On 4/21/21 1:49 PM, Michael Thomas wrote:
My takeaway from these exchanges is a bit different. You are advocating for using Dane instead of PKI during the authentication exchange, because this leads to fewer packets. People provided three different counter arguments. The first argument was that in first order, performance is measured by the number of round-trips, not the number of packets, and that using Dane instead of PKI would not result in big performance gains in practice. The second argument was that the full authentication exchange is only used in a small fraction of connections. The other exchanges use session resumption, and in that case there is no difference between Dane and PKI. The third argument was that there is no specific work to do in the QUIC working group on this topic, since QUIC relies on TLS 1.3 for authentication and TLS 1.3 already supports Dane. Using Dane instead of PKI is a deployment issue, not a protocol development issue, and there is no concrete work for the QUIC WG.The meta question is whether that is so off topic that it needs to be officially shut down with the working group chairs. The technical merits are what they are. What I was told in no uncertain terms is that I am not allowed to even ask the question. Is that appropriate?
Why are you asking us, when it's really the responsible ADs' job to determine the answer to that question? There's not one right generic answer to that kind of question. The answer to that question requires evaluating the technical merits of the idea with respect to the WG's charter, which is a lot of work for anyone who isn't already "in the loop" to evaluate.
Keith
