Re: [dane] case sensitivity and draft-ietf-dane-smime / draft-wouters-dane-openpgp

mrex@sap.com (Martin Rex) Tue, 17 September 2013 18:26 UTC

Return-Path: <mrex@sap.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29F1F11E8134 for <dane@ietfa.amsl.com>; Tue, 17 Sep 2013 11:26:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.181
X-Spam-Level:
X-Spam-Status: No, score=-10.181 tagged_above=-999 required=5 tests=[AWL=0.068, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6sWC5+kEY-AC for <dane@ietfa.amsl.com>; Tue, 17 Sep 2013 11:26:39 -0700 (PDT)
Received: from smtpde02.sap-ag.de (smtpde02.sap-ag.de [155.56.68.140]) by ietfa.amsl.com (Postfix) with ESMTP id 8B33711E82E6 for <dane@ietf.org>; Tue, 17 Sep 2013 11:26:39 -0700 (PDT)
Received: from mail05.wdf.sap.corp by smtpde02.sap-ag.de (26) with ESMTP id r8HIQLw6021066 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 17 Sep 2013 20:26:21 +0200 (MEST)
In-Reply-To: <alpine.LFD.2.10.1309091147050.14065@bofh.nohats.ca>
To: Paul Wouters <paul@cypherpunks.ca>
Date: Tue, 17 Sep 2013 20:26:21 +0200
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20130917182621.495791A974@ld9781.wdf.sap.corp>
From: mrex@sap.com
X-SAP: out
Cc: dane WG list <dane@ietf.org>
Subject: Re: [dane] case sensitivity and draft-ietf-dane-smime / draft-wouters-dane-openpgp
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2013 18:26:54 -0000

Paul Wouters wrote:
> On Mon, 9 Sep 2013, Viktor Dukhovni wrote:
> >
> > Therefore, <Paul@example.com> and <paul@example.com> are a-priori
> > distinct addresses except perhaps in the hands of the MTAs that
> > handle example.com mail.
> >
> > [ The fact that most systems are in practice case-insensitive is not
> >  sufficient to invalidate the right of some to be case sensitive as
> >  they see fit. ]
> 
> The _last_ thing I want to do is having an email client not encrypt a
> message because someone mailed Paul@example.com instead of
> paul@example.com.

I do not think that anyone proposed that a MUA should silently fail
to encrypt (and send in the clear instead) if lookup of
"Paul@example.com" does not provide a result.


> 
> So I think our choices are:
> 
> 1) do a lookup for the case "as is" and a lookup for lowercased (serial
>     or parallel)
> 
> 2) lowercase and lookup once.

I definitely prefer (1), an would want the MUA to tell the user
if the lookup result for "as is" differs from the lookup result
for the lowercased Email address (this is both, for lookup failure for "as is"
and for different EMail address result between "as is" and "all lowercase".


> 
> What I do _not_ think is a valid choice is "only do the as is case
> lookup".

While it is technically a valid implementation choice (and the only option
when there is no user present to confirm), it would not be very user
friendly, and alternative, much more user friendly behaviour seems
obvious and easy to implement.

-Martin