IETF Logo Mail Archive

Re: [Acme] WG last call for draft-ietf-acme-email-smime-06

"Salz, Rich" <rsalz@akamai.com> Tue, 05 May 2020 15:25 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F62B3A082D for <acme@ietfa.amsl.com>; Tue, 5 May 2020 08:25:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RZ50X8hPu4c2 for <acme@ietfa.amsl.com>; Tue, 5 May 2020 08:25:05 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BD273A0866 for <acme@ietf.org>; Tue, 5 May 2020 08:25:02 -0700 (PDT)
Received: from pps.filterd (m0122333.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 045FLoVH009164; Tue, 5 May 2020 16:25:01 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=G9dBYqSpnPbIxV89v272FfbDK3sCl3uB/zSBoXTyYWQ=; b=lQTXP2PVRFxy9bJtXZutl6c//sS1bXoh/HxmSaosCjEAS8SZ4SYlLe7OXXPNcd0BnH8F ixUr/INAwMAOnmYB6gtmc9ffFimpnCDzt/25NND5n+hAmP1aSMZdQRUWWVb0pYmMZyaH Fs58Tp2mdHyPtJfQlyf4/1F9d3RKcFlMk2ElmBf5kNmjvhYDKZoGDXB61SOYJtEK7NvR hXRYA8FSgnRDStghhex1tM36CVhChJpIh17GI1Ghwjw3hYVGFhJfzS44gAVIoGhejUag nDBXj50xuNS9t5Dj2ZufjbQZP9mssZhwoRwtyPJ1QphLit2UYBXxrWwiUm+/bsGY6/KY ng==
Received: from prod-mail-ppoint8 (a72-247-45-34.deploy.static.akamaitechnologies.com [72.247.45.34] (may be forged)) by mx0a-00190b01.pphosted.com with ESMTP id 30s04bfay4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 May 2020 16:25:01 +0100
Received: from pps.filterd (prod-mail-ppoint8.akamai.com [127.0.0.1]) by prod-mail-ppoint8.akamai.com (8.16.0.27/8.16.0.27) with SMTP id 045FIJSi031696; Tue, 5 May 2020 11:25:00 -0400
Received: from email.msg.corp.akamai.com ([172.27.165.113]) by prod-mail-ppoint8.akamai.com with ESMTP id 30u82m1bf0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 05 May 2020 11:25:00 -0400
Received: from USTX2EX-DAG1MB3.msg.corp.akamai.com (172.27.165.121) by ustx2ex-dag1mb2.msg.corp.akamai.com (172.27.165.120) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 5 May 2020 10:25:00 -0500
Received: from USTX2EX-DAG1MB3.msg.corp.akamai.com ([172.27.165.121]) by ustx2ex-dag1mb3.msg.corp.akamai.com ([172.27.165.121]) with mapi id 15.00.1497.006; Tue, 5 May 2020 10:24:59 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>, Ryan Sleevi <ryan-ietf@sleevi.com>, Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
CC: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] WG last call for draft-ietf-acme-email-smime-06
Thread-Index: AQHV+J9B5LP+1kqFmEm3fK8isEoJ06iC8gKygBJs9YCAAF2vAIAAv2oAgAPHgID//76hAA==
Date: Tue, 05 May 2020 15:24:59 +0000
Message-ID: <56EF8B9F-8EE1-486B-A078-B65F11ACEFF1@akamai.com>
References: <3703708B-4454-4AC9-87AF-961C73B1F331@akamai.com> <CAHbrMsDco31pxyBMBSdbgh5aMnttyC1G_tDTg1tz-aAzto=5dw@mail.gmail.com> <fee01750-7afb-02a7-50ee-30453805abec@isode.com> <CAHbrMsAdXvpRt2zCUn7DLNerxhZCFe4pS0TM1qzmaCUGKVYT=A@mail.gmail.com> <e188baf1-ff9f-7897-1bcb-baa94fb8ce2d@isode.com> <CAHbrMsDsW+EwGx0qzfqXn7qntB4_LqyN7jrLdkH66STeL6D02Q@mail.gmail.com> <CAErg=HE4_YporYSOCeT3wcah0VivH+k8gvQnfxS8w-TsKM0doQ@mail.gmail.com> <33705f69-2cbd-e2b5-6749-a02ef5da5c21@isode.com>
In-Reply-To: <33705f69-2cbd-e2b5-6749-a02ef5da5c21@isode.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.36.20041300
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.39.153]
Content-Type: multipart/alternative; boundary="_000_56EF8B9F8EE1486BA078B65F11ACEFF1akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-05-05_08:2020-05-04, 2020-05-05 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2002250000 definitions=main-2005050123
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-05-05_09:2020-05-04, 2020-05-05 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 clxscore=1011 mlxlogscore=999 priorityscore=1501 mlxscore=0 adultscore=0 bulkscore=0 impostorscore=0 spamscore=0 lowpriorityscore=0 malwarescore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005050123
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/OeAtDW_uNDmPwn9km9lS5Bg2J6I>
Subject: Re: [Acme] WG last call for draft-ietf-acme-email-smime-06
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 May 2020 15:25:07 -0000

Thanks for the discussion.  I will point out that this has already moved past WGLC (I am late on the writeup and IESG submission), but in view of the pandemic messing with everyone’s schedules, and since this has not had a lot of WG commentary so far, I’d like to encourage this.  We’ll do a shorter WGLC re-review if there’s another draft.  And if we need any consensus calls (“anyone cannot live with X”) please reach out.

Hope everyone is staying safe and healthy.

From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Tuesday, May 5, 2020 at 11:19 AM
To: Ryan Sleevi <ryan-ietf@sleevi.com>, Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
Cc: "acme@ietf.org" <acme@ietf.org>, Rich Salz <rsalz@akamai.com>
Subject: Re: [Acme] WG last call for draft-ietf-acme-email-smime-06

…..removed

Let me try to elaborate on the current choice and talk about alternatives. In general there are 3 ways how an ACME email challenge be conveyed in email:

1) In the subject line. Some structure would be helpful for automated software.

2) In a new header field.

3) In the body of the message, e.g. using "---BEGIN ACME CHALLENGE---" line in text/plain or the like.



Unfortunately all of these have their downsides:

#1 is unfriendly to users and can possibly trigger antispam processing. (Not sure how much of an issue the last part is)

#2 might not be accessible from libraries that don't support retrieval of arbitrary email header fields. (I am not sure how big of a deal this is, but I've heard some claims about that.) Also, non ACME aware clients might not be able to show this header field, making them unusable for manual processing.

#3 would either require use of text/plain (for simplicity of automated processing) or it would require HTML parser with downconversion to text/plain. I think the latter choice is a rather high barrier of entry for implementations that are not fully capable email clients, which I suspect would be too hight for some ACME servers.



So I am open to suggestions about the best choice. I think using some structured subject line (choice #1) or possibly text/plain choice #3 are the best. If there is a better structure for the subject header field, I would be happy to change the document.

Best Regards,

Alexey

v2.23.0 | Report a Bug | By Email