**Session Date/Time:** 28 Mar 2023 06:30 # Dance ## Summary The DANCE working group meeting covered the last call results for the client ID and client authentication drafts, updates to the DANCE architecture (which didn't happen due to participant availability), and discussed extended use cases. A presentation on a mutual evaluation mechanism for web services using DNS signatures was given. Additionally, the applicability of DANE for mail submission and potential use cases for client certificates in SMTP were discussed. ## Key Discussion Points * **Last Call Results:** Both the client ID and client authentication drafts received significant feedback, necessitating updates from the authors. Specific issues included clarification on content types, reference checks, client name limits, use cases for mixed environments, decode error alerts, and interoperability improvements for the client ID draft. For the client authentication draft, the need for more examples, handling of wildcards, encoding transport level labels, security considerations, and the use of "MUST" vs "SHOULD" were discussed. * **Mutual Evaluation Mechanism for Web Services:** Kevin University presented a research project focused on mutual evaluation of web service redirection relationships using DNS signatures. The discussion centered on why the project didn't use TLS records instead of TXT records, and the need for servers to sign each other's public keys, which raised concerns about key update management and redundancy. The presentation highlighted issues in maintaining service integrity across multiple providers. * **DANE for Mail Submission:** John Levine initiated a discussion about applying DANE to mail submission, differentiating between submission and SMTP. He suggested that client certificate authentication for submission is well-established and that DANE could enhance it. The possibility of using DANE for Smtp and providing client identity at the transport layer for business partners was explored. ## Decisions and Action Items * **Client ID and Client Authentication Drafts:** Authors to update drafts based on last call feedback and submit to IESG for publication. * **Architecture Document:** (Deferred) Awaiting updates from Ali and Michael. * **Mail Use Cases:** John Levine will submit a pull request with text for the architecture document regarding mail submission. ## Next Steps * Authors to update and resubmit Client ID and Client Authentication drafts. * Schedule further discussion on architecture document when Ali and Michael are available. * Evaluate John Levine's proposed text for mail use cases in the architecture document.