Re: [Spasm] Last Call: <draft-ietf-lamps-eai-addresses-05.txt> (Internationalized Email Addresses in X.509 certificates) to Proposed Standard

Wei Chuang <weihaw@google.com> Sun, 12 March 2017 21:40 UTC

Return-Path: <weihaw@google.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B778129442 for <ietf@ietfa.amsl.com>; Sun, 12 Mar 2017 14:40:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ev3ECxKs9AF for <ietf@ietfa.amsl.com>; Sun, 12 Mar 2017 14:40:48 -0700 (PDT)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2485A12943A for <ietf@ietf.org>; Sun, 12 Mar 2017 14:40:48 -0700 (PDT)
Received: by mail-oi0-x22c.google.com with SMTP id 126so70724996oig.3 for <ietf@ietf.org>; Sun, 12 Mar 2017 14:40:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=hrJlGwl94FYJV4T4W6put1T70vdhlCVaqDI8QgFKbRA=; b=DB3KjXejPKi7hMj2YIQE35MWtpPhveCMdzpXzFM/B1i0SEVmweuIg15U7LFeJjlUh+ QOEXpNeA89WH6fhNlaRSuT40bm5XH5Jcp9jo8dnJRRYLuoJ/dHnF78p7iLDf/E9svmXY /MK7XJHHJIdFBJ3lKzykiYRSAc/NCjI5iagsLqZAqkWMjMk3oLfL49xUlIh4W9VIoyfo 1FwyQobX0CaqaBJCuay5nbEyGfmQcw+A0PmSWkcpidq+CZ6kpMT0ihP4WJ/l6ZSGfL2X Bq7CjcskPeZ8F30wBfu86vKjg2oukBrJB/eD2/ANRqQQbZopD4LvKly98IY1nkya5GAB XGzQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=hrJlGwl94FYJV4T4W6put1T70vdhlCVaqDI8QgFKbRA=; b=nGY9r0seqpnU77s1Fh+Rn3eWumbhBSxmpwk2UAgNwWDDZdCu7qlv+GeJ3egUUiiJhZ /0R2Xx0wOK2hk2j+6SDvO79z1KSEponNnAtFJVwoj0pqqU/fXhpT8jh0nRTl7So8KsyX JMJeMvAd/muftlKExNkWEwxkQejtKJrjCeVXLKiejTPfRh0FswI/zQ1a1wau574kgq0Q u9gFYWHOeQj3t6tf45HGSfiAxbVjBlu4Q6isecUQvRr2K4GHq4PBVMZcoX22X3nIXrI5 jne0Qr2zopxwq5xdAZLnR/F6OZlsP/EQE3+Ggs55L1MXSpNGOlteQubpdJeCyFawJ3Bc X0UQ==
X-Gm-Message-State: AMke39kxLYuvSPnNvIta9yI/tO1MuQhb9S02Tljc2fA3sZxg3pK1tbDy/VFXv6NK8DoZsQHnHiLRWaP5CT9+awpI
X-Received: by 10.202.226.146 with SMTP id z140mr14326118oig.166.1489354847134; Sun, 12 Mar 2017 14:40:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.41.226 with HTTP; Sun, 12 Mar 2017 14:40:45 -0700 (PDT)
In-Reply-To: <CAAFsWK1Q=d-9E++J0Z7UyEn3mshKkbYZ9yuGX974XvU8rO0VQw@mail.gmail.com>
References: <alpine.OSX.2.20.1702111606270.2386@ary.qy> <CAAFsWK0KoeeHeKxay=j=NR8AqbzaHXtjNoQNQqRHwUNT3-Pe_Q@mail.gmail.com> <D237E866-CEC3-4A3C-9D5E-0D1B48F1799B@dukhovni.org> <841bb724-7403-4682-3d50-f878f63b0346@cs.tcd.ie> <6d114340-c9a7-e311-e6f9-0614600cafd2@cs.tcd.ie> <CAAFsWK2RMGp0jqesx3cTbN=S7p0WuhH+0AbeJuuiZPF6WCbQOQ@mail.gmail.com> <BCEFAA3C-B711-4269-81C8-4DA0E1AA7AD0@dukhovni.org> <CAAFsWK3yJ9r+6abTXZQsNsey+VcRpdtVv=Hku_54_LZ9y1T2xQ@mail.gmail.com> <B8A5967B-9C19-4167-8A20-B82DFD46A924@dukhovni.org> <00c401d298b8$616fffa0$4001a8c0@gateway.2wire.net> <CAAFsWK1Q=d-9E++J0Z7UyEn3mshKkbYZ9yuGX974XvU8rO0VQw@mail.gmail.com>
From: Wei Chuang <weihaw@google.com>
Date: Sun, 12 Mar 2017 14:40:45 -0700
Message-ID: <CAAFsWK3n=dpix1dF6_tm+ZBSqkC=+DW301HaLSg__p-0Tt0rxg@mail.gmail.com>
Subject: Re: [Spasm] Last Call: <draft-ietf-lamps-eai-addresses-05.txt> (Internationalized Email Addresses in X.509 certificates) to Proposed Standard
To: IETF general list <ietf@ietf.org>, SPASM <spasm@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="001a11408a3aa06ba0054a8f7235"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/qOckowLAqmBGp0qaY9RUkcNEaZU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Mar 2017 21:40:50 -0000

