Re: [Acme] WG last call for draft-ietf-acme-email-smime-06
Alexey Melnikov <alexey.melnikov@isode.com> Tue, 05 May 2020 15:22 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D9A63A085E for <acme@ietfa.amsl.com>; Tue, 5 May 2020 08:22:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BakHgeoy3Zt7 for <acme@ietfa.amsl.com>; Tue, 5 May 2020 08:22:51 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id 391513A0858 for <acme@ietf.org>; Tue, 5 May 2020 08:22:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1588692168; d=isode.com; s=june2016; i=@isode.com; bh=zssR2dc6orX6UQmNRnAoxDeku7sYf5VlRFDa3jRB3s0=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=frzV4VsK9M8IGtxaliV3BxuRvSc1kDRUPZc/D5iXcIQzfJy7Zg0yCNcFzstGxRyJzs935q KIa2nFcDucekJXCeDRUxTBGbwIBqodfazhwBvmLax5LoV208fP3HAx0Cq+frdnNqOSMF/Q q9O6lCH/ShcR2yS854NrbWLAesuXpkk=;
Received: from [172.27.250.123] (connect.isode.net [172.20.0.72]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <XrGEyABqwQfD@waldorf.isode.com>; Tue, 5 May 2020 16:22:48 +0100
To: Ben Schwartz <bemasc@google.com>, Ryan Sleevi <ryan-ietf@sleevi.com>
Cc: "Salz, Rich" <rsalz@akamai.com>, "acme@ietf.org" <acme@ietf.org>
References: <3703708B-4454-4AC9-87AF-961C73B1F331@akamai.com> <CAHbrMsDco31pxyBMBSdbgh5aMnttyC1G_tDTg1tz-aAzto=5dw@mail.gmail.com> <fee01750-7afb-02a7-50ee-30453805abec@isode.com> <CAHbrMsAdXvpRt2zCUn7DLNerxhZCFe4pS0TM1qzmaCUGKVYT=A@mail.gmail.com> <e188baf1-ff9f-7897-1bcb-baa94fb8ce2d@isode.com> <CAHbrMsDsW+EwGx0qzfqXn7qntB4_LqyN7jrLdkH66STeL6D02Q@mail.gmail.com> <CAErg=HE4_YporYSOCeT3wcah0VivH+k8gvQnfxS8w-TsKM0doQ@mail.gmail.com> <CAHbrMsDVx0NRXSpjvssgWW6+4w_wD1FL0rEOyp9jDmLVSAyhWw@mail.gmail.com>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <c49de84f-95e0-88cc-cad7-8e53fb0a4f6f@isode.com>
Date: Tue, 05 May 2020 16:22:11 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
In-Reply-To: <CAHbrMsDVx0NRXSpjvssgWW6+4w_wD1FL0rEOyp9jDmLVSAyhWw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------A987692A034FD85967917533"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/sWqDXgg92tqDPMLEDzo_kNCcAL4>
Subject: Re: [Acme] WG last call for draft-ietf-acme-email-smime-06
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 May 2020 15:22:53 -0000
Hi, On 04/05/2020 18:48, Ben Schwartz wrote: > On Sun, May 3, 2020 at 1:36 AM Ryan Sleevi <ryan-ietf@sleevi.com > <mailto:ryan-ietf@sleevi.com>> wrote: > > > On Sat, May 2, 2020 at 2:11 PM Ben Schwartz > <bemasc=40google.com@dmarc.ietf.org > <mailto:40google.com@dmarc.ietf.org>> wrote: > > > On Sat, May 2, 2020 at 8:35 AM Alexey Melnikov > <alexey.melnikov@isode.com <mailto:alexey.melnikov@isode.com>> > wrote: > > Hi Ben, > > On 21/04/2020 01:12, Ben Schwartz wrote: >> >> On Wed, Apr 1, 2020 at 5:40 AM Alexey Melnikov >> <alexey.melnikov@isode.com >> <mailto:alexey.melnikov@isode.com>> wrote: >> >> Hi Ben, >> >> My apologies for missing your email in March: >> >> >> And mine for this delayed response. >> >> On 12/03/2020 20:42, Ben Schwartz wrote: >>> Section 3 says token-part1 "contains at least 64 bit >>> of entropy", but Section 3.1 says token-part1 "MUST >>> be at least 64 octet long after decoding". Is this >>> difference deliberate? >> >> No, I obviously made a typo when saying octets. I >> will fix. >> > Fixed. >> >>> Also 64 octets of entropy is a _lot_. RFC 8555 says >>> "the token is required to contain at least 128 bits >>> of entropy". >>> >>> The draft seems to be oriented entirely toward use >>> with e-mail clients that have a built-in ACME-S/MIME >>> client. I'm a bit disappointed that the draft >>> doesn't accommodate users with "naive" email clients >>> very well, e.g. by allowing customized subject lines. >> >> Actually, I was trying to accommodate naive email >> clients, but it was a fine balance trying to specify >> minimal requirements. >> >> Can you suggest some specific text to change and then >> we can discuss whether or not it should be done? My >> thinking about the Subject header field was that I >> wanted to have a unique subject (so that ACME email >> messages are easily findable). I also wanted to allow >> the token in the subject for APIs that can easily >> access Subject and not other header fields. >> >> In that case, I would suggest "... subject ending with >> "(ACME: <token-part1>)", where ...". That would allow the >> first part of the subject (most likely to be seen by a >> human) to be human-readable. > > After thinking a bit more about this: > > As ACME servers are generating ACME challenge emails, the > requirement on them is stricter (they create the first > message in an email thread). I am tempted to leave this as > is. Can you think of a case where ACME servers would be > unable to comply with this restriction? > > My concern is that users will not know what to do if they > receive an email whose subject line is "ACME: > awlkNSdpijawrfz...". Users are used to seeing emails whose > subject line is "Please verify your email address" or "Confirm > your email". (My inbox is full of them.) I see no reason to > disallow that here. > > Mandating that the subject line be non-human-readable seems > like an unnecessary barrier to adoption. > > > Are you expecting humans to be the primary interaction point? > > > Ideally, ACME-aware mail clients will handle these messages in some > beautiful, mostly-invisible way, but mail clients don't update as fast > as browsers. Even many years after most users have ACME-aware > clients, I think a sizable fraction will have non-aware clients. Right. > > It almost seems that ensuring human unfriendliness is a feature, > not a bug, towards the goal of automation. > > > That was my expectation after reading draft-06, but Alexey explained > that human-friendliness was in-scope, hence my suggestions. Obviously human-friendliness for non ACME aware email clients and ease of implementation in ACME aware email clients are in conflict. I would be happy to use some compromise if a good balance can be found. > This structure seems especially important if it has a chance to be > adopted by publicly trusted CAs. One of the big concerns with > existing validation approaches is bodies that are rich-text with > links used for approval, and for which anti-spam or scanning > engines inspect (“click”) and cause improper authorizations. > > > According to this draft, authorization requires sending a specially > formed reply email, so I think the risk of a scanning engine > accidentally authorizing is low. > > The more structure, the better, towards preventing accidental > authorizations. > Best Regards, Alexey
- [Acme] WG last call for draft-ietf-acme-email-smi… Salz, Rich
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Salz, Rich
- Re: [Acme] WG last call for draft-ietf-acme-email… Ryan Sleevi
- Re: [Acme] WG last call for draft-ietf-acme-email… A. Schulze
- Re: [Acme] WG last call for draft-ietf-acme-email… Salz, Rich
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Ryan Sleevi
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Salz, Rich