[secdir] secdir review of draft-ietf-appsawg-rrvs-header-field
"Shaun Cooley (shcooley)" <shcooley@cisco.com> Mon, 17 March 2014 07:04 UTC
Return-Path: <shcooley@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CD471A0030; Mon, 17 Mar 2014 00:04:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.048
X-Spam-Level:
X-Spam-Status: No, score=-15.048 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01SHn0n3lKmG; Mon, 17 Mar 2014 00:03:57 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) by ietfa.amsl.com (Postfix) with ESMTP id F1C6C1A03A8; Mon, 17 Mar 2014 00:03:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1499; q=dns/txt; s=iport; t=1395039829; x=1396249429; h=from:to:cc:subject:date:message-id: content-transfer-encoding:mime-version; bh=cqlVAIhjToJHIh+uxC0hW3F/VeYaYCfQ2LkY56EpxfM=; b=Uy6VVXvJb8BB8Bx49pviuihsCaD7d77pRSMCNE3wqyIRvKnWkvpXni+u Zw/n46W0zzmZP8w8F3Hmvvcitdy0MRZahpiNs/Hxlns+dl4lbkUepjuFU U+iSKmfnWMUvMWwDxKDPQLtLGudwAFW8mnsfLuSF+xUmD0zCP2hkXeyXj 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AiMFAMSdJlOtJV2a/2dsb2JhbABZgwaBEsIHgRgWdIInAQR5EgEqC0smAQQBDQ2HcdIyF44VAgEBHjERgxqBFAEDiRqhW4MtgXI5
X-IronPort-AV: E=Sophos;i="4.97,668,1389744000"; d="scan'208";a="307709908"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-9.cisco.com with ESMTP; 17 Mar 2014 07:03:49 +0000
Received: from xhc-aln-x01.cisco.com (xhc-aln-x01.cisco.com [173.36.12.75]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id s2H73m18005344 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 17 Mar 2014 07:03:49 GMT
Received: from xmb-aln-x10.cisco.com ([169.254.5.205]) by xhc-aln-x01.cisco.com ([173.36.12.75]) with mapi id 14.03.0123.003; Mon, 17 Mar 2014 02:03:48 -0500
From: "Shaun Cooley (shcooley)" <shcooley@cisco.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Thread-Topic: secdir review of draft-ietf-appsawg-rrvs-header-field
Thread-Index: Ac9BrCh2zAg7BhNeSsS1/SZjUWgivA==
Date: Mon, 17 Mar 2014 07:03:48 +0000
Message-ID: <187A7B1DA239514F9146FC78B19AADE30B6CAE6A@xmb-aln-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.82.219.109]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/Of6Nykj-nkdnR-YGgHpAJ3hjd1M
Cc: "draft-ietf-appsawg-rrvs-header-field.all@tools.ietf.org" <draft-ietf-appsawg-rrvs-header-field.all@tools.ietf.org>
Subject: [secdir] secdir review of draft-ietf-appsawg-rrvs-header-field
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Mar 2014 07:04:00 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document defines an extension for SMTP called RRVS, along with a new MAIL header field called Require-Recipient-Valid-Since, that allows senders to indicate to receivers the last date when the sender confirmed the ownership of the target mailbox with the intended recipient, with a goal of preventing sensitive mail from being delivered to the wrong party if the ownership of a mailbox has changed. The document is easy to understand and covers several information disclosure issues that might arise from abuse of the RRVS extension or matching header. I consider this document to be ready for publication with two small nits: - The suggested abuse countermeasures described in 14.1 should be reworded to indicate that operators SHOULD (or are RECOMMENDED to) implement countermeasures against RRVS probing. - The suggested use restrictions described in 14.2 should be reworded to indicate that operators SHOULD (or are RECOMMENDED to) accept any RRVS datetime as valid for accounts that have only had a single owner, even if the RRVS datetime predates the creation of the target account. -Shaun
- [secdir] secdir review of draft-ietf-appsawg-rrvs… Shaun Cooley (shcooley)
- Re: [secdir] secdir review of draft-ietf-appsawg-… Murray S. Kucherawy
- Re: [secdir] secdir review of draft-ietf-appsawg-… Shaun Cooley (shcooley)
- Re: [secdir] secdir review of draft-ietf-appsawg-… Murray S. Kucherawy
- Re: [secdir] secdir review of draft-ietf-appsawg-… Stephen Farrell
- Re: [secdir] secdir review of draft-ietf-appsawg-… Alexey Melnikov
- Re: [secdir] secdir review of draft-ietf-appsawg-… Barry Leiba
- Re: [secdir] secdir review of draft-ietf-appsawg-… Murray S. Kucherawy
- Re: [secdir] secdir review of draft-ietf-appsawg-… Barry Leiba
- Re: [secdir] secdir review of draft-ietf-appsawg-… Murray S. Kucherawy