[secdir] SECDIR review of draft-melnikov-smtp-priority-09

Chris Lonvick <clonvick@cisco.com> Mon, 12 March 2012 01:05 UTC

Return-Path: <clonvick@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3592C21F8547; Sun, 11 Mar 2012 18:05:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.399
X-Spam-Level:
X-Spam-Status: No, score=-109.399 tagged_above=-999 required=5 tests=[AWL=1.200, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kQLkajpJ4-SP; Sun, 11 Mar 2012 18:05:25 -0700 (PDT)
Received: from mtv-iport-3.cisco.com (mtv-iport-3.cisco.com [173.36.130.14]) by ietfa.amsl.com (Postfix) with ESMTP id 0E51821F852A; Sun, 11 Mar 2012 18:05:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=clonvick@cisco.com; l=751; q=dns/txt; s=iport; t=1331514321; x=1332723921; h=date:from:to:subject:message-id:mime-version; bh=XhWCgEjfYqt5Xb4t7Gm0dc7Ccz1Ms2n0XraV9VLDBRo=; b=POVDj45TyFYSoJym8yA/nefb9+Ub+yQF3kuoXowglb0xpIspNhUwd+nj gtTU7mXZ8VqTmhhhXHYBsi8ZOuyyUscivp+DUOvjmwYi0QTYCF4P90LNs Xo2IJkGuIFAheRAH9IjuA5DhtbFy/yPayyUqjUDldZ5r9apAPdxR28dGK 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhgIANFKXU+rRDoG/2dsb2JhbABCpDIBkROBB4IiASUCgX40h2ebXgGdbZEBBIhUnRuDAw
X-IronPort-AV: E=Sophos;i="4.73,568,1325462400"; d="scan'208";a="33067245"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by mtv-iport-3.cisco.com with ESMTP; 12 Mar 2012 01:05:21 +0000
Received: from sjc-cde-021.cisco.com (sjc-cde-021.cisco.com [171.69.20.56]) by mtv-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2C15KS6031045; Mon, 12 Mar 2012 01:05:20 GMT
Date: Sun, 11 Mar 2012 18:05:20 -0700
From: Chris Lonvick <clonvick@cisco.com>
To: iesg@ietf.org, secdir@ietf.org, draft-melnikov-smtp-priority.all@tools.ietf.org
Message-ID: <Pine.GSO.4.63.1203111234320.12024@sjc-cde-021.cisco.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Subject: [secdir] SECDIR review of draft-melnikov-smtp-priority-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 01:05:26 -0000

Hi,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Overall, the proposal to insert a MT-PRIORITY header appears reasonable. 
I don't think that it opens any security threats that are not noted in the 
document.

I am concerned that this feature can disrupt the DKIM protection as noted 
in section 11.1.  I see the problem here and I can't offer any suggestions 
to fix that.  I think that the authors have done well to document this.

Thanks,
Chris