IETF Logo Mail Archive

Re: [dane] Question regarding RFC 8162

Viktor Dukhovni <ietf-dane@dukhovni.org> Fri, 09 September 2022 14:13 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2743C152586 for <dane@ietfa.amsl.com>; Fri, 9 Sep 2022 07:13:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0y-Mg-A7l474 for <dane@ietfa.amsl.com>; Fri, 9 Sep 2022 07:13:03 -0700 (PDT)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89C69C152581 for <dane@ietf.org>; Fri, 9 Sep 2022 07:13:03 -0700 (PDT)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id E049510A2E3; Fri, 9 Sep 2022 10:13:01 -0400 (EDT)
Date: Fri, 09 Sep 2022 10:13:01 -0400
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <YxtJ7Tq+qeahQY+M@straasha.imrryr.org>
Reply-To: dane@ietf.org
References: <7B212BFE-F674-46AA-86E8-FEF77D909536@savignano.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <7B212BFE-F674-46AA-86E8-FEF77D909536@savignano.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/WBa5lC9WIZSp2t08DDbq8rzUd4I>
Subject: Re: [dane] Question regarding RFC 8162
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2022 14:13:05 -0000

On Fri, Sep 09, 2022 at 03:41:39PM +0200, Metin Savignano wrote:

> We’re a team working on an email encryption app. I am always a looking
> for better ways to simplify the use of S/MIME, because I believe that
> the current PKI is the main reason for people not to use S/MIME. 

I believe this misses much deeper reasons why S/MIME and PGP are not
in common use:

    * Even with key distribution solved, once S/MIME or PGP email
      is delivered, it is basically unusable with today's email
      client software and storage architecture.

      - Encrypted messages are not indexed and cannot be
        effectively searched.

      - Encrypted messages are not re-encrypted for long-term
        storage under managed storage keys, independent of the
        "short-term" recipient keys.

      - Signature verification at time of receipt is not securely
        recorded along with the message.  Messages look invalid
        when signer keys later expire.

      - If E2E key discovery becomes broadly available, spam and
        malware defence at the gateway becomes problematic.

      - Which probably means that E2E encrypted email can't be as
        permissionless (and therefore as ubiquitous) as mainstream
        email (ideally with hop-by-hop encrypted transport).  The
        architecture for managing permitted senders of E2E-encrypted
        email is not in place, and in any case limits its use-cases.

Poor *usability* of already delivered E2E-encrypted email is a much more
important barrier than lack of key discovery, which IMHO is mostly for
lack of demand, than lack of potential ways to scalably distribute keys.

> Let me explain what I’m trying to achieve:
> 
> There are numerous companies (including my own little team) that
> establish there own CA. I’m looking for a way to publish to the root
> certificate of such a CA in a way that it can automatically be
> retrieved and trusted by a remote mail client. It seemed like this
> could be with DANE using the SMIMEA record. I would expect that I can
> publish an SMIMEA record with certificate usage 0 (PKIX-TA) that would
> be retrieved and used to validate the PKIX path. 

If you're looking for S/MIME restricted to just *signing*, this could
work, but S/MIME supports encryption as a primary use-case, and for that
per-recipient public keys need to be available, not just the issuing
CA's.

-- 
    Viktor.

v2.23.0 | Report a Bug | By Email