The latest draft 08 is up:
https://tools.ietf.org/html/draft-ietf-lamps-eai-addresses-08

The diff is:
https://tools.ietf.org/rfcdiff?url2=draft-ietf-lamps-eai-addresses-08.txt

This draft attempts to capture Viktor's name constraint verifier logic, and
illustrate the examples in the diagrams.

-Wei


On Thu, Mar 9, 2017 at 10:22 AM, Wei Chuang <weihaw@google.com> wrote:

> There seems to be a consensus here and internally to the changes that
> Viktor proposes.  We can put that in the next draft update.
>
> -Wei
>
> On Thu, Mar 9, 2017 at 1:34 AM, tom p. <daedulus@btconnect.com> wrote:
>
>> ----- Original Message -----
>> From: "Viktor Dukhovni" <ietf-dane@dukhovni.org>
>> To: <spasm@ietf.org>rg>; "IETF general list" <ietf@ietf.org>
>> Sent: Thursday, March 09, 2017 3:19 AM
>> > On Mar 8, 2017, at 8:17 PM, Wei Chuang <weihaw@google.com> wrote:
>> >
>> > Okay.  I think the direction then is to have SmtpUTF8Name respect
>> rfc822Name name constraints and vice versa.
>>
>> Well, no, the simplest proposal on the table is for SmtpUTF8Name to
>> be *prohibited* when rfc822Name constraints are present and SmtpUTF8Name
>> constraints are not.  When both present, they can operate independently.
>>
>> <tp>
>>
>> Getting security right can be tricky as the legion of failed attempts
>> that make it to RFC testify but what you are proposing here seems so
>> simple, so obviously the right thing to do that I am puzzled, bewildered
>> even, that anyone can disagree with you.
>>
>> Tom Petch
>>
>> The verifier logic is then:
>>
>> 1. If neither rfc822Name constraints nor SmtpUTF8Name constraints
>>            are present in any CA certificate in the chain, any mixture
>> of
>>            rfc822Name and SmtpUTF8Name SAN elements is valid.
>>
>> 2. If some certificate in the chain contains *only* rfc822Name
>>    constraints, then these apply to rfc822Name SAN elements, but
>>    all SmtpUTF8Names are prohibited.
>>
>> 3. When both types of constraints are present in all CA certificates
>>            that have either type, then constraints for each SAN type are
>>    exclusively based on just the corresponding constraint type.
>>
>> 4. If some certificate in the chain contains only SmtpUTF8Name
>>      constraints then those are unavoidably at risk of bypass via
>>            rfc822Name SAN elements when processed by legacy verifiers.
>>    Therefore, this should be avoided, and the CA needs to
>>      publish rfc822Name constraints that prevent bypass.  Such
>>    constraints *need not* be equivalent (not always possible)
>>    to the desired SmtpUTF8Name constraints.  Rather, it suffices
>>    to not permit rfc822Name elements that would be prohibited
>>    if they were simply cut/pasted (with no A-label to U-label
>>            conversions) as SmtpUTF8Name elements.  It is not necessary
>>    for these to permit everything that SmtpUTF8Name permits.
>>
>> Thus for example, if SmtpUtf8Name only permits addresses in the non
>> NR-LDH
>> domain "духовный.org <http://xn--b1adqpd3ao5c.org>" (or a specific set
>> of addresses in such a domain),
>> then the corresponding rfc822Name constraint could just permit "." (or
>> the
>> reserved "invalid" TLD if that's preferable) which is not a usable email
>> domain.  This ensures that only the permitted SmtpUTF8Name SANs are used
>> and no rfc822Name SANs are used.
>>
>> If, instead the Smtp8Name constraints are excluded non-ASCII address
>> forms,
>> then since these have no literal rfc822Name equivalents, the rfc822Name
>> constraints can be omitted with the same effect.
>>
>> Only when the intention is to permit NR-LDH domains with either ASCII or
>> UTF-8 localparts (or an all-ASCII full address) do the rfc822Name and
>> SmtpUTF8Name constraints need to be fully equivalent.  This is of course
>> trivial to do.  Just cut/paste the same string into both types of
>> constraint.
>>
>> --
>> Viktor.
>>
>>
>