IETF Logo Mail Archive

Re: [ietf-smtp] Public Key Look Up

Alessandro Vesely <vesely@tana.it> Wed, 12 May 2021 10:09 UTC

Return-Path: <vesely@tana.it>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4EE83A3C38 for <ietf-smtp@ietfa.amsl.com>; Wed, 12 May 2021 03:09:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8yX2P5h93zUz for <ietf-smtp@ietfa.amsl.com>; Wed, 12 May 2021 03:09:36 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86EF63A3C35 for <ietf-smtp@ietf.org>; Wed, 12 May 2021 03:09:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1620814169; bh=bGBYfvCdBVIRqkrJQWiragRmntG/coCtGJNA5Gv9PqM=; l=2249; h=To:References:From:Date:In-Reply-To; b=DS50F68LcJTaniNb5YbZnA0dca5TDF95SHVbfM3DBQjGrzFxeOzK4yKc9G0wfASjN tV9tB6XU6mC489JpH6XO05HJT13sFPOuCsocRmU5zeXXIwxr/isU6uKofC7j/xzQ9l sHlmTCVoA1sXK7p/KDhtYPdLHFauA0cyRsyeG63IfukHPU6DiVODmirOuz0LZ
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0E2.00000000609BA959.00003CC6; Wed, 12 May 2021 12:09:29 +0200
To: John C Klensin <john-ietf@jck.com>, John Levine <johnl@taugh.com>, ietf-smtp@ietf.org
References: <20210511185543.C751179052B@ary.qy> <D7EABCF7E8976BE735927C69@PSB>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <79ed2289-80af-5744-86f1-6d7a13b730ab@tana.it>
Date: Wed, 12 May 2021 12:09:28 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <D7EABCF7E8976BE735927C69@PSB>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/eI5kLVGuk2308xYhGQEHhEDYh7Q>
Subject: Re: [ietf-smtp] Public Key Look Up
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 May 2021 10:09:42 -0000

On Wed 12/May/2021 05:47:52 +0200 John C Klensin wrote:
> --On Tuesday, May 11, 2021 14:55 -0400 John Levine wrote:
>> It appears that Alessandro Vesely  <vesely@tana.it> said:
>>>> I think it's a terrible idea both because it puts the keys in the
>>>> wrong place and the reasons you gave, extensions are optional which
>>>> means not implemented. >>>
>>> I'm not clear why a domain's MX would be the wrong place.
>> 
>> Because you can't tell the user's relation to the domain. Would you want
>> Google to be the authoritative source of keys for every gmail user?
>> Apollo Global Management for every Yahoo and AOL user?

At least, I'd expect Google to be aware that I have a mailbox at theirs, in 
case.  Different keyservers either treat email addresses as opaque tokens or 
need to periodically check whether the email address is still in use by the key 
holder.

Yes, freemail providers are the overwhelming majority, but there are also other 
mail sites.  And the need of an interoperable standard is mostly necessary for 
the latter ones.


> Well, if the keys were signed by entities I trusted, I wouldn't be worried
> about what "authoritative source" means.  And if they weren't, not only
> would I not like that, but it would probably turn the whole idea into
> theater rather than security.   And, as you know at least as well as I do,
> getting general-purpose keys signed in a way that could be generally
> depended on has proven to be a challenge.(to put it mildly).

There are different classes of mailbox providers.  Some have personal knowledge 
of their users, other accept anonymous subscription.  Some users trust their 
mailbox provider.  Some kind of provider can even sign the public keys of its 
users.

I don't think that distrust of one's provider is the only reason to apply 
end-to-end encryption.  Consider a message signed by employee@company.example 
whose key is authenticated by the company.  Isn't that a good employer-employee 
relationship?


>> Personally, as a passive-aggressive mail system operator, the
>> only keys my MX would publish would be proxy ones that let my
>> MTA decode the mail and do spam and malware filtering.


I was talking about /public/ keys.


Best
Ale
--

v2.23.0 | Report a Bug | By Email