[pkix] Identified Work Items and Discussion Summary (was: possible new pkix and/or smime work)
Wei Chuang <weihaw@google.com> Thu, 31 March 2016 18:59 UTC
Return-Path: <weihaw@google.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C175612D769 for <pkix@ietfa.amsl.com>; Thu, 31 Mar 2016 11:59:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.987
X-Spam-Level:
X-Spam-Status: No, score=-1.987 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, OBFUSCATING_COMMENT=0.723, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sTYjlnaNP-8w for <pkix@ietfa.amsl.com>; Thu, 31 Mar 2016 11:59:25 -0700 (PDT)
Received: from mail-vk0-x22a.google.com (mail-vk0-x22a.google.com [IPv6:2607:f8b0:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E08B12D768 for <pkix@ietf.org>; Thu, 31 Mar 2016 11:59:25 -0700 (PDT)
Received: by mail-vk0-x22a.google.com with SMTP id z68so115183923vkg.3 for <pkix@ietf.org>; Thu, 31 Mar 2016 11:59:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc; bh=VCUKmWY2itbXkPkiJU3JsxuCUJJFnkNZ1hCXgtdNGxQ=; b=JGcLFsRdHQ+ksA+Elox6VD9N4iuXVcyqIkaA6uMaY4kmNnKJOzSYZGkfunL61pne2v 0UxCL33r2goRFE1q8fxrGaabueWgV4MF/va2Y2kYZP5NDZkrKgSRaEHdeAo/Y6OykcXF R4OsLF9tYG7kLOC2IVe6faUzN7II6kfYCo5saMGcsOoSat/MFYPMqwaC6dg6M7yhK0Ez l3GkLLcKv5lrVvfRhq/fqlZbjJVnxMkvk9Dh03/CHIdYtOkW0dTBi++jWVbF9Iur6TuF nLxpiqMwJb1zPXiavqYa/sUiweg38cG74iBLxvehi1UiZL96zzGqeK9GoZj4aUgTfBdt vuPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to:cc; bh=VCUKmWY2itbXkPkiJU3JsxuCUJJFnkNZ1hCXgtdNGxQ=; b=GD3+dNxfrKogqb2XT25mYD0F2uL7BWLk5pNgezfn/jqltz1RjQqAm2KpzybKPtQ9lB UldL8NYP4NaQKJKAeqikulUNuidMPVC1yf80DghR0i4xmS78XjWM7t2KH+VeaOjmhCCx sEu2RWGroJpDgqAuaotNwwYYZbpv/nkVpGgw+bJHfKIh723AfXMES5oMXc08GVqbS8kt xeO1gQHNLmmzwFVd0y5ys9n0sAoNy/mmcsPIZ6vBYOyNdtyFIxW4cvQWDSJJgypBR0zq D89pXwbONV9D+saJvrGrrsCM9E27qGkH/Kwnlj3SH8ttsbx5AxvAgx25/LB8vwoPJERT xwow==
X-Gm-Message-State: AD7BkJIsplbgq7MsUqBNa/5tYlSBlGbTeueeGlk7DPRfEYlKxY2HpDypoeosC+K6FW0wZtvL2otEvqRoZOD/QZ4D
MIME-Version: 1.0
X-Received: by 10.176.5.199 with SMTP id e65mr324174uae.45.1459450763906; Thu, 31 Mar 2016 11:59:23 -0700 (PDT)
Received: by 10.176.3.211 with HTTP; Thu, 31 Mar 2016 11:59:23 -0700 (PDT)
Date: Thu, 31 Mar 2016 11:59:23 -0700
Message-ID: <CAAFsWK1BDEFOALrcgjw9iHw5D9jZeLAp7bAurs3bqgQb0UxhrQ@mail.gmail.com>
From: Wei Chuang <weihaw@google.com>
To: PKIX <pkix@ietf.org>, IETF SMIME <smime@ietf.org>
Content-Type: multipart/mixed; boundary="94eb2c1233ba5a3d6d052f5cdc37"
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/r46hvskDvSUM5Dg-jvJ85ZdXJls>
Cc: John Levine <johnl@iecc.com>
Subject: [pkix] Identified Work Items and Discussion Summary (was: possible new pkix and/or smime work)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2016 18:59:30 -0000
Hi all, I've created a Google Docs of the potential work items and discussion summary (associated with my personal email account). This will make it easy to take comments on the document and incorporate them into the document easily. The following link goes to the document: https://goo.gl/xXbBoc (i.e. https://docs.google.com/document/d/1bZ9BHiw1FvTj1HKEWlfUqe4811KroY_Ottzl3fye-eE/edit?usp=sharing which might get split by some email clients) Here's a link to the help center on how to make a comment in the docs: https://support.google.com/docs/answer/65129?co=GENIE. Platform%3DDesktop&hl=en For those who prefer a text document, I've inlined it below. Please use the above Google Doc link, because it automates making changes to document. thanks, -Wei ---------- IETF PKIX / S/MIME Feb-Mar 2016 Work Items Potential work list: Short term: 1. EKU for intermediate CA certificate 2. Manufacturer Usage Description URI certificate extension 3. Certificate i18n email address support 4. Non authoritative key lookup (see bhjl draft) 5. Solving incomplete certificate chains and handing expired certificates cleanly on clients 6. Adding new S/MIME crypto: AEAD: AES-CCB, AES-GCM, AES-CCChaCha20-Poly1305, CRFG ECC Curves 7. Deprecate