IETF Logo Mail Archive

Re: [pkix] [smime] Key lookup service via draft-bhjl-x509-srv-00

"John R Levine" <johnl@taugh.com> Thu, 24 March 2016 18:23 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B557812D738 for <pkix@ietfa.amsl.com>; Thu, 24 Mar 2016 11:23:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=g9y0PEmU; dkim=pass (1536-bit key) header.d=taugh.com header.b=fj6WC2xu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sWpKSTfE-QIr for <pkix@ietfa.amsl.com>; Thu, 24 Mar 2016 11:23:10 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05E8B12D12E for <pkix@ietf.org>; Thu, 24 Mar 2016 11:23:09 -0700 (PDT)
Received: (qmail 50116 invoked from network); 24 Mar 2016 18:23:09 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=c3c3.56f4308d.k1603; bh=gAyW6yt5zPx39xQoN9BY5R1LVQQZ3r0UkT6xUzOeoWQ=; b=g9y0PEmUatS1ZQ0QkFKcodVa+krDDIxVXvgmRyg9XlEEgAukfKybL027bMV6yFkPFGkAUGgDA4gLGXCA0OeUJzSp0BD7mCFQs/1Z6u6Vk58sNkA5dx9O+LvhNSDftLQjnjJDQhM/sPwrPo/BKhxMxWRov21Hz8KFXZfYIMdNx4hgene1ccFjNHj0ozk93xX8cHTYYscM8jIUqVEK8jP8x3jyd76hkkRA/fcI99cpM1lKnOO8px6Rmh1vN5OO3OEQ
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=c3c3.56f4308d.k1603; bh=gAyW6yt5zPx39xQoN9BY5R1LVQQZ3r0UkT6xUzOeoWQ=; b=fj6WC2xuK115X0bURkwweXuTfnFA2PZmctw/HNrv4k1Zbaow8xGl2OCz5aEKRG+bD/RVWpKa8F96q9usfkSY1porr7MKT2N0dzty8x2iOQ2VPFNplxBg5FLSWAaXLbuLTwoC7ROp9YZo8rjYU2kfJh9a3f+XCqQfEz/lyxVRJffAVxm9jljPnYxRlUEf8keurXN6UJmXhmF+jPqP7osujJ5p+rsn0ka7z1KtIAaWcl/Cu8OD3MxRu94WbpXerSUM
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 24 Mar 2016 18:23:08 -0000
Date: Thu, 24 Mar 2016 14:23:08 -0400
Message-ID: <alpine.OSX.2.11.1603241357170.10758@ary.lan>
From: John R Levine <johnl@taugh.com>
To: "Miller, Timothy J." <tmiller@mitre.org>
In-Reply-To: <BY1PR09MB0920D9D77D591080E5929631AE820@BY1PR09MB0920.namprd09.prod.outlook.com>
References: <CAAFsWK3HEXDgqONxBohBCGMKk2qMa230fxcNEaGhoTwQZVYQoQ@mail.gmail.com> <alpine.OSX.2.11.1603221443230.18473@ary.lan> <CAAFsWK2Xbw0eU2oz4edtmPH5PhwJgQkTYWKhFruZnCnD37c_CQ@mail.gmail.com> <alpine.OSX.2.11.1603231431110.4624@ary.lan> <FB501B0B-999D-45E4-A739-4D561A25275B@mitre.org> <CAAFsWK1p-_HNYwM1B-p8MMo58u2hURW45ytKr_1f3h+XKDS5wA@mail.gmail.com> <BY1PR09MB09201BC92CD9FD1E76703D7FAE820@BY1PR09MB0920.namprd09.prod.outlook.com> <alpine.OSX.2.11.1603241107510.9761@ary.lan> <BY1PR09MB0920D9D77D591080E5929631AE820@BY1PR09MB0920.namprd09.prod.outlook.com>
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/s7ZSp5LU5bk_fP_2pn22juSvJak>
Cc: PKIX <pkix@ietf.org>, IETF SMIME <smime@ietf.org>
Subject: Re: [pkix] [smime] Key lookup service via draft-bhjl-x509-srv-00
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 18:23:13 -0000

> A certificate repository is, at best, relaying *stale* information it 
> got from somewhere else.  Only the MUA actually knows what keys are held 
> by the user at any given moment.  So why have a middleman? 
> Convenience?  Convenient access to the MUA's knowledge can be had 
> without a central repository.  Why else?

I'm sorry, this makes no sense.  How is my MUA supposed to know about the 
key of someone from whom I have not yet received a message?  Based on the 
arguments I've seen, the main point of a key lookup service is to enable 
opportunistic encryption on the first message.

Also, your assertion that the cert repository is likely to be stale makes 
a bunch of assumptions that were reasonable in the 1990s but not now. 
For example, vast numbers of people primarily use web mail, so the MTA and 
MUA are the same, they're both attached to the web server, so the 
repository sees the same certs the users do.  (We know why this model has 
all sorts of security problems, but half a billion web mail users aren't 
going away.)

And in domains that are authorities for their users, e.g., businesses that 
provide accounts to their employees, the domain's repository is accurate 
by definition, and there's an argument that repository checks can detect 
some kinds of mail forgery.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.

v2.23.0 | Report a Bug | By Email