[dane] SMIMEA draft suggestion
Scott Rose <scottr.nist@gmail.com> Thu, 07 November 2013 04:39 UTC
Return-Path: <scottr.nist@gmail.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A24AE11E811D for <dane@ietfa.amsl.com>; Wed, 6 Nov 2013 20:39:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_61=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZHSktoVEQoYv for <dane@ietfa.amsl.com>; Wed, 6 Nov 2013 20:39:33 -0800 (PST)
Received: from mail-ie0-x231.google.com (mail-ie0-x231.google.com [IPv6:2607:f8b0:4001:c03::231]) by ietfa.amsl.com (Postfix) with ESMTP id BB75011E80F5 for <dane@ietf.org>; Wed, 6 Nov 2013 20:39:32 -0800 (PST)
Received: by mail-ie0-f177.google.com with SMTP id e14so37118iej.36 for <dane@ietf.org>; Wed, 06 Nov 2013 20:39:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:date:message-id:subject:from:to:content-type; bh=okRCGJLq/hlJBGcl5Q2C9cOr8EZjP1tzVD4kb0PGEGc=; b=ffwcUSS0PNKoKb22p+q1A3JfpGL/ZrQsFhFL8qNyImUMnMu7vvD+5olmuuc6qvljlX LJ+LYfLguvNwtJ14NJfVo0EvKmOwGe1SNjiRetOTNktakimo9dhG1UXvPUWDCb24NSO2 7YFQY9gWG3JziwAcsgZUlx7WWzmsnHSHGzJnktRbXVmfNeCQdvDSVuTuULx4H5tSuacM j+XMhLP3k1WG+rhanhAXu66k9EwyJovJDKJ60vjHYxrI7qfRQDm+RR+aMWiqdvDOyBcJ 4EPTCdkjasNqU3t6SAiZXt9q3msi7wBjDmJUi5JpH/Uk5M/1Bf/2fzTo0FirgfOaqTTj KsRQ==
MIME-Version: 1.0
X-Received: by 10.50.40.37 with SMTP id u5mr663386igk.29.1383799172043; Wed, 06 Nov 2013 20:39:32 -0800 (PST)
Received: by 10.50.138.161 with HTTP; Wed, 6 Nov 2013 20:39:31 -0800 (PST)
Date: Wed, 06 Nov 2013 20:39:31 -0800
Message-ID: <CA+Xj6hCKjGsjpy0y7CcH2JzcrOHY99n0=MZZK-kg7f5NAGBfdQ@mail.gmail.com>
From: Scott Rose <scottr.nist@gmail.com>
To: dane@ietf.org
Content-Type: multipart/mixed; boundary="089e0122f4f0177f5004ea8edae5"
Subject: [dane] SMIMEA draft suggestion
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: scott.rose@nist.gov
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 04:39:38 -0000
Although I can't make the lunch meeting, there is other work going on at NIST to add some functionality to SMIMEA that we would like to propose. Attached is the (current) draft with added text. In summary, the new additions are: - a naming convention to distinguish digital signature and encryption key certs - a field to flag "revoked", used to signal that a user's SMIME certs have been revoked. An example of that is included at the end. - a field to indicate another certificate publication mechanism is in use (e.g. Webfinger) and that the SMIMEA RR can be used to validate the cert. We're not entirely sure if that is useful, but something we kicked around here based on other systems that are currently deployed. Others from our division should be at the meeting, but I'll be on a plane. NIST would be willing to take over editorship of the SMIMEA draft if that is desired - we just want to see this advanced. Scott
- [dane] SMIMEA draft suggestion Scott Rose