Re: [dane] Feature creep for draft-ietf-dane-smime

Viktor Dukhovni <viktor1dane@dukhovni.org> Thu, 13 February 2014 18:24 UTC

Return-Path: <viktor1dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B80C1A03AB for <dane@ietfa.amsl.com>; Thu, 13 Feb 2014 10:24:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fIAf7PPbROxx for <dane@ietfa.amsl.com>; Thu, 13 Feb 2014 10:24:55 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) by ietfa.amsl.com (Postfix) with ESMTP id 0762B1A03A7 for <dane@ietf.org>; Thu, 13 Feb 2014 10:24:54 -0800 (PST)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 7445D2AB22D; Thu, 13 Feb 2014 18:24:53 +0000 (UTC)
Date: Thu, 13 Feb 2014 18:24:53 +0000
From: Viktor Dukhovni <viktor1dane@dukhovni.org>
To: "<dane@ietf.org>" <dane@ietf.org>
Message-ID: <20140213182453.GP278@mournblade.imrryr.org>
References: <11698F58-B554-4CC8-872F-D2A3BF08986C@kirei.se> <20140206215742.GF278@mournblade.imrryr.org> <07a801cf23a1$a5b62c00$f1228400$@augustcellars.com> <E52467C0-3B6A-45D6-AFAB-6A103E587350@vpnc.org> <20140207020201.GJ278@mournblade.imrryr.org> <alpine.LFD.2.10.1402071258500.21252@bofh.nohats.ca> <20140207184155.GQ278@mournblade.imrryr.org> <66FEEA7D-D815-4536-A141-189F2CB705B9@vpnc.org> <20140207194933.GS278@mournblade.imrryr.org> <0DCAEFBA-E9A6-4CC8-9D9D-DB03F309C0BC@verisign.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <0DCAEFBA-E9A6-4CC8-9D9D-DB03F309C0BC@verisign.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/WANGS1IX6s77ZpsyXSAIMxfCQPc
Subject: Re: [dane] Feature creep for draft-ietf-dane-smime
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Feb 2014 18:24:57 -0000

On Thu, Feb 13, 2014 at 06:19:15PM +0000, Osterweil, Eric wrote:

> > Either way of computing the hash of the full address, rather than
> > just the local part adds no complexity, and makes off-line attacks
> > more difficult (per site dictionaries, rather than global dictionaries).
> > This is a free win.  There's simply no reason not to.
> 
> I have to say that I agree with Paul here.  I think the epsilon
> increase in security is nice, but not at the cost of the additional
> operational complexity.  However, the hashing-only approach has
> the nice side effect of fixing the label length.  That _does_ seem
> to solve a problem w/o some of the additional complexity.  My vote
> would be hashing-only approach over Base32 and HMAC.

In an off-list IM discussion, Paul H. and I reached consensus on
local-part only hashing.  His argument is based on the introduction
of root zone DNAME RRs that create equivalence between large subtrees
of the DNS namespace.  Users will likely expect these to result in
equivalence of email addresses, ... so having SMIMEA lookup labels
that work relative to multiple equivalent domain FQDNs is then a
requirement.

So I withdraw the suggestion to salt the lookup key with the domain.

-- 
	Viktor.