IETF Logo Mail Archive

[dispatch] comments on draft-bhjl-x509-srv-00

Cullen Jennings <fluffy@iii.ca> Sat, 23 July 2016 09:39 UTC

Return-Path: <fluffy@iii.ca>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86E2712D587 for <dispatch@ietfa.amsl.com>; Sat, 23 Jul 2016 02:39:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JX2WIoOXxwYD for <dispatch@ietfa.amsl.com>; Sat, 23 Jul 2016 02:39:54 -0700 (PDT)
Received: from smtp80.ord1c.emailsrvr.com (smtp80.ord1c.emailsrvr.com [108.166.43.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE14B12D1A4 for <dispatch@ietf.org>; Sat, 23 Jul 2016 02:39:53 -0700 (PDT)
Received: from smtp3.relay.ord1c.emailsrvr.com (localhost [127.0.0.1]) by smtp3.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 5D332A0091 for <dispatch@ietf.org>; Sat, 23 Jul 2016 05:39:51 -0400 (EDT)
X-Auth-ID: fluffy@iii.ca
Received: by smtp3.relay.ord1c.emailsrvr.com (Authenticated sender: fluffy-AT-iii.ca) with ESMTPSA id 09BC1A0088 for <dispatch@ietf.org>; Sat, 23 Jul 2016 05:39:50 -0400 (EDT)
X-Sender-Id: fluffy@iii.ca
Received: from [10.61.167.19] ([UNAVAILABLE]. [173.38.220.59]) (using TLSv1 with cipher DHE-RSA-AES256-SHA) by 0.0.0.0:587 (trex/5.5.4); Sat, 23 Jul 2016 05:39:51 -0400
From: Cullen Jennings <fluffy@iii.ca>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C70DA868-633C-44CE-9394-72BEB7180C52"
Message-Id: <97BA2FB1-1A0F-44E0-94E7-CB6993029AAE@iii.ca>
Date: Sat, 23 Jul 2016 03:39:49 -0600
To: DISPATCH list <dispatch@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/VoBJicMXXfeXM0AsxdiD6uvMdwc>
Subject: [dispatch] comments on draft-bhjl-x509-srv-00
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jul 2016 09:39:55 -0000

I like the general idea of this and it seems very good timing as we get close to LetsEncrypt providing free certs for email. My preference would be for this to be general enough that it worked for other things such and xmpp and sip that use email style addresses. They face the same problem of how to discover the recipients certificate. 

In the end, the security seems like it has to be based on how the sender trying to reach fluffy@example.com <mailto:fluffy@example.com> decides the certificate retrieved is valid for that user or not. I’d certainly want to be able to use it in a mode where I did not need to trust the server that cached the cert (or the HTTPS or DNS leading to that), but as long as I got a cert signed by a trusted CA for the correct user, then it could be used to encrypt. 

I’m also a fan of the approach where if the HTTPS server has a cert for the domain example.com <http://example.com/>, then it can use that cert to sign the actual email certs for fluffy@example.com <mailto:fluffy@example.com>. 

Cullen

v2.23.0 | Report a Bug | By Email