Re: [dane] I-D Action: draft-ietf-dane-smime-04.txt

lst_hoe02@kwsoft.de Thu, 09 January 2014 09:47 UTC

Return-Path: <lst_hoe02@kwsoft.de>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 651691AE1EB for <dane@ietfa.amsl.com>; Thu, 9 Jan 2014 01:47:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X1ZsKvgxCcIv for <dane@ietfa.amsl.com>; Thu, 9 Jan 2014 01:47:23 -0800 (PST)
Received: from mailer.kwsoft.de (mailer.kwsoft.de [IPv6:2a03:3500:111:4::2]) by ietfa.amsl.com (Postfix) with ESMTP id 3DD7E1AE1B2 for <dane@ietf.org>; Thu, 9 Jan 2014 01:47:22 -0800 (PST)
Received: from mailer (localhost [127.0.0.1]) by mailer.kwsoft.de (Postfix) with ESMTP id 39DE0180F9F for <dane@ietf.org>; Thu, 9 Jan 2014 10:47:11 +0100 (CET)
Received: from ftp (ftp.kwsoft.de [213.164.67.83]) by mailer.kwsoft.de (Postfix) with ESMTPS id 80CA9180F9F for <dane@ietf.org>; Thu, 9 Jan 2014 10:47:10 +0100 (CET)
Received: from hoedlepc.hq.kwsoft.de (hoedlepc.hq.kwsoft.de [10.1.53.102]) by webmail.kwsoft.de (Horde Framework) with HTTP; Thu, 09 Jan 2014 10:47:10 +0100
Date: Thu, 09 Jan 2014 10:47:10 +0100
From: lst_hoe02@kwsoft.de
To: dane@ietf.org
Message-ID: <20140109104710.Horde.OmwiW4yZLk87Iwqh2D0I2g1@webmail.kwsoft.de>
In-Reply-To: <89AE05E1-BC6C-46BA-A4CC-A8F29070096D@vpnc.org>
References: <20140108152321.10496.88212.idtracker@ietfa.amsl.com> <20140108160156.GE2317@mournblade.imrryr.org> <89AE05E1-BC6C-46BA-A4CC-A8F29070096D@vpnc.org>
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-1; boundary="----=_Part_5672_47864842.1389260831148"
User-Agent: Internet Messaging Program (IMP) H5 (6.1.6)
Subject: Re: [dane] I-D Action: draft-ietf-dane-smime-04.txt
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2014 09:47:25 -0000

Zitat von Paul Hoffman <paul.hoffman@vpnc.org>rg>:

> On Jan 8, 2014, at 8:01 AM, Viktor Dukhovni <viktor1dane@dukhovni.org> wrote:
>
>> On Wed, Jan 08, 2014 at 07:23:21AM -0800, internet-drafts@ietf.org wrote:
>>
>>> 	Filename        : draft-ietf-dane-smime-04.txt
>>
>> Given the use of base32 encoding, and explicit non-support for
>> names that encode to more than 63 bytes of base32 text, I would
>> like to suggest that trailing "=*" padding be explicitly dropped
>> from the base32 label allowing for somewhat longer inputs and less
>> redundant outputs.
>>
>> With base32, every 5 octets of input text encode to 8 octets of
>> encoded text, therefore 35 octets encode to 56 octets, but anything
>> longer encodes to 64 octets which is too long.  Thus inputs with
>> 36-39 octets cannot be represented when the "=" padding is part
>> of the encoded text.
>
> In the real world, there are few users who have LHS user names that  
> are more than 30 (or maybe even 20) characters long. What you are  
> proposing is "base32 but not really base32" and that could introduce  
> errors in libraries looking up the names.

Not followed closely on the topic but LHS part of e-mail addresses  
with more than 20 characters are common here in Germany because of the  
schema which uses <Vname>.<Nname>@domain. With the double lastname  
this will even get <Vname>.<Nname1>-<Nname2> in some cases. With names  
from other contries this could be even worse like the following  
(slightly modified) example show:

Dr.Massouf.Najani.Maryam.Nemari

Furthermore "descriptive" e-mail addresses are often used, for example  
"wirtschaftsrat-deutschland", "Redaktionsservice-Buch" and the like.

An short estimate on our input relay would be around 5% > 20  
characters and <1% with more than 30 characters. But IMHO one should  
try to avoid to limit the useable scope from the begining as far as  
possible, no?

Regards

Andreas