guidance for operators and tool developers." When work on currently chartered documents is complete the WG may re-charter if sufficiently pressing new work is identified. Instead: "When work on the work items enumerated above is complete, the WG may re-charter if sufficiently pressing new work is identified." DANE is not intended to be a long-lived catch-all WG for all PKI in DNS issues and so will generally not adopt new work items without re-chartering. Peachy. And the Problem Statement is fine; it's just descriptive, AFAICT.
Spencer Dawkins Former IESG member
No Objection
No Objection
(for -01-02)
Unknown
Ted Lemon Former IESG member
No Objection
No Objection
(for -01-00)
Unknown