IETF Logo Mail Archive

Re: [openpgp] [dane] The DANE draft

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 05 August 2015 11:28 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF9C01B2FA1; Wed, 5 Aug 2015 04:28:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FY5ibOyLKQV7; Wed, 5 Aug 2015 04:28:28 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3E6D1B2FA3; Wed, 5 Aug 2015 04:28:28 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id E8AC9BE73; Wed, 5 Aug 2015 12:28:26 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QMiwOz39IQy6; Wed, 5 Aug 2015 12:28:26 +0100 (IST)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id B4CA1BDD0; Wed, 5 Aug 2015 12:28:26 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1438774106; bh=Xr60cxx6GWZyuc1D793Tr80WOOIzJEzexBI3lvr7FUU=; h=Date:From:To:CC:Subject:References:In-Reply-To:From; b=syFXThxV1vkibLpNwr1hBAPyuxFbM9POcAiQ3UohV4mGCZn8j+kPavH+ildXigDcv icO1nYQC1orJSf6O71Q3Rb1h6UnejkF7FwfTpStBm9flo7NdqYItgLvkIXoNPKxLZS 7YcL2lfAdUgNa14Sggd6ojUFZKhQ+d3F8uOxy//w=
Message-ID: <55C1F35A.5070904@cs.tcd.ie>
Date: Wed, 05 Aug 2015 12:28:26 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: Paul Wouters <paul@nohats.ca>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <CAMm+LwhYdBLXM8Td8q8SCnzgwywRgMx3wNKeS_Q0JSN4Lh7rZQ@mail.gmail.com> <87bnf1hair.fsf@alice.fifthhorseman.net> <alpine.LFD.2.11.1507250832510.854@bofh.nohats.ca> <87bnem2xjq.fsf@alice.fifthhorseman.net> <alpine.LFD.2.11.1508050331340.1451@bofh.nohats.ca>
In-Reply-To: <alpine.LFD.2.11.1508050331340.1451@bofh.nohats.ca>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/HlJJ7ORHYngdVvwMFjv7OaVynYs>
Cc: IETF OpenPGP <openpgp@ietf.org>, dane WG list <dane@ietf.org>
Subject: Re: [openpgp] [dane] The DANE draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Aug 2015 11:28:31 -0000


On 05/08/15 09:14, Paul Wouters wrote:
>>
>>
>> I have no strong preference for base32 vs. digested localpart for the
>> hostname.  Digested localparts require a little bit more work to invert
>> than base32, but given the low entropy of typical normalized localparts,
>> they don't provide a lot of protection against a determined attacker.
> 
> And as clearly stated, were never meant to provide security.

Hmm.

With no hats, I gotta say I prefer the harder to invert local part
(i.e. hashed) to the reversible one (b32).

If this experiment ends up successful, then I think we'll be setting
a precedent for other per-user identifiers to be used as part of a
DNS name so I do not believe that arguments about this aspect ought
be decided solely based on PGP or SMIME or DANE. We should also
consider that some other protocol is highly likely to follow what
seems to have worked (just as _blah.example.com has been mimicked)
and where we don't now know the privacy consequences of copying
the pattern we're setting here.

For that reason, I really would prefer that we stick to the hash and
not go for the reversible per-user identifier.

(Separately, I also don't buy that there will be much use for actually
reversing the b32 encoding and if there were then the relevant work
could just as easily be done in advance by a server that is willing
to answer for a few known alternatives.)

So sorry to continue an argument but shouldn't this experiment be
a more conservative about privacy just in case it ends up wildly
successful?

Ta,
S.

v2.23.0 | Report a Bug | By Email