Use Cases and Requirements for DNS-Based Authentication of Named Entities (DANE)
draft-ietf-dane-use-cases-05

[Ballot discuss]
Before I can add my support to this well-written document I would like the author to address the following issue raised in the DNS-DIR review by Peter Koch:

I have a concern regarding the repeated use of the term "domain holder" throughout the document. In the introduction it says

  With the advent of DNSSEC [RFC4033], it is now possible for DNS name
  resolution to provide its information securely, in the sense that
  clients can verify that DNS information was provided by the domain
  holder and not tampered with in transit. [...]

where the first conclusion simply isn't true.  All that DNSSEC provides is data origin authentication with the origin being the DNS zone. DNSSEC dos not help to identify the party applying or authorizing entries into that zone.  Later on, section 3.3 correctly makes that distinction:

  By the same token, this use case puts the most power in the hands of
  DNS operators.  Since the operator of the appropriate DNS zone has de
  facto control over the content and signing of the zone, he can create
  false DANE records that bind a malicious party's certificate to a
  domain.  This risk is especially important to keep in mind in cases
  where the operator of a DNS zone is a different entity than the
  holder of the domain, as in DNS hosting/outsourcing arrangements,
  since in these cases the DNS operator might be able to make changes
  to a domain that are not authorized by the holder of the domain.

However, it's not only a malicious operator that can interfere. Nowhere does it say that the operator has specific duties to verify or validate DANE information before entering data into the zone. Negligence or malice don't make a difference.  The fact that the zone is DNSSEC signed does not change that since the only meaning of the RRSIGs is that the zone operator attests the data was present as signed.

Also "domain holder" is usually understood as equivalent to a registrant, meaning someone who registered a 2nd (or 3rd, where applicable) domain name.  It is not obvious how to apply this logic to nodes further down the tree.

[Ballot comment]
My hesitancy to put a "Yes" on this document is exactly the opposite of Jari's: I think this document bends over backwards far too much in section 3.3 to preserve traditional root CAs. Indeed, I would have much preferred if the use cases *started* with 3.3 and ended with 3.1, as I think 3.3 is the much more interesting use case. As stated in the last paragraph of 3.3, DNS ops are already trusted more than than root CAs, as a malicious DNS operator can already obtain a root CA signed cert for domains that they control, so as a domain owner I currently need to trust two entities. Better in the long run that I trust one (the DNS op), and all the better that I can be my own DNS op and be in charge of my own certs.

I am fully in favor of this effort. I only wish this document did less kowtowing to the current CA model.

[Ballot comment]
I would support this document with a Yes position otherwise, but I'm a bit hesitant on the ability to *replace* (not just add to) the traditional root certificate operators by DNS operators. Its not clear that I trust the DNS operators any more than I trust the root CAs... (and besides, they are often the same guys), so this flexibility seems to add potential vulnerabilities to bid down to the least trusted DNS/CA operator.

[Ballot comment]
I strongly support publication of this document.

I have one comment of substance: Section 2 states that "multiple servers ... may be co-located on a single physical host, using different ports". If I understand this statement correctly, I think the part about different ports applies to some application protocols (e.g., HTTP) but not to all application protocols. Perhaps "often using different ports" would be more accurate?

Also, it would be good to fix the minor but annoying typographical errors that have crept into the document ("ciertificate", "case a denial of service", "Section Section", etc.).

State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Subject: Last Call:  (Use Cases and Requirements for DNS-based Authentication of Named Entities (DANE)) to Informational RFC


The IESG has received a request from the DNS-based Authentication of
Named Entities WG (dane) to consider the following document:
- 'Use Cases and Requirements for DNS-based Authentication of Named
  Entities (DANE)'
  as an Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2011-07-19. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  Many current applications use the certificate-based authentication
  features in TLS to allow clients to verify that a connected server
  properly represents a desired domain name.  Traditionally, this
  authentication has been based on PKIX trust hierarchies, rooted in
  well-known CAs, but additional information can be provided via the
  DNS itself.  This document describes a set of use cases in which the
  DNS and DNSSEC could be used to make assertions that support the TLS
  authentication process.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-dane-use-cases/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-dane-use-cases/


No IPR declarations have been submitted directly on this I-D.

(1.a) Who is the Document Shepherd for this document? Has the
Document Shepherd personally reviewed this version of the
document and, in particular, does he or she believe this
version is ready for forwarding to the IESG for publication?

Ond?ej Surý is the Document Shepherd. I have personally reviewed the
document and I believe it is ready for publication.

(1.b) Has the document had adequate review both from key WG members
and from key non-WG members? Does the Document Shepherd have
any concerns about the depth or breadth of the reviews that
have been performed?

The document has been reviewed by both key DANE WG participants and also
by members of DNS and PKIX communities. There is no concern about the
reviews.

