Re: [dane] draft-ietf-dane-smime-11.txt

Jim Schaad <ietf@augustcellars.com> Fri, 08 July 2016 19:40 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8EE512D0AF for <dane@ietfa.amsl.com>; Fri, 8 Jul 2016 12:40:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.326
X-Spam-Level:
X-Spam-Status: No, score=-3.326 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PZKb3pUqr2WI for <dane@ietfa.amsl.com>; Fri, 8 Jul 2016 12:40:54 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5438B12D0D3 for <dane@ietf.org>; Fri, 8 Jul 2016 12:40:54 -0700 (PDT)
Received: from hebrews (24.21.96.37) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Fri, 8 Jul 2016 12:47:10 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Paul Hoffman' <paul.hoffman@vpnc.org>, dane@ietf.org
References: <F0A8D915-CE88-4A8B-BA66-D8163158A90C@vpnc.org>
In-Reply-To: <F0A8D915-CE88-4A8B-BA66-D8163158A90C@vpnc.org>
Date: Fri, 08 Jul 2016 12:40:46 -0700
Message-ID: <01af01d1d950$a0dfaf00$e29f0d00$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQHAhUnkNwYMBtpcgBoOdfpHdO5pwaAxk36g
Content-Language: en-us
X-Originating-IP: [24.21.96.37]
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/YUJH_zuSxR20ve2JMwh-HOkaFzw>
Subject: Re: [dane] draft-ietf-dane-smime-11.txt
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2016 19:40:57 -0000

Since I have never been in the camp of believing that the email matching
problem has been solved, I have not really looked very hard at these drafts.
However, in the process of getting updates to S/MIME ready I got an item
pinged into my mind that they probably need to address.  How are the
capabilities of an S/MIME client for encryption to be obtained as part of
this query?  Today getting a signed message will provide those capabilities,
it is possible to put them into a certificate (RFC 4262) but this has
problems when they change (you need to get a new certificate) and LDAP has
the userSMIMECertificate field which contains both the certificates and the
capabilities.  

Since knowing what content encryption algorithm is supported can be
considered critical, this should be covered in the draft.

Jim


> -----Original Message-----
> From: dane [mailto:dane-bounces@ietf.org] On Behalf Of Paul Hoffman
> Sent: Friday, July 08, 2016 8:36 AM
> To: dane@ietf.org
> Subject: [dane] draft-ietf-dane-smime-11.txt
> 
> Greetings. Jakob and I have made a large number of changes to
draft-ietf-dane-
> smime to incorporate the related WG changes that were made to draft-ietf-
> dane-openpgpkey during its last calls. We think
> draft-ietf-dane-smime-11 is ready for WG Last Call and progression.
> 
> --Jakob Schlyter and Paul Hoffman
> 
> _______________________________________________
> dane mailing list
> dane@ietf.org
> https://www.ietf.org/mailman/listinfo/dane