[saag] draft-moore-smtp-addrquery-01 (was: IETF 93 Agenda Request - Key Discovery)
Keith Moore <moore@network-heretics.com> Fri, 24 July 2015 20:40 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 601091A8033 for <saag@ietfa.amsl.com>; Fri, 24 Jul 2015 13:40:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XpNKvi499pmm for <saag@ietfa.amsl.com>; Fri, 24 Jul 2015 13:40:44 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95E2A1A8714 for <saag@ietf.org>; Fri, 24 Jul 2015 13:40:44 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id D7DA0208B6 for <saag@ietf.org>; Fri, 24 Jul 2015 16:40:43 -0400 (EDT)
Received: from frontend2 ([10.202.2.161]) by compute3.internal (MEProxy); Fri, 24 Jul 2015 16:40:43 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-sasl-enc :x-sasl-enc; s=smtpout; bh=hGMPM/jyTAXYhGQsTAV/y3ggH1k=; b=K8eHN 8BIvKTlIUUSWIgY+qALkviR7wTCVEziU2g/XpiWfGe85yxlbQPV70xWsIiAbpebu Tb0pFRew6zXIT+3T6pVstdg+zaIm3FaoSp/ZJ9SeZbIUy8CMxEnIxCcwH3/A9twX d/ki59q1p+Ej7lWRGa1ExvsIAqZ5pdwXGoBoNU=
X-Sasl-enc: 5T7tDzsRt7ZxE/Y+xmjzHoNxUctYPJPJ0wYR2CQn210H 1437770443
Received: from [192.168.1.66] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 8719D680185; Fri, 24 Jul 2015 16:40:43 -0400 (EDT)
Message-ID: <55B2A2C7.5040004@network-heretics.com>
Date: Fri, 24 Jul 2015 16:40:39 -0400
From: Keith Moore <moore@network-heretics.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: saag@ietf.org
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/mvWjQSDF3sW9ApCjQLhIY93Toh0>
Subject: [saag] draft-moore-smtp-addrquery-01 (was: IETF 93 Agenda Request - Key Discovery)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 20:40:46 -0000
> I'm kind of astonished that people still think that extending email > protocols is a good idea for things like this. For example: > > "BASE64 is used to avoid the need for the server to produce JSON text > which conforms to SMTP line-length restrictions." > > Why, in 2015, would we continue to choose modalities that come with > these arcane restrictions? Because there's a huge, worldwide investment in a mail protocol that works well, and replacing SMTP would not only be disruptive but also have the potential to introduce huge operational difficulties. That's not to say that such a replacement should never, ever be considered, but that it's not worth replacing SMTP for such a simple change as key discovery. And as others have pointed out, trying to sync between an SMTP server and some other key discovery server is fraught with operational peril. The idea that interpretation of the local-part of an email address is determined solely by the MTA processing that domain's inbound mail is not only an explicit part of the email architecture (and has been since at least RFC 821), it's also deeply embedded in every SMTP server in existence. (This would likely remain true even if we changed from SMTP to some other protocol, as there's too much investment in existing address syntax and conventions.) So extending SMTP appears to make more sense than having a separate protocol for discovery of email public keys. And to maximize deployability of this extension it makes sense to design the extension in such a way that it can be easily added to existing SMTP servers, whether or not they have things like fixed-sized buffers (hopefully bounds-checked) for response lines. BASE64 may seem like overkill as a way to do line wrapping, but it's simple, mature, robust, familiar to mail system implementors, and already widely implemented in both libraries and SMTP servers (e.g. those that do downgrading from 8BITMIME mail to 7bit ASCII). Also, these days I place a high value on designing protocols in such a way that it's easy to implement them correctly. As far as I can tell, this aspect of AQRY is hard to botch. Keith