Re: [dane] Improving DANE S/MIME Privacy

Phil Pennock <ietf-dane-phil@spodhuis.org> Thu, 13 April 2017 03:59 UTC

Return-Path: <ietf-dane-phil@spodhuis.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CDEB126C3D for <dane@ietfa.amsl.com>; Wed, 12 Apr 2017 20:59:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1248-bit key) header.d=spodhuis.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2nS6WNpDvTiW for <dane@ietfa.amsl.com>; Wed, 12 Apr 2017 20:59:07 -0700 (PDT)
Received: from mx.spodhuis.org (smtp.spodhuis.org [IPv6:2a02:898:31:0:48:4558:736d:7470]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 288E3124D37 for <dane@ietf.org>; Wed, 12 Apr 2017 20:59:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=spodhuis.org; s=d201702; h=In-Reply-To:Content-Type:MIME-Version:References :Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding :Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=HvUHINjvvhanOIfosgNvhI15Yx1Yio9SGeWQOyU9TMo=; b=oQ4QjDFiKR9C5s9jxD33qHm1MS cd/sYu+hv/VkgrrESFT7q2ljbSCPSujLJFEJRjnF0x6CB1EapVA6o1RK5uTxCjdM8S6j3oQD+Z+vd yV18BXuaNZUyiY5+ztxzMom225L4AjH/0hTTuQvieW/AhTjpaShJNvy/2/oRh2Csr1DRJV+MwBiAl puZtuD7LCjRMd4qQ1RjlLWdcRn49;
Received: from authenticated user by smtp.spodhuis.org with esmtpa id 1cyVuS-0006qR-4S; Thu, 13 Apr 2017 03:59:04 +0000
Date: Thu, 13 Apr 2017 03:59:03 +0000
From: Phil Pennock <ietf-dane-phil@spodhuis.org>
To: IETF DANE Mailinglist <dane@ietf.org>
Message-ID: <20170413035903.GA9079@tower.spodhuis.org>
Mail-Followup-To: IETF DANE Mailinglist <dane@ietf.org>, ietf-dane@dukhovni.org
References: <f7332bd5-f003-c828-8f4a-0d543099c872@domblogger.net> <4BE233BA-D524-4D05-87C5-E898DD646E7C@dukhovni.org> <7AF2817A-1564-44C5-A049-4F210737760F@dukhovni.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <7AF2817A-1564-44C5-A049-4F210737760F@dukhovni.org>
OpenPGP: url=https://www.security.spodhuis.org/PGP/keys/0x4D1E900E14C1CC04.asc
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/BOfOUBjSp27jByN6LJXjwrJ6sJM>
Subject: Re: [dane] Improving DANE S/MIME Privacy
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Apr 2017 03:59:08 -0000

On 2017-04-11 at 14:39 -0400, Viktor Dukhovni wrote:
> > On Apr 11, 2017, at 1:38 PM, Viktor Dukhovni <ietf-dane@dukhovni.org>; wrote:
> > 
> > If the design were up to me, I'd not have published per-user keys.
> > Instead a site-wide trust-anchor record scales better to large user
> > communities, and mostly addresses your concerns.
> 
> I should note that one can of course implement one's SMIMEA deployment
> in exactly this way, something along the lines of:
> 
>    *._smimecert.example.net. IN SMIMEA 2 1 1 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
> 
> would associate the same TA public key digest with every user, and would
> not enable user enumeration.

FWIW, I did something similar to this.  Of course, there's a chicken/egg
problem in _getting_ the CA cert for private CAs, unless you put the
whole cert into DNS.  And wildcards for something that large would be
cache-unpleasant, but I did the same thing I do for TLSA records: define
one SMIMEA record and CNAME to it elsewhere.  Much more cache friendly.

I never thought I'd see the day that I willingly chose to deploy a
wildcard CNAME.   :^D

$ORIGIN spodhuis.org.
*._smimecert            CNAME   _globnix-smimea
_globnix-smimea         SMIMEA  (       ; GlobnixCA5 PKIX-less trust anchor
        02 00 00
; SKIP: binary blob for an ECDSA CA
        ; SMIMEA DANE-TA CERT FULL
        )

I can't attest that this _works_.  As far as I know, it's entirely
draft-spec compliant.

If anyone has tooling which actually _uses_ SMIMEA, I'm happy to send
you a test mail, or be given pointers to how to try it out.  So far, I
have an SMIME setup to theoretically let others verify mail I send, and
that's it.

-Phil