Re: [ietf-privacy] Privacy of CLIENTID for IMAP/SMTP

Benjamin Kaduk <kaduk@mit.edu> Wed, 21 August 2019 02:59 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DDC412082E for <ietf-privacy@ietfa.amsl.com>; Tue, 20 Aug 2019 19:59:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pek3H-YoLCN5 for <ietf-privacy@ietfa.amsl.com>; Tue, 20 Aug 2019 19:59:11 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C08F120045 for <ietf-privacy@ietf.org>; Tue, 20 Aug 2019 19:59:11 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x7L2x22l018738 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 20 Aug 2019 22:59:06 -0400
Date: Tue, 20 Aug 2019 21:59:02 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Kai Engert <kaie@kuix.de>, ietf-privacy@ietf.org
Message-ID: <20190821025901.GI60855@kduck.mit.edu>
References: <ae89b75c-65c3-db47-8152-19ef3f96dcb1@kuix.de> <0f8bebcf-f4ae-85db-9e8e-5f1596c84238@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <0f8bebcf-f4ae-85db-9e8e-5f1596c84238@cs.tcd.ie>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-privacy/xmUJvP_wuO4mnHGfZATDwSD5ALY>
Subject: Re: [ietf-privacy] Privacy of CLIENTID for IMAP/SMTP
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 02:59:13 -0000

On Mon, Aug 19, 2019 at 09:05:21PM +0100, Stephen Farrell wrote:
> 
> Hiya,
> 
> I didn't read the drafts, but Nick's comments make sense to
> me so I'd give those a +1 (modulo not having read the draft
> of course:-)
> 
> One other thought...
> 
> On 19/08/2019 17:07, Kai Engert wrote:
> > If the client
> >   supports it, and if the connection is encrypted, then the client
> >   sends its client side identifier.
> 
> Sometimes I've been prompted to accept a hotspot's bogus
> certificate for IMAP if my MUA is the first to trip over
> a hotspot. A user might hit yes in such a case which is
> a bad idea yes, but I guess happens. I guess an active
> attack could appear similarly.
> 
> So is there a reason to tie the CLIENTID to the server
> credentials I wonder? E.g. to rotate it whenever the
> server cert changes. That might also discourage servers
> from assuming that the CLIENTID never changes.

I was going to say something similar.  So, a "yes" from me :)

-Ben