(1.c) Does the Document Shepherd have concerns that the document
needs more review from a particular or broader perspective,
e.g., security, operational complexity, someone familiar with
AAA, internationalization or XML?

The Document Shepherd doesn't have any concerns.

(1.d) Does the Document Shepherd have any specific concerns or
issues with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he
or she is uncomfortable with certain parts of the document, or
has concerns whether there really is a need for it. In any
event, if the WG has discussed those issues and has indicated
that it still wishes to advance the document, detail those
concerns here. Has an IPR disclosure related to this document
been filed? If so, please include a reference to the
disclosure and summarize the WG discussion and conclusion on
this issue.

Responsible Area Director and the IESG should be aware of that some WG
members has expressed concern about a use case where the future-to-be
DANE protocol can be used without DNSSEC, e.g. use DNS responses which
has not been signed and/or validated by DNSSEC. However there was a
rough consensus in the WG that it's OK for the use cases document to
describe the security implications of not using DNSSEC, leaving the
final decision on support for the protocol document. The WG chairs and
the document author supports this view reached by rough consensus.

(1.e) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with
others being silent, or does the WG as a whole understand and
agree with it?

There is a strong consensus on this document by the active WG members
with notable exception as outlined in (1.d) where only rough consensus
was reached.

(1.f) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in
separate email messages to the Responsible Area Director. (It
should be in a separate email because this questionnaire is
entered into the ID Tracker.)

None.

(1.g) Has the Document Shepherd personally verified that the
document satisfies all ID nits? (See the Internet-Drafts
Checklist and http://tools.ietf.org/tools/idnits/). Boilerplate
checks are not enough; this check needs to be thorough. Has the
document met all formal review criteria it needs to, such as
the MIB Doctor, media type and URI type reviews?

The document has been reviewed manually against ID Checklist Revision
1.9 and automatically with idnits 2.12.12.

(1.h) Has the document split its references into normative and
informative? Are there normative references to documents that
are not ready for advancement or are otherwise in an unclear
state? If such normative references exist, what is the
strategy for their completion? Are there normative references
that are downward references, as described in [RFC3967]? If
so, list these downward references to support the Area
Director in the Last Call procedure for them [RFC3967].

The document splits the references. There is no downward reference
in the normative reference.

(1.i) Has the Document Shepherd verified that the document IANA
consideration section exists and is consistent with the body
of the document? If the document specifies protocol
extensions, are reservations requested in appropriate IANA
registries? Are the IANA registries clearly identified? If
the document creates a new registry, does it define the
proposed initial contents of the registry and an allocation
procedure for future registrations? Does it suggest a
reasonable name for the new registry? See [RFC5226]. If the
document describes an Expert Review process has Shepherd
conferred with the Responsible Area Director so that the IESG
can appoint the needed Expert during the IESG Evaluation?

Yes. IANA consideration section exists in the document, but no action
is required.

(1.j) Has the Document Shepherd verified that sections of the
document that are written in a formal language, such as XML
code, BNF rules, MIB definitions, etc., validate correctly in
an automated checker?

The document contains no formal language.

(1.k) The IESG approval announcement includes a Document
Announcement Write-Up. Please provide such a Document
Announcement Write-Up? Recent examples can be found in the
"Action" announcements for approved documents. The approval
announcement contains the following sections:

Technical Summary

Many current applications use the certificate-based authentication
features in TLS to allow clients to verify that a connected server
properly represents a desired domain name. Traditionally, this
authentication has been based on PKIX trust hierarchies, rooted in
well-known CAs, but additional information can be provided via the
DNS itself. This document describes a set of use cases in which the
DNS and DNSSEC could be used to make assertions that support the TLS
authentication process.

Working Group Summary
Was there anything in WG process that is worth noting? For
example, was there controversy about particular points or
were there decisions where the consensus was particularly
rough?

The DANE WG has been asked at the IETF80 meeting in Prague to write the
use cases document before it continue the work on the DANE protocol draft.

The draft has been discussed in the DANE WG mailing list and has a
strong consensus in the WG for publication as an informational RFC
with notable exception of controversy about allowing to use DNS
responses not validated by DNSSEC in one of the use cases. The rough
consensus is that this is still a valid use case and the issue will be
addressed and resolved in the DANE protocol draft.

Document Quality
Are there existing implementations of the protocol? Have a
significant number of vendors indicated their plan to
implement the specification? Are there any reviewers that
merit special mention as having done a thorough review,
e.g., one that resulted in important changes or a
conclusion that the document had no substantive issues? If
there was a MIB Doctor, Media Type or other expert review,
what was its course (briefly)? In the case of a Media Type
review, on what date was the request posted?

This document was reviewed by various people and has been through WGLC
successfully.