I find Dennis’ writeup and most of his arguments convincing. I don’t think the WG should adopt the draft.
From: Dennis Jackson <ietf=40dennis-jackson...@dmarc.ietf.org> Sent: Tuesday, February 4, 2025 8:28 PM To: TLS List <tls@ietf.org> Subject: [EXTERNAL] [TLS] Re: Adoption Call for Trust Anchor IDs CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. It will not come as a surprise that I oppose adoption for the reasons laid out in 'Trust is non-negotiable' [1]. The claims that Trust Negotiation can improve security or compatibility just do not stand up to scrutiny. Especially as in over a year since first introduction, there has been no credible proposal for how TN could be deployed outside of browsers and major CDNs or how it could bring any benefit at all with such a limited scope for deployment. It's not like major CDNs struggle to offer certificates suitable for browsers. Even if the deployability concerns could be solved and so Trust Negotiation enabled at scale, then it would cause much more harm than good. Managing one certificate chain and CA relationship is already painful for many website operators, but TN would compound that pain by allowing root programs to diverge and placing the onus on website operators to obtain and manage multiple certificate chains to ensure compatibility with each root program's clients. It would also be a major abuse vector for users, who are much more likely to suffer than benefit from the resulting fragmentation of the WebPKI, as well as being put at risk by use of TN to establish new root programs with malicious or negligent stewardship (domestic PKIs, enshittification, ossification). In both cases, the result is a claimed reduction in operational burden for root programs and major CDNs (who have the most capacity and expertise to handle it) and the very material transfer of risk and complexity to users and website operators (who are least well equipped). As technologists evaluating a proposal that would alter the architecture of one of the Internet's most critical ecosystems, we owe users and website operators better. Best, Dennis [1] https://datatracker.ietf.org/doc/html/draft-jackson-tls-trust-is-nonnegotiable
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
