Re: [dane] I-D Action: draft-ietf-dane-smime-03.txt

Viktor Dukhovni <viktor1dane@dukhovni.org> Sat, 08 February 2014 03:03 UTC

Return-Path: <viktor1dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65DF41ADBCC for <dane@ietfa.amsl.com>; Fri, 7 Feb 2014 19:03:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9-FGSJQivHZW for <dane@ietfa.amsl.com>; Fri, 7 Feb 2014 19:03:48 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) by ietfa.amsl.com (Postfix) with ESMTP id 09F3A1AD945 for <dane@ietf.org>; Fri, 7 Feb 2014 19:03:47 -0800 (PST)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 829CD2AB245; Sat, 8 Feb 2014 03:03:46 +0000 (UTC)
Date: Sat, 8 Feb 2014 03:03:46 +0000
From: Viktor Dukhovni <viktor1dane@dukhovni.org>
To: dane WG list <dane@ietf.org>
Message-ID: <20140208030346.GV278@mournblade.imrryr.org>
References: <41938fd202ba460285b59132c29ac826@BY2PR09MB029.namprd09.prod.outlook.com> <20140206195322.GD278@mournblade.imrryr.org> <11698F58-B554-4CC8-872F-D2A3BF08986C@kirei.se> <20140206215742.GF278@mournblade.imrryr.org> <alpine.LFD.2.10.1402071254350.21252@bofh.nohats.ca> <20140207181129.GO278@mournblade.imrryr.org> <alpine.LFD.2.10.1402072027090.28278@bofh.nohats.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.LFD.2.10.1402072027090.28278@bofh.nohats.ca>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [dane] I-D Action: draft-ietf-dane-smime-03.txt
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane WG list <dane@ietf.org>
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Feb 2014 03:03:50 -0000

On Fri, Feb 07, 2014 at 08:49:13PM -0500, Paul Wouters wrote:

> I'm sure the spammers have awesome LHS dictionaries gathered over the
> years. Your proposal does not actually add any security.

If that's the group consensus, fine.  Though it seems to me that
including the domain in the hash is essentially free, so why not?

> >Bottom line, hash the full address, not just the localpart.
> 

I just thought you'd do the simplest thing that costs nothing and
turns the attack from a single dictionary into a per-sites attack.
I did not see any downside.

> The hashing is not a security feature. Hashing the domain brings in
> other problems, such as case sensitivity that changes hashes but not
> DNS names.

Don't see how.  The domain would be canonicalized to lower case
before hashing, just as with NSEC3.

> Also, not using the domain name allows for CNAME/DNAME entries, so for
> example I can add the same record in my "libreswan.org" zone that is
> used as DNAME for libreswan.{net|com|ca|fi|nl}. Adding the domain into
> the hash would break this setup.

Indeed hashing the domain would cause a problem with DNAMEs.

-- 
	Viktor.