Thanks to everyone who contributed to this point. My conclusions
so far:
- Since "local policy" may exclude an arbitrary subset of the
digest algorithms from consideration, whether the digest
algorithm employed by clients is as I suggest, or not, server
operators MUST apply the SAME set of digests to all objects
published in a TLSA RRset, since otherwise the "visibility"
of objects in the RRset will be client dependent.
- Given the above clients either MAY or SHOULD apply the
algorithm I propose, it provides incremental benefit before
weaker algorithms are dropped, and reduces risks to servers
that publish weaker algorithms.
For example, with opportunistic TLS, client and server
implementations can safely leave weaker cipher-suites at a
low priority on their cipher-lists, because these will not be
chosen when stronger options are available. When nothing
better is available, these are at least better than cleartext.
If "local policy" per 6698, includes the possibility of "adaptive
local policy" that depends on the server's TLSA RRset content, then
my proposal is already an implicit MAY per 6698. I'd like to propose
to elevate it to a SHOULD, while emphasizing the MUST for the server
to publish cross-product TLSA RRsets when employing multiple digests.
Reminder: the proposal is that clients SHOULD apply some local
ranking to the digest algorithms, and only use those records for
each (usage, selector) combination that either have a matching type
of Full(0) or have the best ranking among all digests used with
that (usage, selector). Clients SHOULD have a way to completely
disable algorithms.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
