Re: [secdir] Secdir review of draft-baker-ietf-core-03.txt

Steven Bellovin <smb@cs.columbia.edu> Sat, 21 November 2009 17:03 UTC

Return-Path: <smb@cs.columbia.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A29F33A69A0; Sat, 21 Nov 2009 09:03:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id umW5rpMSa6mY; Sat, 21 Nov 2009 09:03:11 -0800 (PST)
Received: from tarap.cc.columbia.edu (tarap.cc.columbia.edu [128.59.29.7]) by core3.amsl.com (Postfix) with ESMTP id 94E6B3A6906; Sat, 21 Nov 2009 09:03:11 -0800 (PST)
Received: from [192.168.2.182] (74-92-112-54-Philadelphia.hfc.comcastbusiness.net [74.92.112.54]) (user=smb2132 mech=PLAIN bits=0) by tarap.cc.columbia.edu (8.14.3/8.14.3) with ESMTP id nALH34p3007857 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sat, 21 Nov 2009 12:03:05 -0500 (EST)
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset=windows-1252
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <D80EDFF2AD83E648BD1164257B9B0912082E2E08@TK5EX14MBXC115.redmond.corp.microsoft.com>
Date: Sat, 21 Nov 2009 12:03:04 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <988E4A1D-518B-467F-97A1-3087CE6D071A@cs.columbia.edu>
References: <D80EDFF2AD83E648BD1164257B9B0912082E2E08@TK5EX14MBXC115.redmond.corp.microsoft.com>
To: Charlie Kaufman <charliek@microsoft.com>
X-Mailer: Apple Mail (2.1077)
X-No-Spam-Score: Local
X-Scanned-By: MIMEDefang 2.65 on 128.59.29.7
Cc: "fred@cisco.com" <fred@cisco.com>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-baker-ietf-core-03.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Nov 2009 17:03:12 -0000

On Nov 20, 2009, at 11:41 PM, Charlie Kaufman wrote:

>  
> Section 3.1.4: I’d be surprised if S/MIME was originally an extension to SMTP. Even when S/MIME was PEM, it was largely transport independent (and designed to pass over X.400, which was a contender in those days). S/MIME – and more generally CMS – is not really a networking protocol at all. It is designed to protect data at rest. I can take a CMS protected file and send the pile of bits to you by floppy disk or paper tape. Years later, if you can still read the media, you can still process it. It’s a tough call whether it is an Internet Core Protocol. It’s certainly an important IETF protocol.

That section is incorrect in several respects, in my opinion.  First, S/MIME doesn't protect "SMTP Mail", in my opinion, since to me "SMTP" is referring to the 821/2821/5321 parts of the protocol.  S/MIME is more for the 822/2822/5322 parts.  More precisely, S/MIME is a way to put in security at the MIME layer (references omitted), which in turn extend 822/2822/5322.  The distinction is important because HTTP uses MIME but not SMTP.  (It could have used S/MIME, but that's a separate wistful thread.)  Second, it's an interesting question if CMS should be mentioned separately -- you can't do S/MIME without CMS.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb