Re: [dane] Start of WGLC for draft-ietf-dane-openpgpkey - *please* review.
Viktor Dukhovni <ietf-dane@dukhovni.org> Sat, 21 February 2015 02:23 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A72BF1A19E3 for <dane@ietfa.amsl.com>; Fri, 20 Feb 2015 18:23:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HB5X8Je6jI5l for <dane@ietfa.amsl.com>; Fri, 20 Feb 2015 18:23:32 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CF0A1A005D for <dane@ietf.org>; Fri, 20 Feb 2015 18:23:32 -0800 (PST)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 023FE282D5F; Sat, 21 Feb 2015 02:23:31 +0000 (UTC)
Date: Sat, 21 Feb 2015 02:23:30 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20150221022330.GN1260@mournblade.imrryr.org>
References: <CAHw9_iJPuG23Aok7V_wcAMirua_DPDLHy01tnd+DaUqEeK3NZA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAHw9_iJPuG23Aok7V_wcAMirua_DPDLHy01tnd+DaUqEeK3NZA@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/62OF3IDunCZcSeCAb5MXXD1LeRE>
Subject: Re: [dane] Start of WGLC for draft-ietf-dane-openpgpkey - *please* review.
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Feb 2015 02:23:34 -0000
On Fri, Feb 20, 2015 at 03:30:05PM -0500, Warren Kumari wrote: > Please review this draft to see if you think it is ready for > publication and send comments to the list, clearly stating your view. Comments: * The below does not mention the hex encoding of the digest. Compare with SMIMEA: OPENPGPKEY: 3. Location of the OpenPGPKEY record Email addresses are mapped into DNS using the following method: 1. The user name (the "left-hand side" of the email address, called the "local-part" in the mail message format definition [RFC2822] and the "local part" in the specification for internationalized email [RFC6530]), is hashed using the SHA2-224 [RFC5754] algorithm to become the left-most label in the prepared domain name. This does not include the at symbol ("@") that separates the left and right sides of the email address. SMIMEA: The user name (the "left-hand side" of the email address, called the "local-part" in the mail message format definition [RFC2822] and the "local part" in the specification for internationalized email [RFC6530]), is hashed using the SHA2-224 [RFC5754] algorithm (with the hash being represented in its hexadecimal representation, to become the left-most label in the prepared domain name. This does not include the "@" character that separates the left and right sides of the email address. The string that is used for the local part is a Unicode string encoded in UTF-8. * Grammar nit replace "its" with "their" or rephrase: 5.1. Email address information leak Email addresses are not secret. Using them causes its publication. * Forward security vouching for long-term keys There's a typo in the first word of the highlighted paragraph: 5.2. Forward security of OpenPGP versus DNSSEC [...] Therefor, an OpenPGP key obtained via an OPENPGPKEY record can only be trusted as much as the DNS domain can be trusted, and are no substitute for in-person key verification of the "Web of Trust". See [OPENPGPKEY-USAGE] for more in-depth information on safe usage of OPENPGPKEY based OpenPGP keys. An complementary approach is to not use the retrieved OpenPGP key beyond the signature lifetime of the OPENPGPKEY RRset RRSIG record. Keys obtained from DNS should be refreshed as often as is practical (ideally before encrypting each message) and never used beyond the RRSIG lifetime. Were the RRSIG in question signed by an attacker, only messages signed before the key is refreshed are compromised. Of course this requires that PGP user agent software track the provenance and cache lifetime of keys obtained via DNS. * Encoding tools: Appendix A. Generating OPENPGPKEY records gpg --export --export-options export-minimal \ hugh@example.com | base64 the "openssl base64" command is an alternative on many other platforms. Later the examples don't yet use the newly allocated TYPE61: These values can then be used to generate a generic record (line break has been added for formatting): <SHA2-224(hugh)>._openpgpkey.example.com. IN TYPE65280 \# \ <numOctets> <keydata in hex> ... ~> openpgpkey --output generic hugh@example.com 8d[...]b7._openpgpkey.example.com. IN TYPE65280 \# 2313 99008d03[...] the type should of course now be TYPE61. May as well give a recipe for generating "SHA2-224(hugh)": printf "%s" hugh | openssl dgst -sha224 -binary | hexdump -ve '/1 "%.2x"' -e '/28 "\n"' -- Viktor.
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Alexey Melnikov
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… John Levine
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Petr Spacek
- [dane] Start of WGLC for draft-ietf-dane-openpgpk… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… James Cloos
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Jim Schaad
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Jim Schaad
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Jim Schaad
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Jim Schaad
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Rose, Scott W.
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Viktor Dukhovni
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Brian Dickson
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Coyo
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Petr Spacek
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Petr Spacek
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Hoffman
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Hoffman
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Lyndon Nerenberg
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Jon Callas
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Warren Kumari
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Hoffman
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Alexey Melnikov
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters
- Re: [dane] Start of WGLC for draft-ietf-dane-open… James Cloos
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Rose, Scott W.
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Pieter Lexis
- Re: [dane] Start of WGLC for draft-ietf-dane-open… Paul Wouters