[secdir] Security review of draft-ietf-acme-email-smime-10
Hilarie Orman <hilarie@purplestreak.com> Thu, 05 November 2020 22:54 UTC
Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9D953A010A; Thu, 5 Nov 2020 14:54:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ldeaNc_Y2QT; Thu, 5 Nov 2020 14:54:22 -0800 (PST)
Received: from out01.mta.xmission.com (out01.mta.xmission.com [166.70.13.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D78F83A0100; Thu, 5 Nov 2020 14:54:21 -0800 (PST)
Received: from in01.mta.xmission.com ([166.70.13.51]) by out01.mta.xmission.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from <hilarie@purplestreak.com>) id 1kao96-00B8jT-II; Thu, 05 Nov 2020 15:54:20 -0700
Received: from [166.70.232.207] (helo=rumpleteazer.rhmr.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from <hilarie@purplestreak.com>) id 1kao95-0003sD-SL; Thu, 05 Nov 2020 15:54:20 -0700
Received: from rumpleteazer.rhmr.com (localhost [127.0.0.1]) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id 0A5MpL0J029186; Thu, 5 Nov 2020 15:51:21 -0700
Received: (from hilarie@localhost) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Submit) id 0A5MpKUR029185; Thu, 5 Nov 2020 15:51:20 -0700
Date: Thu, 05 Nov 2020 15:51:20 -0700
Message-Id: <202011052251.0A5MpKUR029185@rumpleteazer.rhmr.com>
From: Hilarie Orman <hilarie@purplestreak.com>
Reply-To: Hilarie Orman <hilarie@purplestreak.com>
To: iesg@ietf.org, secdir@ietf.org
Cc: draft-ietf-acme-email-smime.all@ietf.org
X-XM-SPF: eid=1kao95-0003sD-SL; ; ; mid=<202011052251.0A5MpKUR029185@rumpleteazer.rhmr.com>; ; ; hst=in01.mta.xmission.com; ; ; ip=166.70.232.207; ; ; frm=hilarie@purplestreak.com; ; ; spf=none
X-XM-AID: U2FsdGVkX1/HIK1GzhHhQryZ5q/XHsl2
X-SA-Exim-Connect-IP: 166.70.232.207
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: ******;iesg@ietf.org, secdir@ietf.org
X-Spam-Relay-Country:
X-Spam-Timing: total 436 ms - load_scoreonly_sql: 0.04 (0.0%), signal_user_changed: 11 (2.5%), b_tie_ro: 9 (2.2%), parse: 0.69 (0.2%), extract_message_metadata: 16 (3.6%), get_uri_detail_list: 0.78 (0.2%), tests_pri_-1000: 6 (1.4%), tests_pri_-950: 1.89 (0.4%), tests_pri_-900: 1.48 (0.3%), tests_pri_-90: 107 (24.6%), check_bayes: 104 (23.9%), b_tokenize: 9 (2.0%), b_tok_get_all: 8 (1.9%), b_comp_prob: 2.1 (0.5%), b_tok_touch_all: 78 (17.9%), b_finish: 1.98 (0.5%), tests_pri_0: 274 (62.8%), check_dkim_signature: 1.70 (0.4%), check_dkim_adsp: 34 (7.8%), poll_dns_idle: 22 (5.0%), tests_pri_10: 2.1 (0.5%), tests_pri_500: 13 (2.9%), rewrite_mail: 0.00 (0.0%)
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/tmOfwFJWYBhhHXisypjv0fiDfAc>
Subject: [secdir] Security review of draft-ietf-acme-email-smime-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Nov 2020 22:54:23 -0000
Security review of Extensions to Automatic Certificate Management Environment for end-user S/MIME certificates draft-ietf-acme-email-smime-10 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. This is much improved over the -8 version, and it is, in my opinion, READY. Hilarie
- [secdir] Security review of draft-ietf-acme-email… Hilarie Orman