Re: [dane] Improving DANE S/MIME Privacy

Alice Wonder <alice@domblogger.net> Tue, 11 April 2017 22:25 UTC

Return-Path: <alice@domblogger.net>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E7A0128796 for <dane@ietfa.amsl.com>; Tue, 11 Apr 2017 15:25:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=domblogger.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NpWBHTH9EJIP for <dane@ietfa.amsl.com>; Tue, 11 Apr 2017 15:25:18 -0700 (PDT)
Received: from mail.domblogger.net (mail.domblogger.net [104.200.18.67]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33E001286B1 for <dane@ietf.org>; Tue, 11 Apr 2017 15:25:18 -0700 (PDT)
Received: from localhost.localdomain (68-189-44-253.dhcp.rdng.ca.charter.com [68.189.44.253]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.domblogger.net (Postfix) with ESMTPSA id 9FAD71A6; Tue, 11 Apr 2017 22:25:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=domblogger.net; s=default; t=1491949517; bh=JKbcsMizxT8RtQm/iprYa4niogbH3jE7YJdeQOF1oJI=; h=Subject:To:References:Cc:From:Date:In-Reply-To; b=Nv/WQ8W+FU6wcTlfFAj55faPuAfA+DeWsMrWvATAh+Smw4unhH5uYbpzJfs68DT2Q UACS5OUy4GpNGVVDbv0e+wfy34k7Lhw7u26MEuaZ6rYiTxOmS+jZbJnIGGO3alcky3 fRSs9cj/rMlv0io+znhbllQPE35TSgLlUiNN/qV4=
To: Paul Wouters <paul@nohats.ca>
References: <f7332bd5-f003-c828-8f4a-0d543099c872@domblogger.net> <alpine.LRH.2.20.999.1704111513480.15830@bofh.nohats.ca>
Cc: dane@ietf.org
From: Alice Wonder <alice@domblogger.net>
Message-ID: <0d74ee85-fe33-f245-6702-ae0b67040cd8@domblogger.net>
Date: Tue, 11 Apr 2017 15:25:15 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <alpine.LRH.2.20.999.1704111513480.15830@bofh.nohats.ca>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/oPulRy9-BeNj04Zw1zJlMeATqPg>
Subject: Re: [dane] Improving DANE S/MIME Privacy
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 22:25:19 -0000

On 04/11/2017 12:15 PM, Paul Wouters wrote:
> On Tue, 11 Apr 2017, Alice Wonder wrote:
>
>> If the serial number for the x.509 certificate is a salt for the hash,
>> then spammers can not determine the validity of an e-mail address from
>> DNS but those who already have the certificate can use DNS to DANE
>> validate the certificate.
>
> Except the whole point of this record is to publish that certificate, so
> clearly the spammers have a copy of the serial number too :)
>
> Paul

Okay I think my perspective on this is different.

Due to epilepsy, I do not drive and require more sleep than most people 
and frequently must lie down. Not conductive to a good income, so I 
never used S/MIME simply because I did not want to pay for certs for my 
various e-mail addresses.

I tried OpenPGP but found the web of trust to be too complex for most 
people I communicate with and found the procedure for revoking a private 
key that may have been compromised too awkward.

I saw S/MIME with DANE as a way to use self-signed x.509 certs with 
confidence (more confidence than I personally have in the CA system 
where fraudulent certs are not uncommon, and where software like content 
filters and superfish often insert a root authority into user's trusted 
list) and saw S/MIME DANE as a way to validate those self-signed 
certificates, not as a way to distribute them.

I am sorry, I misunderstood the purpose.

That being said, the suggestion of using 2 1 1 or even 2 0 0 entries may 
give the privacy I seek.

If a * wildcard works with DNSSEC (I've never tried personally tried 
them) then the e-mail domain could be the certificate authority for 
x.509 certificates on the domain and sign certificates for the users 
that could then be DANE validated without DNS giving positive 
confirmation to the existence of an address or revealing the public key 
needed for a spammer to bypass the content filtering when sending 
malware to random users.

That is probably a better solution than using a serial number as a hash, 
and probably is easier to manage too as it only requires one DNS entry 
for every user on the system.