[Bimi] Verified Mark Certificates Proposal: A Security Perspective draft
Wei Chuang <weihaw@google.com> Mon, 11 March 2019 23:53 UTC
Return-Path: <weihaw@google.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AB601311B9 for <bimi@ietfa.amsl.com>; Mon, 11 Mar 2019 16:53:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MdZjd43ZqvTe for <bimi@ietfa.amsl.com>; Mon, 11 Mar 2019 16:53:37 -0700 (PDT)
Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45B61131229 for <bimi@ietf.org>; Mon, 11 Mar 2019 16:53:36 -0700 (PDT)
Received: by mail-vs1-xe2c.google.com with SMTP id u6so487498vso.10 for <bimi@ietf.org>; Mon, 11 Mar 2019 16:53:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=3ijgxAdgRPNEprZCrWmdFil5lVAUPAWhuekZj50VsPM=; b=X0Gn27o616g+W98mv0xlA12b6GnVmt+dWola+WB6VJwczukAf/TqyV3co5frJ4MpXN Jgpvea/1M8tkrn+t0CN6sS6ijcgdY3WC+SNzkQnTVlZJAeRacpEI653LxBdT6kZ9s81d qy4oWdIflgTqcRY6GHAL6t+PfLDFq9Z4/niggCY0AlE/2UsZL0FWI0NcglusDzSX4wHj 5eekEBDKDmEOkglRiXEbswoMruxvJyed1VVrXQc8qjPjCuOlpURu9E1V4y0kOZkSMNP6 g63e9EQpmiZeJL+ZuBEHaERm/hNPc90d1yyOq8Wgi2B3vu9Jv9tEgEtOISnoMwTjFsCz 6QDQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=3ijgxAdgRPNEprZCrWmdFil5lVAUPAWhuekZj50VsPM=; b=tih54WbHRHTctZT21KyMbEyr/sUtwC/mAiuAwWjNiSBGXgBGAR2G33XULfrHKzo6fz xX0akcGzCcZITrEQkqMRcnSKse2rRDDUTp5snQCSgs/LsSs/M10NLFgj4tEn8+q2f8cR +abaTqdaLVQn+znH5D1coaprR3eTj+x/3p+51sBScPqEJ8zIIjdhU3vVVMUIx74AuycV ajIBZlVIutCPKpjqzGncCalgIfBrl9+6XxwijRaItL5Cv3iwetEJhmgL4K0D6mnDKohM 3AElx+dDZI66EW5snZYaJbAjsuECGmxdx7bJvLtmkksCghQjfLD4NoRLWyl7XnkvOfzQ B8cw==
X-Gm-Message-State: APjAAAU9Vu7LtO7HEb+JsHYeDh7wWMhXUO0JW2xq0MXWgItohvkcxum/ Ee7MHKlzVBM9HETVp0HmqgCXeNAqxrBe6uUk85p5+89AEWiRZA==
X-Google-Smtp-Source: APXvYqz6Ai7a0kNZ1lCFPu32sJ7OLqioJ8LUKQu/OFYBs6KdcU6uiHMZ0FnWCQCN/NQnSXmqPOthCK+1GuhM/kRpxSc=
X-Received: by 2002:a67:8355:: with SMTP id f82mr17788753vsd.89.1552348414587; Mon, 11 Mar 2019 16:53:34 -0700 (PDT)
MIME-Version: 1.0
References: <155234341371.23211.18133889707810030986.idtracker@ietfa.amsl.com>
In-Reply-To: <155234341371.23211.18133889707810030986.idtracker@ietfa.amsl.com>
From: Wei Chuang <weihaw@google.com>
Date: Mon, 11 Mar 2019 16:53:20 -0700
Message-ID: <CAAFsWK1uWXPAF2ocCch88vf_sp5TfejtSx0j=dNHa6wJ7=hb8w@mail.gmail.com>
To: bimi@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000dc38510583da4789"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/WdWcxjkeike1zLviRpsVLriVTpM>
Subject: [Bimi] Verified Mark Certificates Proposal: A Security Perspective draft
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 23:53:44 -0000
Hi folks, The VMC Proposal draft <https://tools.ietf.org/html/draft-chuang-ietf-bimi-security-perspectives-00> is a companion to the BIMI overview draft <https://tools.ietf.org/html/draft-bkl-bimi-overview-00> posted by John Levine, but much more focused on the design rationale for the current BIMI/VMC certificate approach. It also is meant to provide context and pointers out to various BIMI drafts given a security sensitive perspective. Like the overview draft, this is meant to help set up the Prague BIMI BoF. We welcome your feedback. -Wei ---------- Forwarded message --------- *From: *<internet-drafts@ietf.org> *Date: *Mon, Mar 11, 2019 at 3:30 PM *Subject: *New Version Notification for draft-chuang-ietf-bimi-security-perspectives-00.txt *To: *Thede Loder <thede@skyelogicworks.com>, Weihaw Chuang < weihaw@google.com> A new version of I-D, draft-chuang-ietf-bimi-security-perspectives-00.txt has been successfully submitted by Weihaw Chuang and posted to the IETF repository. Name: draft-chuang-ietf-bimi-security-perspectives Revision: 00 Title: Verified Mark Certificates Proposal: A Security Perspective Document date: 2019-03-11 Group: Individual Submission Pages: 18 URL: https://www.ietf.org/internet-drafts/draft-chuang-ietf-bimi-security-perspectives-00.txt Status: https://datatracker.ietf.org/doc/draft-chuang-ietf-bimi-security-perspectives/ Htmlized: https://tools.ietf.org/html/draft-chuang-ietf-bimi-security-perspectives-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-chuang-ietf-bimi-security-perspectives Abstract: This document motivates the need for embedding logotypes in X.509 certificates along with the certificate validation process from a security perspective.