On Sun, Mar 1, 2015 at 3:27 PM, Viktor Dukhovni
<ietf-dane(_at_)dukhovni(_dot_)org>
wrote:
On Sun, Mar 01, 2015 at 10:21:33AM -0500, Phillip Hallam-Baker wrote:
In particular make it possible to explicitly specify criteria such as
'use
TLS transport' or 'XYZ authentication is required'.
For both MX and SRV the DANE WG has settled on publication of TLSA
RRs to signal both "TLS is required" and "DANE authentication is
required".
I was actually referring to client authentication.
The DANE WG did make the decision you decide. But they did not get buy in
from any of the constituencies required to achieve deployment.
In standards work there is a big difference between describing *A* way to
do something and *THE* way to do something.
Sure there are folk who can move documents through IETF faster than a dose
of Ex-Lax will unblock a dodgy vindaloo. But the result is you end up with
a specification rather than a standard. Sometimes that is the desired
outcome.