RE: I-D ACTION:draft-santesson-smime-scext-00.txt
"Stefan Santesson" <stefans@microsoft.com> Thu, 02 September 2004 00:37 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA20149 for <smime-archive@lists.ietf.org>; Wed, 1 Sep 2004 20:37:40 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id i820DeHM019834; Wed, 1 Sep 2004 17:13:40 -0700 (PDT) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id i820DeLH019833; Wed, 1 Sep 2004 17:13:40 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from mail-eur1.microsoft.com (mail-eur1.microsoft.com [213.199.128.139]) by above.proper.com (8.12.11/8.12.9) with ESMTP id i820DdCP019823 for <ietf-smime@imc.org>; Wed, 1 Sep 2004 17:13:39 -0700 (PDT) (envelope-from stefans@microsoft.com)
Received: from EUR-MSG-03.europe.corp.microsoft.com ([65.53.192.44]) by mail-eur1.microsoft.com with Microsoft SMTPSVC(6.0.3790.0); Thu, 2 Sep 2004 01:13:30 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Subject: RE: I-D ACTION:draft-santesson-smime-scext-00.txt
Date: Thu, 02 Sep 2004 01:13:28 +0100
Message-ID: <0C3042E92D8A714783E2C44AB9936E1D01359547@EUR-MSG-03.europe.corp.microsoft.com>
Thread-Topic: I-D ACTION:draft-santesson-smime-scext-00.txt
Thread-Index: AcSQUqHHTFBj49s+Q0K92GaVLngDJgAKo4Og
From: Stefan Santesson <stefans@microsoft.com>
To: Tony Capel <capel@comgate.com>, ietf-smime@imc.org
X-OriginalArrivalTime: 02 Sep 2004 00:13:30.0053 (UTC) FILETIME=[ACFB0750:01C49081]
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id i820DeCP019828
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 8bit
Tony, In-line; > -----Original Message----- > From: Tony Capel [mailto:capel@comgate.com] > Sent: den 1 september 2004 20:37 > To: ietf-smime@imc.org; Stefan Santesson > Cc: 'Anders Rundgren' > Subject: RE: I-D ACTION:draft-santesson-smime-scext-00.txt > > Stefan: > > I am also concerned about requiring that the sMIMECapabilities be in the > certificate itself, although I agree that something to help get initial > sMIMECapabilities is required. [Stefan] This is a fundamental misunderstanding. I do certainly not propose that sMIMECapabilities should be REQUIRED in certs. This is an option for the many cases where this is useful, makes sense and is compatible with the organizational structure it is used. So we don't need to prove that it is useful for all certificates and all use cases. We only need to prove that it is useful enough and that its use is not creating problems for those for which it doesn't make any sense. > > Jim Schaad's "Certificate Distribution Specification" expired draft > (draft-ietf-smime-certdist-05.txt) touched on this as well. > [Stefan] I'm sorry, I don't have this draft. > If sMIMECapabilities is bound to the certificate, certificates may need to > be > re-issued more frequently (when capabilities information is changed). > This will > create additional work for the CA, and CRLs will inevitably increase in > size > (these are bad things). (Correct me if I am wrong: If the capabilities > for an > organization changes, all of the certs will need to be reissued!) [Stefan] As you mention below, the act to put sMIMECapabilities is more of a policy enforcement act and as such it doesn't differ from many other aspects of certificates. You can compare with the case where the certificate policy gets updated, changed or a new certificate policy must be added to all certificates. If your policy in this matter is subject to change on a frequent basis in a way that needs to be immediately populated you need to handle and plan for this. You may the conclude that you don't want to put sMIMECapabilities in your certs. Renewal doesn't however necessarily mean that old certificate must be revoked and some PKI implementations actually allow enforced silent renewal of all certificate in an organization to all users at the cost of just a few clicks in the administrational GUI. This must in the end be compared with the case where an initial exchange takes place and the sender has NO knowledge about the recipient, then it will need to fall back to the default configuration in the senders application which in many cases is 40-bit encryption. > > Also since the certificate is signed by the CA, sMIMECapabilities in this > proposal is signed by the CA and not the end-entity (as in existing > method). > This may sometimes be beneficial since it allows the CA to have added > control > over the use of algorithms and key lengths. The change from the end-user > signing to the CA signing has security implications and should be noted* > (possibly in the security section). [Stefan] We agree here. It is important to clearly guide that user signed sMIMECapabilities should have precedence over capabilities carried in certs. The capabilities in certs are only meant to be the last resource of guidance before falling back to the default configuration in the sender's application. > > Some of the issues could be addressed by allowing the use of a dynamic > method as > well. One or more methods could be specified, XKMS + DNS, LDAP, and/or > HTTP for > example. One available method could be an "immediate" method, allowing > those > CAs who do not mind putting sMIMECapabilities within their certificates to > do so > (as currently proposed). > [Stefan] I men that it is very