[plasma] Verifying the signature of the LockBox.

Alan Borland <Alan.Borland@BoldonJames.com> Wed, 13 March 2013 10:21 UTC

Return-Path: <Alan.Borland@BoldonJames.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 4C9BA21F8D79 for <plasma@ietfa.amsl.com>; Wed, 13 Mar 2013 03:21:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id CQbSuK5ujmlb for <plasma@ietfa.amsl.com>; Wed, 13 Mar 2013 03:21:26 -0700 (PDT)
Received: from outgoing.boldonjames.com (outgoing.boldonjames.com []) by ietfa.amsl.com (Postfix) with ESMTP id 60E8521F8D37 for <plasma@ietf.org>; Wed, 13 Mar 2013 03:21:24 -0700 (PDT)
Received: from BJEX3.corps.boldonjames.com ([fe80::b85c:343b:66b0:b132]) by bjex3.corps.boldonjames.com ([fe80::b85c:343b:66b0:b132%10]) with mapi id 14.02.0328.009; Wed, 13 Mar 2013 10:21:21 +0000
From: Alan Borland <Alan.Borland@BoldonJames.com>
To: "'plasma@ietf.org'" <plasma@ietf.org>
Thread-Topic: Verifying the signature of the LockBox.
Thread-Index: Ac4f0qAKuaW+39TnSmuvI2yWCWh8WA==
Date: Wed, 13 Mar 2013 10:21:20 +0000
Message-ID: <0E5C08E16910F1409605822C0EC4DB56223562C4@bjex3.corps.boldonjames.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
x-originating-ip: []
x-protectivemarking: [BJ/UNMARKED/EXTERNAL]
Content-Type: multipart/alternative; boundary="_000_0E5C08E16910F1409605822C0EC4DB56223562C4bjex3corpsboldo_"
MIME-Version: 1.0
Subject: [plasma] Verifying the signature of the LockBox.
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 10:21:27 -0000

[Boldon James classification: UNMARKED EXTERNAL]

When we open a message we have to determine if the message is a traditional S/MIME message or a Plasma message.  This is done by inspecting the CMS envelopedData layer looking for a Plasma LockBox. If the lockbox is found we verify the SignedData signature, but this got me thinking.  Should we verify just the integrity of the signature itself or should we also perform a full certificate path validation as well?   This would mean every user needs to trust a certificate from the Plasma Server (additional overhead - is this an issue?), but then if the Plasma Server is somehow compromised this would be a way of returning the error to the client.

I couldn't decide either way, at the moment we're doing a full certificate path validation.


Alan Borland

Boldon James Limited, a QinetiQ company
Mobile:        +44 (0)7810 556709
Direct:         +44 (0)1270 507841
Switch:        +44 (0)1270 507800
Email:          alan.borland@boldonjames.com<mailto:alan.borland@boldonjames.com>
Email (R):    abborland@qinetiq.r.mil.uk<mailto:abborland@qinetiq.r.mil.uk>
Web:           www.boldonjames.com