[secdir] secdir review of draft-kucherawy-authres-header-b-02

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 09 June 2010 23:24 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4AA7B3A67B3 for <secdir@core3.amsl.com>; Wed, 9 Jun 2010 16:24:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.11
X-Spam-Level:
X-Spam-Status: No, score=-1.11 tagged_above=-999 required=5 tests=[BAYES_05=-1.11]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vhCYYLRw0+s1 for <secdir@core3.amsl.com>; Wed, 9 Jun 2010 16:24:40 -0700 (PDT)
Received: from scss.tcd.ie (hermes.cs.tcd.ie [IPv6:2001:770:10:200:21b:21ff:fe3a:3d50]) by core3.amsl.com (Postfix) with ESMTP id A1AB53A67A3 for <secdir@ietf.org>; Wed, 9 Jun 2010 16:24:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id F04DD3E408E; Thu, 10 Jun 2010 00:24:38 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:subject:mime-version :user-agent:from:date:message-id:received:received: x-virus-scanned; s=cs; t=1276125878; bh=34FsKdy+lh4UgyLc3vNyPPz4 ACQaQAEhF/GPC01wuOM=; b=dkjdrpfTDL2lP2fDCtbPVnOy5dbkX3V8FU7T/DYW YQavXa84EbJmmv+kzN0AKJpCjTFB2fMZnjFVYPSEUfHbZk7TYaGakd9VV4YH6uN0 Wu4//didkLgXsuREM1E2Iv/zs7sF2FvJDcjdErdFQwsL4s9UsJXxT1CcifVc4i5K QAK6AgC4eDxftbIml/CwBJ/nDBykJMiPJcOp7xpqWRs3twr6f+1ewKX5A2b+MMcc gmbnG0XdpHCgzeN57uru2/bhMpy3PaKN5OQr+R+8pFMqC/STb3QV7pBPOEO0kGZS PjWIofE8pzqTBhhyECsaM12rCrbuGfmQPGlMKzyoj4r5DQ==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id J+eYKKI36bj8; Thu, 10 Jun 2010 00:24:38 +0100 (IST)
Received: from [10.87.48.3] (dsl-102-234.cust.imagine.ie [87.232.102.234]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id A6E183E408A; Thu, 10 Jun 2010 00:24:38 +0100 (IST)
Message-ID: <4C1022B6.7000500@cs.tcd.ie>
Date: Thu, 10 Jun 2010 00:24:38 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100317 Lightning/1.0b1 Thunderbird/3.0.4
MIME-Version: 1.0
To: "Murray S. Kucherawy" <msk@cloudmark.com>, secdir@ietf.org
X-Enigmail-Version: 1.0.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [secdir] secdir review of draft-kucherawy-authres-header-b-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jun 2010 23:24:41 -0000

Nice little document. (Which is much better than a nice
big document:-)

I see no substantive security issues here.

Two nits below. I've no real problem if they're ignored.

Stephen.

1. What if someone defines a MACing scheme for DKIM with
   a teensy-weensy MAC? There might be no way to get 8
   characters then. Suggest allowing the full authenticator
   in that case if its <8 bytes long. Very unlikely but
   maybe worth a sentence.

2. Apppendix A says:

  "Presumably due to a change in one of the five header fields covered
   by the two signatures, the former signature failed to verify while
   the latter passed."

   I think that could only happen if they use different c14n, if
   so maybe say so. Or could be better to say the results may
   differ due for key mgmt reasons (e.g. an inaccessible public key)
   or because the signature values have been corrupted. Reason to
   prefer those is that they're more likely. (Or am I missing
   something?)