old ciphers e.g. md5, sha1 8. Support for PGP keys in CMS 9. Update RFC4134 i.e. S/MIME examples 10. drafts 1. draft-lear-ietf-pkix-mud-extension-00 2. draft-lbaudoin-iemax-02 3. draft-ietf-pkix-eai-addresses-00 4. draft-bhjl-x509-srv-00 5. Draft-melnikov-smime-msa-to-mda-04 Long term 1. Certificate discovery and reenrollment 2. Solving email address canonicalization (perhaps via bhjl oracle) 3. Header privacy 4. Prevent signature stripping attack 5. Painless client configuration Even longer term 1. Supporting Webmail 2. Preventing Spam 3. Combining PGP S/MIME 4. Email identity ________________ Opinions PKIX Mailing List Strings in certificates: Want clarifications in 5280 regarding strings * Date: 18 Jan 16 * Issue: Deprecating types; interpretation for DisplayText; Unicode normalization; Control Characters; Unicode for rfc882Name * Discussion: See X.520 and other documentation EKU for intermediate certificates: Allow EKU in intermediate CA cert to allow technical constraints as specified by CABF * Start: 4 Feb 16 * Issue: Worry significant change since EKU wasn’t meant to impact path validation; Implementers haven’t been following path constraints very well; Interoperability challenge due to different standards * Proposal: New extension; New interpretation; Follow policy OID; other answers in archive Is it time for a pkix extensions (or similar) wg? * Start: 5 Feb 16 * Proposals: Manufacturer cert extension (see lear draft); i18n for cert rfc822Name (see lbaudoin, eai-addresses drafts) spawned address discussion noted below; S/MIME name matching selector in SignerInfo: case, normalization? What about S/MIME WG (stephen farrell)? * Issue: S/MIME: “biggest problem… how to tell senders what they should do”; successor to S/MIME and PGP?; Enough work for two working group? Or just one working group? * Drafts: draft-lear-ietf-pkix-mud-extension-00; draft-lbaudoin-iemax-02; draft-ietf-pkix-eai-addresses-00.txt Email address matching rules (was Re: Is it time for a pkix extensions (or similar) wg?) * Start: 6 Feb 16 * Issue: email address local part normalization is against RFC5321; Sec 7 of RFC5280 needs updating; Security model * Proposal: Sender should normalize (see 5750); define rules in DKIM or DNS; define OTHER-NAME in cert SAN/IAN in UTF8String with encoding of matching rules; Regex SAN/IAN; Formalize security model; Sender does cert lookup to find alternate address variant certificate; * Note: large discussion by SMTP folks noted below in: Another attempt to canonicalize local parts * Drafts: draft-bhjl-x509-srv-00 Support for email address internationalization in RFC5280 certificates * Start: 4 Feb 16 * Draft: draft-lbaudoin-iemax-02.txt (see also draft-ietf-pkix-eai-addresses-00) * Counter proposal: Consider instead redefining Rfc822Name as CHOICE including UTF8String key identities * Start: 14 Mar 16 (from tmiller on: why you shouldn't even try to canonicalize local parts) * Proposal: Verify signature and cert path, TOFU the address FROM/SENDER address and remember public key; identify by public key SKID, subsequently only verify the signature from the public key; Key roll over * Issue: signing?; a priori discovery?; human comprehensible notion of identity or name Summary of S/MIME Problems/Issues * Start: 11 Mar 16 (from mrex on: another attempt to canonicalize local parts) * Issues: Incomplete chains; Mail archival problems when certificates expire i.e. revalidating signature or decryption due to MUA certificate and timestamp management, and lack of help from CAs Another attempt to canonicalize local parts: 3rd party interpretation of email address local parts for validation or key discovery is a bad idea * Start: 11 Mar 16 * Issues: RFC5321 stats only MTA may interpret the local part; MUA UI poorly does key management; “key structures” i.e. key discovery is difficult * Proposal: Modernize email address to enable validation; IETF should get into standardizing UI particularly for key