Re: [dane] Comments on draft-ietf-dane-smime-04

"Jim Schaad" <ietf@augustcellars.com> Fri, 14 February 2014 00:00 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F3051A0045 for <dane@ietfa.amsl.com>; Thu, 13 Feb 2014 16:00:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HdnhTEWnNqkp for <dane@ietfa.amsl.com>; Thu, 13 Feb 2014 16:00:10 -0800 (PST)
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by ietfa.amsl.com (Postfix) with ESMTP id B52D41A0015 for <dane@ietf.org>; Thu, 13 Feb 2014 16:00:10 -0800 (PST)
Received: from Philemon (c-24-17-142-118.hsd1.wa.comcast.net [24.17.142.118]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp2.pacifier.net (Postfix) with ESMTPSA id 362952CA5A; Thu, 13 Feb 2014 16:00:09 -0800 (PST)
From: "Jim Schaad" <ietf@augustcellars.com>
To: "'James Cloos'" <cloos@jhcloos.com>, <dane@ietf.org>
References: <07ba01cf23b9$4b4e0540$e1ea0fc0$@augustcellars.com> <D84E4FB1-8B9F-4C16-80F6-A307B2E0B0AD@verisign.com> <m3ob2a396e.fsf@carbon.jhcloos.org>
In-Reply-To: <m3ob2a396e.fsf@carbon.jhcloos.org>
Date: Thu, 13 Feb 2014 15:58:28 -0800
Message-ID: <031901cf2917$7e158580$7a409080$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJWZ2fdiOlqr2x3rpj6mp3NvfVHUQChrvVOAdDIm5eZkcwFIA==
Content-Language: en-us
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/b3HepsmrtEmxKQezcaPOA_m750w
Cc: draft-ietf-dane-smime@tools.ietf.org
Subject: Re: [dane] Comments on draft-ietf-dane-smime-04
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Feb 2014 00:00:12 -0000

So what email address are you going to use to do the dane lookup?  The one
embedded in the PGP key (assuming one exists), the from address?  Does this
need to be spelled out in both of the drafts (S/MIME and PGP).

Jim

> -----Original Message-----
> From: James Cloos [mailto:cloos@jhcloos.com]
> Sent: Thursday, February 13, 2014 3:05 PM
> To: dane@ietf.org
> Cc: Osterweil, Eric; Jim Schaad; <draft-ietf-dane-smime@tools.ietf.org>
> Subject: Re: [dane] Comments on draft-ietf-dane-smime-04
> 
> >>>>> "OE" == Osterweil, Eric <eosterweil@verisign.com> writes:
> 
> OE> With PGP, I can use a key with a diff email than the account from
> OE> which I send it (for ex, I can use my spam account and rely on my
> OE> full name and friends who know me to make the logical leap), do we
> OE> all want DANE to outlaw this for S/MIME?
> 
> Absolutely not.
> 
> There is no value in forcing the sending email address to match the info
in
> any signature over the message (or over any part of the message).
> 
> (With emphasis on /forcing/.)
> 
> Those details may be used as *part* of the trust equation, but only as
part.
> 
> -JimC
> --
> James Cloos <cloos@jhcloos.com>         OpenPGP: 1024D/ED7DAEA6