IETF Logo Mail Archive

Re: [dispatch] please dispatch draft-bhjl-x509-srv-02.xml

"John R Levine" <johnl@taugh.com> Sun, 21 August 2016 16:39 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F98D12D1B7 for <dispatch@ietfa.amsl.com>; Sun, 21 Aug 2016 09:39:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=FudCLKOI; dkim=pass (1536-bit key) header.d=taugh.com header.b=K+SJgh9M
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7ZGoM7LOpW_0 for <dispatch@ietfa.amsl.com>; Sun, 21 Aug 2016 09:39:15 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FA1312D0F9 for <dispatch@ietf.org>; Sun, 21 Aug 2016 09:39:15 -0700 (PDT)
Received: (qmail 61508 invoked from network); 21 Aug 2016 16:39:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=f042.57b9d931.k1608; bh=/579iutHCbTN/qk1ZjyPwQNFAyjaoeqtawMBalWkTYs=; b=FudCLKOICN212zER4aZfJUM6Kyp1Qrim/LRHQ9S0NI/tYL3T0HQtOPCKz7JjnWWqAvcJwieup6XGDf183d0JjtkZEe9GmYBhpHw7gCjcfDOWM079atUSSmdFVgXb0xWZ8/xrXquFe5CGsoVQi0fSJutSKIw9zeROH2d2mmLnudXtJ0LnBTpVDCxGoPT6wQkbI1VEmIVN0qK1aUwe9OvffdK5hVcikE76QrhDonTfPkbyIMD3CDzROex3TfUq6XDH
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=f042.57b9d931.k1608; bh=/579iutHCbTN/qk1ZjyPwQNFAyjaoeqtawMBalWkTYs=; b=K+SJgh9MsZ3nasjT74haRWXgh2jnxgYN8yowMgF3+/SaD9SD86voeWAOKV2/5HkIcSBIRHnjk6vW+KBRi5I8qbbfHbE319R35t0KyKzQITOoKDutE8zQ7nULtnRxIc7YmphbPMnoL6H2Y5G0QxIWgexo96pIsnbA45UUZoesvXVOT+YkAIx4AW7bNLG4NaLx9da8oQij4OOxSqb4Y5uN6udwjlOMto2jaCHIe4/HAJVIcqi1/pMCk7iIf+Z4iRBX
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 21 Aug 2016 16:39:13 -0000
Date: Sun, 21 Aug 2016 12:39:13 -0400
Message-ID: <alpine.OSX.2.11.1608211122060.45425@ary.lan>
From: John R Levine <johnl@taugh.com>
To: Eric Rescorla <ekr@rtfm.com>
In-Reply-To: <CABcZeBMV_2d6RBi4EsvtLtyOBeM2nD3u30O-SZqdmGGBzs6y_g@mail.gmail.com>
References: <alpine.OSX.2.11.1607221253020.13624@dhcp-b1bb.meeting.ietf.org> <CABcZeBMV_2d6RBi4EsvtLtyOBeM2nD3u30O-SZqdmGGBzs6y_g@mail.gmail.com>
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/LIbYZcJLAaI39Kj2M7kApm5lYOs>
Cc: Dispatch WG <dispatch@ietf.org>
Subject: Re: [dispatch] please dispatch draft-bhjl-x509-srv-02.xml
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Aug 2016 16:39:17 -0000

> This document should define precisely what combination of these
> elements is sufficient for the client to accept the certificate.

If only.  Existing practice for PGP seems to be rather different from what 
the theory is ("if it doesn't look totally bogus, use it" vs "check and 
score WoT signatures against your private list") and for S/MIME it depends 
on what set of CAs are in your MUA, which in my experience is generally 
pretty stale.

Adding to the confusion, some people appear to believe that a domain is a 
reliable authority for certs for its email addresses.  (See for example 
the third paragraph in the introduction in RFC 7929 which makes no sense 
otherwise.)  Others of us don't, since the relationships between domain 
operators and mail users are incredibly variable.

If you are in the domain is authoritative camp, you can use 
DNSSEC->SRV->https as a chain of trust for the cert, or for S/MIME you can 
use DNSSEC->TLSA as a chain of trust for the signature.  If you aren't, 
you can do whatever you do now and the DNSSEC doesn't get you anything 
beyond the usual anti-spoofing.

If people agree these are the two plausible scenarios, I could easily add 
text describing them.  I don't see any chance of deciding on only one or 
the other.

> It's somewhat odd to encourage TLSA records (at SHOULD level) but a
> WebPKI valid certificate at MAY level. This is pretty much the
> opposite of standard practice for HTTPS on the Internet today. It's
> not like it's particularly onerous for someone running a Web server to
> get WebPKI valid certs.

Good point, MUST for https seems obvious.

> S 5.
> This section also needs to be fleshed out. Questions include:
>
> - You say "a blob of binary data". Do you mean that they are DER? That
>  seems implied, but it could be compressed DER or something. This
>  needs to be specified.

That's supposed to be whatever RFC 4387 did.  Looking at it, it's not 
clear to me what encoding it expects, so I agree it could use some 
clarification.

> - What is the relationship between the multiple certificates that are
>  provided? Are they alternatives? Are some of them intermediates that
>  can be used to validate the EE certificate (this is commonly
>  required)? If so, which one is the EE cert?

Again, this is out of RFC 4387.  I was under the impression that the 
client could look at the certs and see what chained to what.

> - Are there any requirements about the format of the various subject
>  name fields? Say I ask for "bob@example.com" and get a cert for
>  "alice@example.invalid". What do I do?

RFC 4387 again.

> This section about how to publish domain-operated CA certificates kind
> of seems like an add-on and needs to be fleshed out quite a bit
> more. For instance, why aren't you defining the same mechanism for
> PGP, as they seem analagous in this case. If you want to define TLSA
> records for CA certs for e-mail that seems like it should probably be
> the subject of a separate document.

I suppose I could wave my hands and say that the domain publishes an 
OPENPGPKEY record with postmaster@<domain>, but it's not clear to me 
whether anyone would care.  S/MIME signatures are (as I understand it) 
supposed to be deterministic, if you trust the signer, you trust the cert, 
while WoT is squishy.  As far as putting it in a separate document, I 
wouldn't object but it's not clear what the advantage would be.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.

v2.23.0 | Report a Bug | By Email