Re: [openpgp] The DANE draft

On Fri 2015-07-24 12:40:31 +0200, Phillip Hallam-Baker wrote:

1) The draft is approaching IETF last call. People working on OpenPGP
should review it now.


I looked at it with Petr Spacek after the meeting, and i plan on
providing Paul with a more detailed review shortly.

DANE is trying to do three different things. It is trying to be a key
discovery service, a security policy publication mechanism and a way
of validating keys using the DNSSEC.


I think this overview is accurate.  I also think all these things are
necessary.  While i'm not particularly excited at the prospect of a
hierarchically controlled system like DNS being the One True System, we
do need to find ways to address these three goals anyway.

So the way that I would approach using DNSSEC to validate a key for '
alice(_at_)example(_dot_)com' would be to introduce a record in the DNS with 
the
semantics 'X is authorized to sign for *@example.com'.


I think you mean "X is authorized to certify any key+User ID where the
user ID matches *.example.com", not that X is allowed to make sign mail
for *@example.com.  right?  I like this idea as a way of validating keys
for the DNSSEC (the third of your three prongs of DANE).  If you were to
make a record with the semantics "any OpenPGP key+User ID where the User
ID matches *@example.com should not be considered valid *unless* it is
certified by this key", then you could use it as a security policy
mechanism (prong two).

I would not attempt to fill the DNS with keys for Alice, Billybob,
Carol, Doug, Ethelred and co. It is not working for TLS and I don't
think it will work for OpenPGP or S/MIME.


So it sounds like the part you disagree with is the use of DNS/DANE as a
key discovery service (prong one).

I do not find the idea of relying on the DNS for my keys remotely
comforting and would not want to rely on such a record directly. The DNS
has no persistence to it. Give me the MIT keyserver any day.

What would interest me is if I could take a DNSSEC trust chain and intern
it in a blockchain. At that point the whole process becomes transparent and
I have a key I can place quite a bit of reliance on.


It sounds to me like you're interested in DNSSEC Transparency.  Perhaps
you could take that up in the trans WG?  I know there are other people
interested there (i am!) but this discussion doesn't belong on the
OpenPGP mailing list.

        --dkg

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [openpgp] The DANE draft, (continued) Re: [openpgp] The DANE draft, Phillip Hallam-Baker Re: [openpgp] [dane] The DANE draft, Paul Wouters Re: [openpgp] [dane] The DANE draft, Werner Koch Re: [openpgp] The DANE draft, Olafur Gudmundsson Re: [openpgp] The DANE draft, Simon Josefsson Re: [openpgp] The DANE draft, Stephen Farrell Re: [openpgp] The DANE draft, Aaron Zauner Re: [openpgp] The DANE draft, Aaron Zauner Re: [openpgp] The DANE draft, Stephen Farrell Re: [openpgp] The DANE draft, Paul Wouters Re: [openpgp] The DANE draft, Daniel Kahn Gillmor <= Re: [openpgp] The DANE draft, Paul Wouters Re: [openpgp] The DANE draft, Phillip Hallam-Baker Re: [openpgp] The DANE draft, Paul Wouters Re: [openpgp] The DANE draft, Phillip Hallam-Baker Re: [openpgp] The DANE draft, Paul Wouters Re: [openpgp] The DANE draft, Watson Ladd Re: [openpgp] The DANE draft, Paul Wouters Re: [openpgp] The DANE draft, Werner Koch