IETF Logo Mail Archive

Re: [dane] I-D Action: draft-ietf-dane-smime-04.txt

Mark Andrews <marka@isc.org> Sun, 12 January 2014 23:58 UTC

Return-Path: <marka@isc.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70A2A1ACC86 for <dane@ietfa.amsl.com>; Sun, 12 Jan 2014 15:58:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.439
X-Spam-Level:
X-Spam-Status: No, score=-2.439 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tmz7AZcsI5Dg for <dane@ietfa.amsl.com>; Sun, 12 Jan 2014 15:58:28 -0800 (PST)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) by ietfa.amsl.com (Postfix) with ESMTP id 3E6001ACC83 for <dane@ietf.org>; Sun, 12 Jan 2014 15:58:28 -0800 (PST)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) by mx.ams1.isc.org (Postfix) with ESMTP id 00D782383C9; Sun, 12 Jan 2014 23:58:04 +0000 (UTC) (envelope-from marka@isc.org)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 10446160459; Mon, 13 Jan 2014 00:08:46 +0000 (UTC)
Received: from rock.dv.isc.org (c211-30-183-50.carlnfd1.nsw.optusnet.com.au [211.30.183.50]) by zmx1.isc.org (Postfix) with ESMTPSA id D060C16032F; Mon, 13 Jan 2014 00:08:45 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id BBCA6CD007C; Mon, 13 Jan 2014 10:59:27 +1100 (EST)
To: Paul Hoffman <paul.hoffman@vpnc.org>
From: Mark Andrews <marka@isc.org>
References: <89AE05E1-BC6C-46BA-A4CC-A8F29070096D@vpnc.org> <CEF43EFD.F8FB%bdickson@verisign.com> <20140109173943.GL2317@mournblade.imrryr.org> <m37ga9kkfs.fsf@carbon.jhcloos.org> <20140109205604.GM2317@mournblade.imrryr.org> <alpine.LFD.2.10.1401091922410.5593@bofh.nohats.ca> <20140110004954.GQ2317@mournblade.imrryr.org> <m3zjn4k2zu.fsf@carbon.jhcloos.org> <20140110021746.GR2317@mournblade.imrryr.org> <F7F692F4-97A6-4F2B-BD0D-700CB7520E67@vpnc.org> <20140110035933.31003CADEAB@rock.dv.isc.org> <65157350-8CCE-43D0-B8AC-163A2149F43D@vpnc.org>
In-reply-to: Your message of "Fri, 10 Jan 2014 08:23:18 -0800." <65157350-8CCE-43D0-B8AC-163A2149F43D@vpnc.org>
Date: Mon, 13 Jan 2014 10:59:27 +1100
Message-Id: <20140112235927.BBCA6CD007C@rock.dv.isc.org>
Cc: "dane@ietf.org list" <dane@ietf.org>
Subject: Re: [dane] I-D Action: draft-ietf-dane-smime-04.txt
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Jan 2014 23:58:31 -0000

In message <65157350-8CCE-43D0-B8AC-163A2149F43D@vpnc.org>, Paul Hoffman writes
:
> On Jan 9, 2014, at 7:59 PM, Mark Andrews <marka@isc.org> wrote:
>
> >
> > In message <F7F692F4-97A6-4F2B-BD0D-700CB7520E67@vpnc.org>, Paul
> Hoffman writes
> > :
> >> On Jan 9, 2014, at 6:17 PM, Viktor Dukhovni <viktor1dane@dukhovni.org>
> wrote:
> >>
> >>> How does this bear on the encoding lookup key labels? Any encoding
> >>> (e.g. base32, or HMAC-SHA-224, but not punycode) that does not map
> >>> input strings that differ only in case to output strings that differ
> >>> only in case offers no advantage over a 1-way hash function.
> >>>
> >>> I am not sure what you're getting at.  Perhaps I'm missing something.
> >>
> >> The person looking up someone's S/MIME or PGP cert either knows how
> the LHS i
> >> s spelled (including exact case, and character encoding) or they
> don't. This
> >> issue is for a layer that is not ours.
> >
> > So a user has my address as "MARKA@ISC.ORG" (this is not made up,
> > some companies have it saved as that despite the fact that I entered
> > it in lowercase).  Is the MUA supposed to lowercase "MARKA" or not
> > before looking for a SMIME key?
>
> Again: this is an issue is for a layer that is not ours. The question is
> identical to whether or not your SMTP server will or will not accept both
> "marka" and "MARKA".

No it isn't.

The SMTP server for my addresses will treat the input as case
insensitive.

The input to this process is treated as case sensitive.  This means
that I have to enter records for:

marka, markA, marKa, maRka, mArka, Marka, marKA, maRKa, mARka, MArka,
maRkA, mArkA, MarkA, ...

to achieve parity.

Note both this draft and SMTP are taking email address as input, not
normalised email addresses.

> >> From my perspective there isn't a hard and fast answer to that.
> >
> > We could publish rules, in the DNS, for the MUA to use so that it
> > doesn't have to guess.
>
> We could. And the SMTP folks could do the same. Or we could finish this
> work in the next five years.

Yes, IDNA was a horrible protracted problem.

> --Paul Hoffman
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email