Re: [Acme] I-D Action: draft-ietf-acme-email-smime-06.txt
Alexey Melnikov <alexey.melnikov@isode.com> Sun, 03 November 2019 13:17 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E25F11200A4 for <acme@ietfa.amsl.com>; Sun, 3 Nov 2019 05:17:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pUXQLvm2v16P for <acme@ietfa.amsl.com>; Sun, 3 Nov 2019 05:17:54 -0800 (PST)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id 1523D120089 for <acme@ietf.org>; Sun, 3 Nov 2019 05:17:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1572787073; d=isode.com; s=june2016; i=@isode.com; bh=aYkfInNRY4FY8N+WzR7cjTO8ptlX7wWdAZK2lsNaeS0=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=DelBKpsX/uATh5sDAuC8Jsf7dFqEL6OjyI3DnPN/ayWduWcNsadMD/eB8jMPGfrFFLvjak WzDzELPNoa0d5IpOyQqv2K87BTuKXZt5YHVJmFwSk4RRT0Xs/Phv729EsVZ7Y38wQF1k+l hfy3X+nlau9A+1rZlmsHUd53KmhlCcY=;
Received: from [192.168.0.7] (cpc121086-nmal24-2-0-cust54.19-2.cable.virginm.net [77.97.145.55]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <Xb7TgABbd7uR@waldorf.isode.com>; Sun, 3 Nov 2019 13:17:53 +0000
To: "A. Schulze" <sca@andreasschulze.de>, acme@ietf.org
References: <157263269426.31940.7170436071805504773@ietfa.amsl.com> <58702a20-3ab5-de9e-56ae-1c8eb17042eb@andreasschulze.de>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <8b24676a-c54e-c151-d1a7-58a4cb0ae263@isode.com>
Date: Sun, 03 Nov 2019 13:17:57 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.2.0
In-Reply-To: <58702a20-3ab5-de9e-56ae-1c8eb17042eb@andreasschulze.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/V5I7jcWtMS2x0RE1bcmmeZqPnpg>
Subject: Re: [Acme] I-D Action: draft-ietf-acme-email-smime-06.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Nov 2019 13:17:56 -0000
Hi Andreas, On 03/11/2019 11:02, A. Schulze wrote: > Am 01.11.19 um 19:24 schrieb internet-drafts@ietf.org: >> Title : Extensions to Automatic Certificate Management Environment for end user S/MIME certificates >> Author : Alexey Melnikov >> Filename : draft-ietf-acme-email-smime-06.txt >> Pages : 10 >> Date : 2019-11-01 > Hello, > > I'v noticed this version enhance the number of header fields MUST be covered by DKIM. > But some of us may be are aware of "Breaking DKIM - on Purpose and by Chance" [1] published in 2017. > > To mitigate such attacks it would be helpful to REQUIRE header fields also can't be added. > see https://tools.ietf.org/html/rfc6376#section-3.5, definition of h= and > INFORMATIVE EXPLANATION + NOTE I should have said that I've noticed your simial comment an an earlier email and it is still pending. If you can suggest some specific text, that would be really great and would speed up addressing this issue. Best Regards, Alexey > Andreas > > [1] https://noxxi.de/research/breaking-dkim-on-purpose-and-by-chance.html > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme
- [Acme] I-D Action: draft-ietf-acme-email-smime-06… internet-drafts
- Re: [Acme] I-D Action: draft-ietf-acme-email-smim… A. Schulze
- Re: [Acme] I-D Action: draft-ietf-acme-email-smim… Alexey Melnikov