management; Key discovery via oracle e2e email security (stephen farrell) * Start: 12 Mar 16 * Issues: No MUA development; email environment is centralized; mail headers not protected; e2e may prevent anti-spam technology * Proposal: allow experimentation Key lookup service via draft-bhjl-x509-srv-00 * Start 22 Mar 16 * Proposal: Use the draft for key lookup; provides means to do initial certificate discovery; authoritative; certificate renewal; oracle for new email name variants; * Issues: Key management is hard; security risk for automated key re-enrollment; security issues with a centralized key directory; handling ownership of multiple mailbox; * Draft: draft-bhjl-x509-srv-00 BCP proposal: regular expressions for Internet Mail identifiers * Start: 22 Mar 16 * Proposal: Standardize regex for email addresses S/MIME Mailing List Message takeover attacks against S/MIME * Start: 27 Jan 16 * Proposal: Adding authenticated encryption to S/MIME; * Issues: S/MIME doesn’t keep headers private; MUA don’t understand message/rfc822; attack via signed-then-encrypted message into encrypted-then-signed using attackers identity and replies will leak the original content Is this enough to re-charter the S/MIME WG? * Start: 8 Mar 16 (from housley on “Message takeover attacks against S/MIME”) * several folks willing to help; AEAD: AES-CCM, AES-GCM, ChaCha20-Poly1305; domain signing; Curve25519 and Curve448, CFRG ECC curves; automated cert enrollment; protect mail headers; standardize on RFC5753 i.e.ECC away from informational; updated RFC documentation e.g. RFC 4134; drop old ciphers e.g. md5, sha1; prevent signature stripping attacks * Draft: draft-melnikov-smime-msa-to-mda-04 General S/MIME issues / solutions * Start: 29 Jan 16 (from phill on: Message takeover attacks against S/MIME) * Proposal: merge PGP and S/MIME; publish consistent modern crypto suit in CURDLE; make it work with WebMail; configuration must be painless ---------- Forwarded message ---------- From: Stephen Farrell <stephen.farrell@cs.tcd.ie> Date: Thu, Mar 24, 2016 at 5:28 AM Subject: Re: [pkix] possible new pkix and/or smime work To: pkix <pkix@ietf.org> I got a couple of volunteers, Wei Chuang and John Levine (thanks both!) who're aiming to produce us a summary of the recent list discussion we can ponder in a few days. Cheers, S. On 23/03/16 20:35, Stephen Farrell wrote: > > Folks, > > I'm finding it hard to evaluate the discussion as to whether > there's new work folks want to do here that'd justify forming > a (coherent) WG and that'd result in likely implementation and > deployment. I expect others may be similarly uncertain. > > Would someone be willing to volunteer to act in a slightly > chair-like manner and try to summarise the discussion in a > way that might help us judge the above? > > I think that might help us to e.g. organise a bit of a bar > BoF or collective chat amongst those interested while a bunch > of us are in B-A and on the list prior to that. > > Thanks, > S. > > PS; If you are willing to do that but shy, feel free to send to > me offlist and I can pretend I did the work:-) > > > > > _______________________________________________ > pkix mailing list > pkix@ietf.org > https://www.ietf.org/mailman/listinfo/pkix > _______________________________________________ pkix mailing list pkix@ietf.org https://www.ietf.org/mailman/listinfo/pkix
- [pkix] Identified Work Items and Discussion Summa… Wei Chuang
- Re: [pkix] Identified Work Items and Discussion S… Stephen Farrell
- Re: [pkix] Identified Work Items and Discussion S… Tom Ritter
- Re: [pkix] Identified Work Items and Discussion S… John R Levine
- Re: [pkix] Identified Work Items and Discussion S… Wei Chuang
- Re: [pkix] Identified Work Items and Discussion S… Tom Ritter
- Re: [pkix] Identified Work Items and Discussion S… Stephen Farrell
- [pkix] Room change wasRe: Identified Work Items a… Stephen Farrell
- Re: [pkix] Identified Work Items and Discussion S… Dr. Pala