Re: [Jmap] Roman Danyliw's No Objection on draft-ietf-jmap-smime-09: (with COMMENT)
Alexey Melnikov <alexey.melnikov@isode.com> Thu, 21 October 2021 14:17 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: jmap@ietfa.amsl.com
Delivered-To: jmap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 295AD3A170F; Thu, 21 Oct 2021 07:17:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LthwxxNIeJhq; Thu, 21 Oct 2021 07:16:57 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id DD9C23A16FF; Thu, 21 Oct 2021 07:16:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1634825810; d=isode.com; s=june2016; i=@isode.com; bh=xryCCA72hc9MUS12nreJshfr7osRevbN6KnZTUEJ+v4=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=TYpuxcxqmzqYhDvcFCvzTISRUF3yZ3YbJwPRAT5KnMoWRiRt0jGOG1/wm5wV4LK4jkATKe CBpIMCxUUnfIO4FD7pY20ueV40sJtF+0xeY3sJDB5mP3jr04zjA2p5hOxO1bMZQAvK52sr DKMh02Qtc11T/HDpiRehRjWrgxAP0vM=;
Received: from [172.27.249.49] (connect.isode.net [172.20.0.43]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <YXF2UQABR1HJ@waldorf.isode.com>; Thu, 21 Oct 2021 15:16:50 +0100
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
Cc: jmap@ietf.org, draft-ietf-jmap-smime@ietf.org, jmap-chairs@ietf.org, brong@fastmailteam.com
References: <163460214370.19974.15716909300314956596@ietfa.amsl.com>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <002266b6-50e4-846b-e325-86721eea8769@isode.com>
Date: Thu, 21 Oct 2021 15:16:49 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
In-Reply-To: <163460214370.19974.15716909300314956596@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-GB
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/jmap/o3IVbLwdtI1bu0QZFaL9yZRLuI8>
Subject: Re: [Jmap] Roman Danyliw's No Objection on draft-ietf-jmap-smime-09: (with COMMENT)
X-BeenThere: jmap@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: JSON Message Access Protocol <jmap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jmap>, <mailto:jmap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jmap/>
List-Post: <mailto:jmap@ietf.org>
List-Help: <mailto:jmap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jmap>, <mailto:jmap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Oct 2021 14:17:04 -0000
Hi Roman, On 19/10/2021 01:09, Roman Danyliw via Datatracker wrote: > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > ** Section 4.1. Recommend sticking to verification practices by citation when > defining the semantics of “smimeStatus” > > OLD > signed/verified: S/MIME signed message and the sender's signature > was successfully verified, the sender matches the From header > field, and the sender's certificate (and the certificate chain) is > trusted for signing. > > signed/failed: S/MIME signed message, but the signature failed to > verify. > > NEW > signed/verified: S/MIME signed message and the sender's signature was > successfully verified per the verification process in [RFC8551] and [RFC8550]. > > signed/failed: S/MIME signed message, but the signature failed to verify > per the processes in [RFC8551] and [RFC8550]. [RFC8551] and [RFC8550] are already listed earlier on when smimeStatus is described in more general terms, so implementing your suggestion becomes less urgent. Let me think a bit more about the best way of updating the draft to reflect this comment. > ** Section 6. Recommend being more explicit with the trust model. > > OLD > Use of server-side S/MIME signature verification JMAP extension requires the > client to trust the server signature verification code and configuration to > perform S/MIME signature verification. > > NEW > Use of server-side S/MIME signature verification JMAP extension requires the > client to trust the server signature verification code and configuration to > perform S/MIME signature verification. A malicious or compromised server could > return false verification status to a client. A successful verification could > be conveyed to a client for a forged or altered message. A properly signed > message could be signaled as having a failed signature verification or no > signature at all. In the case of the latter attack, no new attack surface is > presented with this extension above what malicious or compromised server could > already do by stripping or tampering with the S/MIME information in the > message. In the case of the former attack, client software capable of > performing S/MIME signature verification could detect this attack. Local > configuration of the client should determine if this client-side verification > should occur. For clients without local verification capabilities, such an > attack would be difficult to detect. Sounds good to me. Added to my copy of -10. Thank you, Alexey
- [Jmap] Roman Danyliw's No Objection on draft-ietf… Roman Danyliw via Datatracker
- Re: [Jmap] Roman Danyliw's No Objection on draft-… Alexey Melnikov
- Re: [Jmap] Roman Danyliw's No Objection on draft-… Alexey Melnikov