IETF Logo Mail Archive

Re: [dane] Second WGLC draft-ietf-dane-smime

"Garfinkel, Simson L. (Fed)" <simson.garfinkel@nist.gov> Mon, 21 November 2016 16:31 UTC

Return-Path: <simson.garfinkel@nist.gov>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8072E129480 for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 08:31:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rdXfiqpMCNEq for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 08:31:51 -0800 (PST)
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (mail-cy1gcc01on0132.outbound.protection.outlook.com [23.103.200.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19BC71294DF for <dane@ietf.org>; Mon, 21 Nov 2016 08:31:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=mgOCEUNGdXV2MDfmc1Si51Rv9RWt6I5O53pPNdgwH78=; b=mFM53r+sKkAjTmDqa3FYyMZ5S6Ikl9kOr7isaT4NTwu/0MJggUr5xkUXwhi/rg1ck5J3y/OhCkeib15cuyO0kOGGsaQBYiQZ0lvFVWlGij1FGl6wWK1BraDe9UnjcigAQWzWoYjuPLwxdxtbMZjrsG/V7y60Lz1uyyaBj1hceWs=
Received: from DM2PR09MB0576.namprd09.prod.outlook.com (10.161.252.22) by DM2PR09MB0574.namprd09.prod.outlook.com (10.161.252.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.734.8; Mon, 21 Nov 2016 16:31:49 +0000
Received: from DM2PR09MB0576.namprd09.prod.outlook.com ([10.161.252.22]) by DM2PR09MB0576.namprd09.prod.outlook.com ([10.161.252.22]) with mapi id 15.01.0734.007; Mon, 21 Nov 2016 16:31:49 +0000
From: "Garfinkel, Simson L. (Fed)" <simson.garfinkel@nist.gov>
To: John R Levine <johnl@taugh.com>
Thread-Topic: [dane] Second WGLC draft-ietf-dane-smime
Thread-Index: AQHSPjq1S3DkWlbj20OswExOk6brCqDc6uoAgAD/Q4CABSV2AIAAfG6AgAAGyoCAAAKMAIAAE5YAgAAEEAA=
Date: Mon, 21 Nov 2016 16:31:49 +0000
Message-ID: <9277E9AD-E28A-43C1-9044-B439630D25C1@nist.gov>
References: <20161121145803.79462.qmail@ary.lan> <C10FEAC0-E6F7-4216-A0FA-DE4893773D89@nist.gov> <alpine.OSX.2.11.1611211113570.18423@ary.qy>
In-Reply-To: <alpine.OSX.2.11.1611211113570.18423@ary.qy>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3124)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=simson.garfinkel@nist.gov;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [129.6.84.113]
x-microsoft-exchange-diagnostics: 1; DM2PR09MB0574; 7:qyK/h/z36aOSX6TJDsjSZPKbZW1ZgVeJGrEAXPJ5FceDc4TiS8H5YGnfmi+lXiNqRJBICVOfWrJhpDjYbT15oOiBnIpIaPz9xf7wEL+YothfHTca0onGNfhisO6N9E6hGlt2Ucm+xQ3ABIxctCNEfvIPftTYsWmANFkiwDBrrsVbWdHAfGmbrmPhebo2gwilqlR2BVvdl7ttErxMxFe0tpd13MyyACoiqS8EjFE5INRzMPO1ZBbjd2U5FXMShIqZVnS8nAEyv/SoouCJKdKQ3vlQ+HOq5cbSHYI1ogalmabWqsV6eJoRqpMPJIQmfXHUvCp7YV/9DJi75PiXPNulhopd0Ld1Ut7yY21QOLRxO10=
x-ms-office365-filtering-correlation-id: d6782510-c0df-4a3a-593a-08d4122be4a1
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:DM2PR09MB0574;
x-microsoft-antispam-prvs: <DM2PR09MB057429858DC9978E5ABCDD3FF6B50@DM2PR09MB0574.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040307)(6060326)(6045199)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(6061324)(6072148)(6042181); SRVR:DM2PR09MB0574; BCL:0; PCL:0; RULEID:; SRVR:DM2PR09MB0574;
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(24454002)(377454003)(51914003)(189002)(199003)(2900100001)(6506003)(66066001)(6512003)(77096005)(76176999)(50986999)(229853002)(8676002)(99286002)(33656002)(38730400001)(305945005)(7846002)(105586002)(106116001)(81166006)(8936002)(106356001)(57306001)(50226002)(7736002)(3280700002)(81156014)(189998001)(92566002)(4326007)(102836003)(3660700001)(3846002)(97736004)(82746002)(83716003)(101416001)(87936001)(6116002)(68736007)(230783001)(6916009)(2950100002)(2906002)(122556002)(36756003)(86362001)(110136003)(5660300001)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR09MB0574; H:DM2PR09MB0576.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <1EB368EADD8739438A0DFD85D5223701@namprd09.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2016 16:31:49.1723 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR09MB0574
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/uufas-8y0DaUMRLePJax837cB5o>
Cc: "dane@ietf.org" <dane@ietf.org>
Subject: Re: [dane] Second WGLC draft-ietf-dane-smime
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2016 16:31:53 -0000

John,

Thanks for the clarification.

So are you opposed to DANE in general, or just the use of DANE for email?

Given this opposition, are you opposed to the experimental RFC 7929?  Or is your opposition limited to SMIMEA?

Simson



> On Nov 21, 2016, at 11:17 AM, John R Levine <johnl@taugh.com> wrote:
> 
>> I didn’t mean to misrepresent what you said. I was simply trying to simplify the argument.  I’m sorry if I got it wrong. How would you rephrase it?
> 
> There's all sorts of reasons you wouldn't want your mail provider to read your mail.  As I said in an example, Gmail is mostly reliable but we don't know what secret subpoenas they might get.
> 
>> I am in agreement with you that the document assumes that domains are the authorities of the identities of their users. I concur that the document should explicitly state this. Email addresses have become an identifier that is in many ways superior to other identifiers, such as SSNs and Driver License #s, because they can be proved by an individual’s ability to receive email at a specific address. For the same reason, mobile telephone numbers are also quickly becoming persistent identifiers.  Email addresses have an advantage over mobile telephone numbers in that there are more of them and they are easily changed as necessary.
>> 
>> Would you support advancing the draft it is explicitly stated this assumption?
> 
> No.  It has other fatal flaws, discussed at length in the past. Better key distribution is a fine idea, but this isn't the way to do it.
> 
> Regards,
> John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email