Skip to main content

Early Review of draft-ietf-dance-architecture-06
review-ietf-dance-architecture-06-secdir-early-nystrom-2024-07-24-00

Request Review of draft-ietf-dance-architecture-06
Requested revision 06 (document currently at 06)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2024-07-19
Requested 2024-06-19
Requested by Wes Hardaker
Authors Ash Wilson , Shumon Huque , Olle E. Johansson , Michael Richardson
I-D last updated 2024-07-24
Completed reviews Dnsdir Early review of -06 by Vladimír Čunát
Secdir Early review of -06 by Magnus Nyström
Iotdir Early review of -06 by Ines Robles
Assignment Reviewer Magnus Nyström
State Completed
Request Early review on draft-ietf-dance-architecture by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/lHux6MAzlngW2iNDsa565XBboLo
Reviewed revision 06
Result Not ready
Completed 2024-07-24
review-ietf-dance-architecture-06-secdir-early-nystrom-2024-07-24-00
Like Ines Robles, I find this document not ready for publication, given several
open questions still remaining in the document itself, as well as, apparently,
externally recorded issues. As such, my review here is more an attempt to
provide feedback to the authors. - The approach is interesting but, to my
knowledge, similar attempts to leverage DNS has been proposed earlier (see
e.g., https://hal.science/hal-03798465/ - not sure if this document builds on
that work) and it could be interesting to compare with earlier proposals and
why this one would stand a better chance of succeeding. - As mentioned in the
document, requesting a TLS server to perform DNS lookup actions based on an
unauthenticated request seems prone to dDoS attacks, and it would be good if
the document could describe in some more detail how DANCE-enabled TLS servers
could protect against this. - The document touches on aspects of lifecycle
management for these certificates (e.g., "revocation is performed by simply
removing a DNS record,' or complexities when a device manufacturer no longer
supports or maintains the DNS entries). Would it make sense to have a fuller
discussion around lifecycle management of certificates in the context of DANCE?
I look forward to future revisions of this document.