IETF Logo Mail Archive

Re: [dispatch] please dispatch draft-bhjl-x509-srv-02.xml

"John Levine" <johnl@taugh.com> Fri, 22 July 2016 16:59 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DB7412DE66 for <dispatch@ietfa.amsl.com>; Fri, 22 Jul 2016 09:59:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KMW4HqyvPbkP for <dispatch@ietfa.amsl.com>; Fri, 22 Jul 2016 09:59:01 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3591A12DE5D for <dispatch@ietf.org>; Fri, 22 Jul 2016 09:59:01 -0700 (PDT)
Received: (qmail 4401 invoked from network); 22 Jul 2016 16:58:59 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 22 Jul 2016 16:58:59 -0000
Date: Fri, 22 Jul 2016 16:58:37 -0000
Message-ID: <20160722165837.11498.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dispatch@ietf.org
In-Reply-To: <CABkgnnXcg_LtaVyrGx0prAhfC-KJkp4a1wgztqwwo1XCROD32A@mail.gmail.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/ZfnwNrngShuF2kPCsNCgaBMWPJ8>
Subject: Re: [dispatch] please dispatch draft-bhjl-x509-srv-02.xml
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2016 16:59:03 -0000

More review is nice, but useful review needs to be more than "I don't
trust this."

>Primarily, there needs to be adequate security review.  There are
>several big risks that this draft skirts and good review, and maybe
>even analysis, of this is important.

This draft describes a way to publish and retrieve S/MIME and PGP
keys.  The keys are the exact same ones you can get in other ways now,
and the draft goes to considerable lengths to say that, just like with
keys you get any other way, it's up to the client to decide how much
credence to give to them.  Any security problems with bogus keys are
the same ones we've already been dealing with as long as there have
been PGP and S/MIME.

If it appears that this draft is asserting that the keys are "real"
because the domain says so, it's trying very hard not to say that, so
it'd help to know what was confusing.  (Attempting to specify the
relationship between a domain and its users is a hopeless swamp of
despair where we're not going.)

>The draft appears to violate RFC 7320.  That suggests that wider
>review of other areas of this is needed.

I presume this is a reference to the URL paths in section 3.  They are
imported verbatim from RFC 4387 which was published ten years ago.
Since they're not new, it would be helpful to clarify under what
circumstances we're not allowed to use specs from existing standards
track RFCs.

R's,
John

v2.23.0 | Report a Bug | By Email