Re: Security for various IETF services

Dave Crocker <dhc@dcrocker.net> Thu, 03 April 2014 23:51 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EDDA1A03B3 for <ietf@ietfa.amsl.com>; Thu, 3 Apr 2014 16:51:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y6B9g81gDZBP for <ietf@ietfa.amsl.com>; Thu, 3 Apr 2014 16:51:55 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 7F7571A03B1 for <ietf@ietf.org>; Thu, 3 Apr 2014 16:51:55 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net [76.218.8.156]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s33NpkFf023863 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 3 Apr 2014 16:51:49 -0700
Message-ID: <533DF3A9.4030201@dcrocker.net>
Date: Thu, 03 Apr 2014 16:50:01 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: "Fred Baker (fred)" <fred@cisco.com>
Subject: Re: Security for various IETF services
References: <533D8A90.60309@cs.tcd.ie> <290E20B455C66743BE178C5C84F1240847E779EEB6@EXMB01CMS.surrey.ac.uk> <p06240601cf639cb2113b@[99.111.97.136]> <F8AEEDAE-C8BB-4979-8122-1110DFF62770@cisco.com>
In-Reply-To: <F8AEEDAE-C8BB-4979-8122-1110DFF62770@cisco.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Thu, 03 Apr 2014 16:51:49 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/dGeaIRxVeWRQuFiZK3o-ygca8R4
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Apr 2014 23:51:59 -0000

On 4/3/2014 4:40 PM, Fred Baker (fred) wrote:
> DKIM encodings to sign messages. And of asking that IETF tools not reformat email in ways that corrupt data that has been signed.


Yes, but...

DKIM does not authenticate message contents, and the dkim signing name 
(d=) is not require to correlate with any other identifier in the 
message.  In particular, it can be unrelated to the domain name in the 
From: field.

This independence is essential for some scenarios, such as having a 
mailing list provide its own DKIM signature, using it's own domain name, 
while preserving the author's original From address.

In other words, I like the goal you have in mind, but fear it is 
considerably more challenging to achieve than any of us would like.


d/

ps. The other reason for using https is privacy to reduce traffic 
analysis and other meta-data review.  This is quite separate from 
keeping IETF data 'confidential'.

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net