[dane] Comments on draft-ietf-dane-smime-04

"Jim Schaad" <ietf@augustcellars.com> Fri, 07 February 2014 04:03 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9ABB71A034B for <dane@ietfa.amsl.com>; Thu, 6 Feb 2014 20:03:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id llirba1B1K7V for <dane@ietfa.amsl.com>; Thu, 6 Feb 2014 20:03:16 -0800 (PST)
Received: from smtp1.pacifier.net (smtp1.pacifier.net [64.255.237.171]) by ietfa.amsl.com (Postfix) with ESMTP id AA4271A0346 for <dane@ietf.org>; Thu, 6 Feb 2014 20:03:15 -0800 (PST)
Received: from Philemon (50-39-223-207.bvtn.or.frontiernet.net [50.39.223.207]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp1.pacifier.net (Postfix) with ESMTPSA id 754382CA51; Thu, 6 Feb 2014 20:03:14 -0800 (PST)
From: "Jim Schaad" <ietf@augustcellars.com>
To: <draft-ietf-dane-smime@tools.ietf.org>
Date: Thu, 6 Feb 2014 20:01:34 -0800
Message-ID: <07ba01cf23b9$4b4e0540$e1ea0fc0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: Ac8jpUDvnDpFqfeXTuqw0g8WYmGXPw==
Content-Language: en-us
Cc: dane@ietf.org
Subject: [dane] Comments on draft-ietf-dane-smime-04
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 04:03:18 -0000

1.  Section 1, para 1: The first two sentences imply that a single
certificate is going to be present in a message.  While this is true in a
large number of cases, there are many times in which more than one
certificate may be present.  These include having different signing an
encrypting keys or intermediate certificates for chain building.  I would
request that the first two sentences be modified to make certificate be
plural.  s/a certificate. This certificate assists/certificates.  These
certificates assist/

2. Section 1, para 1: The last sentence is missing a step in the description
of the process of validating that  certificate is bound to a purported
sender.  The current text just looks at the validation process and does not
talk about what is necessary to check the binding itself.  In most cases,
but not all, this involves looking for the senders email address in the
certificate itself.  (In other cases some type of external database would be
required or one could say that the sender and the signer may not be the same
person even though the signature itself validates.)

One thing about this document that I don't remember having seen on the list
is the question of doing the binding check between the senders address and
the contents of a certificate.  Is it going to be considered sufficient if
one does the DNS look up for the certificates?  Is it only a sufficient
check for some types of SMIMEA records but not for others?  I.e. EE
certificate vs CA or TA certificate.

The document needs to distinguish between the steps of validating and
trusting a certificate and doing the binding between an email address and  a
certificate.  While it is possible to both in some cases, in others these
need to be distinct steps.

3.  Section 2, para 1:  First sentence - see the last item.  It may be not
an EE certificate that is being associated.

4.  Section 3, step 1:  It would be nice to be explicit that you are doing a
UTF8 Unicode string to octet string transformation before doing the Base32
conversion.  The referenced document says that this is the case for SMTP
submission in one mode, but it is not clear that the SMTP submission format
is what we are doing here.  Being explicit would be helpful.

There are two general problems that people are looking to solve with this
document.

A) I have an email address and a certificate, I want to validate the
certificate and check the association between the certificate and the email
address.

B) I have an email address, I need to find a certificate.

At present I believe that this document is addressing problem A and not
problem B.  It would be good to state that problem B is out of scope in the
introduction if this is the case.

If problem B is what the document is trying to solve, then there are a
number of issues that need to be addressed:

a) The set of certificate usages needs to be restricted to 1 and 3 so that
one will get a certificate about the EE
b) The set of certificates selectors needs to be restricted to 0 so that the
certificate is always present
c) The matching type needs to be restricted to 0 so that the certificate is
always present.

A mention, but problem not a solution, to the case folding problem for local
parts in email addresses needs to stated so that people understand it
exists.    A quote from RFC 6530 is

  It has long been the case that the email syntax permits choices about
   mailbox names that are unwise in practice, if one actually intends
   the mailboxes to be accessible to a broad range of senders.  The most
   often cited examples involve the use of case-sensitivity and tricky
   quoting of embedded characters in mailbox local parts.  These
   deliberately unusual constructions are permitted by the protocols,
   and servers are expected to support them.  Although they can provide
   value in special cases, taking advantage of them is almost always bad
   practice unless the intent is to create some form of security by
   obscurity.

Which would seem to me to say, yes this is a legal thing to do.  However if
you do it you should be taken back of the wood shed and whipped.  Thus
although it is legal it is highly unadvisable.  Thus one does case folding
in the look up, one may be get a wrong security answer so one should not do
it even if it is tempting.  I.e. - this at a minimum is a security
consideration because people are going to try and do it if we don't tell
them not to do it and why they should not do it.