IETF Logo Mail Archive

Re: [dane] Second WGLC draft-ietf-dane-smime

"Garfinkel, Simson L. (Fed)" <simson.garfinkel@nist.gov> Mon, 21 November 2016 15:07 UTC

Return-Path: <simson.garfinkel@nist.gov>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F141129AA7 for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 07:07:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RzNmB7nWy1YX for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 07:07:13 -0800 (PST)
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (mail-cy1gcc01on0137.outbound.protection.outlook.com [23.103.200.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 028C01296CB for <dane@ietf.org>; Mon, 21 Nov 2016 07:07:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QuBazoSTf1mOKau/aeSQCnXI9bhCIaanKVw/z3FL9eo=; b=TR7AN2ND8+ogvyweiCmRwpxmx8KaC9WtfTMz2j/5qce6WXq2jzg+Kkepk5E4NKE6g6eQbLDUBMivMbfUw+HV4EmMtBaOQKHsAyhY31U/3CG61naZ9YjkesLs7EnLYoPQPx1n35inYGf/mvwG71f4Vyr23ORVCOO5ri2OnHGFjqs=
Received: from DM2PR09MB0576.namprd09.prod.outlook.com (10.161.252.22) by DM2PR09MB0576.namprd09.prod.outlook.com (10.161.252.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.734.8; Mon, 21 Nov 2016 15:07:11 +0000
Received: from DM2PR09MB0576.namprd09.prod.outlook.com ([10.161.252.22]) by DM2PR09MB0576.namprd09.prod.outlook.com ([10.161.252.22]) with mapi id 15.01.0734.007; Mon, 21 Nov 2016 15:07:11 +0000
From: "Garfinkel, Simson L. (Fed)" <simson.garfinkel@nist.gov>
To: John Levine <johnl@taugh.com>
Thread-Topic: [dane] Second WGLC draft-ietf-dane-smime
Thread-Index: AQHSPjq1S3DkWlbj20OswExOk6brCqDc6uoAgAD/Q4CABSV2AIAAfG6AgAAGyoCAAAKMAA==
Date: Mon, 21 Nov 2016 15:07:11 +0000
Message-ID: <C10FEAC0-E6F7-4216-A0FA-DE4893773D89@nist.gov>
References: <20161121145803.79462.qmail@ary.lan>
In-Reply-To: <20161121145803.79462.qmail@ary.lan>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3124)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=simson.garfinkel@nist.gov;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [129.6.84.113]
x-microsoft-exchange-diagnostics: 1; DM2PR09MB0576; 7:RZiymGdNm6D91je6NRkuGjBxb7cijpi60hCDBsc3InTXnP0V3ms/L86aMbyXaOXaugyBhJH9Gh+cJjXhiLvA61WM7nJoQ6q55uFsrSHlWU4tKA2oNR9jTQSHk/hOfiYiyGrIptoRObEHcqPibYdeqglwLU986cMe9RD/cE5BqQ42RrEIr0jOHw/xwnleNbn1jxTxZnZJdPAYunYO0T2W2axQGsRxuH80+kOaRnEBeJRxiKyq647g4TxPAWACvVHHZYTjH7nUxHMgoE8vSOB2QBbX0pyfS0S5ufzd1dxGGTAUvDcvgUKW3ZBZ/8IbhBU/Q6i1wvOUPW+bkykLG38HQTTIsTVg94JJGNyUyf2Fs6w=
x-ms-office365-filtering-correlation-id: f9b161c0-de69-4f27-6ce9-08d4122011e8
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:DM2PR09MB0576;
x-microsoft-antispam-prvs: <DM2PR09MB0576E5F4C7AFCD9085E44FD6F6B50@DM2PR09MB0576.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040307)(6060326)(6045199)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6061324)(6041248)(6072148)(6042181); SRVR:DM2PR09MB0576; BCL:0; PCL:0; RULEID:; SRVR:DM2PR09MB0576;
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(189002)(377454003)(199003)(24454002)(51444003)(102836003)(6916009)(68736007)(2950100002)(82746002)(189998001)(4326007)(6512003)(97736004)(5660300001)(87936001)(6506003)(83716003)(8936002)(86362001)(122556002)(36756003)(38730400001)(110136003)(57306001)(50226002)(3846002)(229853002)(2906002)(50986999)(8676002)(2900100001)(6116002)(3660700001)(76176999)(77096005)(33656002)(66066001)(81166006)(7846002)(81156014)(305945005)(7736002)(92566002)(3280700002)(105586002)(101416001)(106356001)(230783001)(106116001)(99286002)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR09MB0576; H:DM2PR09MB0576.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <3C2B817D3A4D4545A46F2334C8C8EC0A@namprd09.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2016 15:07:11.3439 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR09MB0576
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/1CKFV8ip3UagF21bY0a81QyEm44>
Cc: "dane@ietf.org" <dane@ietf.org>
Subject: Re: [dane] Second WGLC draft-ietf-dane-smime
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2016 15:07:19 -0000

Hi John.

I didn’t mean to misrepresent what you said. I was simply trying to simplify the argument.  I’m sorry if I got it wrong. How would you rephrase it?

Both the DOD and the USG Civilian CA hierarchies work pretty well. Apple’s works exceptionally well, but for reasons that aren’t clear to me, they don’t make it easy for non-Apple users to obtain Apple end-user certificates. I think that DANE, and in particular SMIMEA, promises to be a much better mechanism for distributing these certificates than LDAP has proven to be.

I am in agreement with you that the document assumes that domains are the authorities of the identities of their users. I concur that the document should explicitly state this. Email addresses have become an identifier that is in many ways superior to other identifiers, such as SSNs and Driver License #s, because they can be proved by an individual’s ability to receive email at a specific address. For the same reason, mobile telephone numbers are also quickly becoming persistent identifiers.  Email addresses have an advantage over mobile telephone numbers in that there are more of them and they are easily changed as necessary.

Would you support advancing the draft it is explicitly stated this assumption?

Simson


> On Nov 21, 2016, at 9:58 AM, John Levine <johnl@taugh.com> wrote:
> 
> Hi, Simson.
> 
>> To summarize the answer I received, there was concern that some email users might be using a legacy email account, not trust
>> their mail provider, and want the assurance of a end-to-end encryption that is asserted by a trustworthy CA.
> 
> That's not really what I said.  If you're going to quote me, please quote me.
> 
> 
>> I’ve thought about this response over the weekend and do not find it credible. This answer presupposes a CA system that is
>> not the one that we have. Most CA S/MIME providers authenticate users based on their ability to receive email at a given
>> address.  So a hostile email provider intent on intercepting encrypted email could easily spoof even a trusted CA provider
>> into issuing a bogus certificate.
> 
> I certainly wouldn't disagree that the current public CA system is
> screwed up.  On the other hand, there are non-public or semi-public
> CAs that seem to work OK, like the DOD's.  This is throwing out the
> baby with the bathwater.
> 
> But in any event, to return to my original objection, it seems quite
> clear that the assumption in this document is that domains are
> authorities for the identities of their users.  It should say that in
> so many words rather than dancing around it.  
> 
> R's,
> John

v2.23.0 | Report a Bug | By Email