On Sat, Aug 16, 2014 at 4:19 PM, Nico Williams <nico@xxxxxxxxxxxxxxxx> wrote: > On Sat, Aug 16, 2014 at 04:48:54AM +0000, Viktor Dukhovni wrote: >> Perhaps I should expand the example section to explain opportunistic >> DANE TLS for SMTP (even if that spec is still some weeks from LC), >> not just opportunistic TLS. Then people might have a better >> understanding of how opportunistic authentication works with DANE, >> and should work generally. I don't want the draft to over-emphasize >> DANE, it not just about DANE, but leaving out that example may have >> resulted in text that is a too abstract. > > For me DANE is the critical piece to understanding how the OS protocol > design pattern can raise the floor without lowering the ceiling and > without encouraging a general reduction of security against active > attacks. The key lies in DNSSEC's authenticated non-existence > functionality. ??? DANE isn't opportunistic security. It is authenticated security policy and keys. Thats the opposite of opportunistic.