important to use the same structure and attribute format as when this same information is carried in a S/MIME signed message. This way we can preserve the same logic for capabilities in certificates and in signed messages and thus switch to the use of capabilities in signed messages as soon as this is available for the sender. > > I also wonder how many cases there are when only the sMIMECapabilities is > required (and not certificates & paths as well). [Stefan] S/MIME is based on the use of certificates. If you have any case where you don't have a certificate then this feature does not apply to you. If you don't have a > certificate, an extension won't help (you need certificates and > sMIMECapabilities both). If you have a certificate from a previous > message you > likely also received the sMIMECapabilities in a SignerInfo. If you > obtained the > certificate using LDAP or some other means you might logically but > arguably > expect to access the sMIMECapabilities the same way. If your software > threw > away the S/MIME capabilities (rather than caching them like the > certificate) > adding them to the certificate is a peculiar way to fix the software! [Stefan] I think this is a misunderstanding of the spec. You would use the capabilities from the signed message if you have one. You only use the capabilities in the certificate if you don't have any other data to use. > Also of > course for dual keypair systems, there may be situations where you have > the > signing certificate but not the encryption one, in which case you want > both > sMIMECapabilities and the encryption cert - and I hope the proposal is not > to > embed the encryption cert inside the signing cert!!! [Stefan] You are right, that is absolutely NOT the proposal. sMIMECapabilities only makes sense in encryption certs to be used by the sender of an encrypted message. > > So maybe the method used to get sMIMECapabilities should also be able to > return > the certificates & paths - to make it more generally useful - in which > case Jim > Schaad's proposal - and allowing any dynamic access method including XKMS > + DNS, > LDAP, HTTP, . - may be worth another look. > [Stefan] I don't agree. We should not overload this function. Just complement the use of the same attribute in signed messages. > Sorry for the long winded reply. But an easier method to get certs, paths > and > sMIMECapabilities is needed. > [Stefan] No problem. I hope my answers make sense. > Tony > > > * This may also include a discussion about using values provided in > certificates > in preference to values obtained by other means (e.g. when both a > certificate > and the SignerInfo contain sMIMECapabilities). For example, the first > paragraph > of Section 3 in the current proposal may not always be correct: the > sMIMECapabilities list signed by the CA (e.g. provided in a certificate) > may be > more trusted than the list provided in a message even if it appears the > message > was more recent. In some applications the increased trust (or more > correctly, > the increased authority of the signor) may take preference. > > > > | -----Original Message----- > | From: owner-ietf-smime@mail.imc.org > | [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Anders Rundgren > | Sent: August 12, 2004 4:35 AM > | To: ietf-smime@imc.org > | Subject: Re: I-D ACTION:draft-santesson-smime-scext-00.txt > | > | > | > | I have no comments on the "design" in this draft. > | > | However, I seriously question the idea to put client software > | capabilities in certificates. > | > | Why? > | - because issuers may not have this information > | - because users may have multiple clients > | - because static solutions are limiting > | > | If we begin to use dynamic methods like XKMS + DNS to find > | public keys of recipients, SCEXT represents a step in another > | direction. > | > | Due to the limited utility of true end-to-end encryption in > | corporate environments (the DOMSEC RFC shows a few good > | reasons to that), as well as the de-facto use of the web as a > | distribution medium for e-government purposes (which is a > | much easier solution than S/MIME), I believe that Microsoft > | should focus on making a gateway e-mail standard a reality > | rather than patching a system that never will play a major > | role and actually mostly creates problems for end-users and > | system administrators. > | > | Anders > | > | >
- I-D ACTION:draft-santesson-smime-scext-00.txt Internet-Drafts
- Re: I-D ACTION:draft-santesson-smime-scext-00.txt Anders Rundgren
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Tony Capel
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Tony Capel
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- Re: I-D ACTION:draft-santesson-smime-scext-00.txt Denis Pinkas
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- Re: I-D ACTION:draft-santesson-smime-scext-00.txt Denis Pinkas
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Tony Capel
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Tony Capel
- RE: I-D ACTION:draft-santesson-smime-scext-00.txt Stefan Santesson
- Static vs Dynamic sMIMECapabilities draft(s) Sean P. Turner
- RE: Static vs Dynamic sMIMECapabilities draft(s) Tony Capel
- Re: Static vs Dynamic sMIMECapabilities draft(s) Sean P. Turner