IETF Logo Mail Archive

Re: Additional reviews of draft-daboo-srv-email-02.txt needed

Alessandro Vesely <vesely@tana.it> Tue, 25 August 2009 11:16 UTC

Return-Path: <vesely@tana.it>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E86F3A6BC3 for <apps-discuss@core3.amsl.com>; Tue, 25 Aug 2009 04:16:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.9
X-Spam-Level:
X-Spam-Status: No, score=-2.9 tagged_above=-999 required=5 tests=[AWL=-0.482, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, MANGLED_EMAIL=2.3, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ItIMl9m4VumJ for <apps-discuss@core3.amsl.com>; Tue, 25 Aug 2009 04:16:24 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id 42BE53A686D for <apps-discuss@ietf.org>; Tue, 25 Aug 2009 04:16:24 -0700 (PDT)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 ale@tana.it, TLS: TLS1.0, 256bits, RSA_AES_256_CBC_SHA1) by wmail.tana.it with esmtp; Tue, 25 Aug 2009 13:16:06 +0200 id 00000000005DC02F.000000004A93C7F6.000061E2
Message-ID: <4A93C7F5.5020108@tana.it>
Date: Tue, 25 Aug 2009 13:16:05 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
MIME-Version: 1.0
To: Alexey Melnikov <alexey.melnikov@isode.com>
Subject: Re: Additional reviews of draft-daboo-srv-email-02.txt needed
References: <4A8D28AA.4060906@isode.com> <4A8E30A8.9050307@tana.it> <4A8E99B2.1060002@isode.com> <20090824180434.GA16812@isc.upenn.edu> <80915C5A84C4DABC6AC2B749@caldav.corp.apple.com> <4A92FADB.1030406@isode.com>
In-Reply-To: <4A92FADB.1030406@isode.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: apps-discuss@ietf.org
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2009 11:16:25 -0000

Alexey Melnikov wrote:
> Cyrus Daboo wrote:
>>> I'm not sure we have a good practical solution to this problem. 
>>> today. RFC 4985 (SRVName SAN) could be used in theory to compartmentalize 
>>> certificates to specific services at a domain name. But I'm not 
>>> sure any commercial CAs today will issue certs with such extensions.
>>
>> Right. This was why I suggested using the SRV query string in the 
>> subjectAltName, i.e. '_imap._tcp.example.com'. That way a client that 
>> gets to that cert via an SRV lookup can verify that it is valid, 
>> whilst other clients will effectively ignore that, and the cert can't 
>> "impersonate" another service.
>
> If you are going to do that, you need to update IMAP and POP3 specs 
> properly, i.e. to define TLS server identity verification procedure for 
> these protocols that requires that clients check srvName.

Will the spec be flexible about that? I mean, checking them only if 
they are present?

To recap, say mail.example.com hosts mail services for example.org and 
example.net. Assume its certificate may have SAN fields for any of the 
following:

* otherName dNSName mail.example.com
* iPAddress 192.0.2.3
* otherName srvName _imap.example.org
* otherName srvName _imap.example.net
* rfc822Name postmaster@example.org
* rfc822Name postmaster@example.net

The question is whether a suitable tradeoff among interoperability, 
compartmentalization, and other security issues may be obtained by 
tailoring those SAN fields, even without Server Name Indication. To 
complete the example, also assume the following RRs are set, and 
obtainable by regular DNS over UDP queries.

mail.example.com IN A 192.0.2.3
mail.example.net IN A 192.0.2.3
3.2.0.192.in-addr.arpa IN CNAME 3.0-24.2.0.192.in-addr.arpa
0-24.2.0.192.in-addr.arpa IN NS ns.example.com
3.0-24.2.0.192.in-addr.arpa IN PTR mail.example.com
3.0-24.2.0.192.in-addr.arpa IN PTR mail.example.net

_imap._tcp.example.org IN SRV 0 0 143 mail.example.com
_imap._tcp.example.net IN SRV 0 0 143 mail.example.net

example.com IN MX 0 mail.example.com
example.org IN MX 0 mail.example.com
example.net IN MX 0 mail.example.com

Note that example.org is served by an host in a different domain zone. 
However, as far as DNS queries can be trusted, the client can check 
that example.com is compatible with example.org (because they share a 
primary MX.) If postmaster@example.org is included in the certificate, 
the client may trust that the signing CA had verified who got mail for 
it, and consider that as corroborating the value of the SRV RR. Am I 
missing something?

IMHO, any MUST/MUST NOT in the spec should only prevent cases where 
phishing can actually be operated, so as not to standardize ill 
defined practices. I would suggest that the spec exemplifies, in an 
appendix, various cases of DNS and certificate settings, telling in 
what cases the client should trust the info, ask confirmation, or 
strongly discourage the user. The spec may also suggest that (in some 
cases) challenge/response authentication takes place even if the 
channel is crypted, to avoid phishing.

v2.23.0 | Report a Bug | By Email