RE: Request change in son-of-rfc2633
"Blake Ramsdell" <blake@brutesquadlabs.com> Tue, 28 October 2003 03:05 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA05191 for <smime-archive@lists.ietf.org>; Mon, 27 Oct 2003 22:05:20 -0500 (EST)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9S2PdI7087433 for <ietf-smime-bks@above.proper.com>; Mon, 27 Oct 2003 18:25:39 -0800 (PST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.10/8.12.9/Submit) id h9S2Pddi087432 for ietf-smime-bks; Mon, 27 Oct 2003 18:25:39 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from brutesquadlabs.com (gtec136-m.isomedia.com [207.115.67.136] (may be forged)) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9S2PdI7087425 for <ietf-smime@imc.org>; Mon, 27 Oct 2003 18:25:39 -0800 (PST) (envelope-from blake@brutesquadlabs.com)
Received: from DEXTER ([192.168.0.12]) by brutesquadlabs.com with ESMTP ; Mon, 27 Oct 2003 18:25:36 -0800
From: Blake Ramsdell <blake@brutesquadlabs.com>
To: 'Peter Gutmann' <pgut001@cs.auckland.ac.nz>, jimsch@exmsft.com
Cc: ietf-smime@imc.org
Subject: RE: Request change in son-of-rfc2633
Date: Mon, 27 Oct 2003 18:25:36 -0800
Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAARMPfbnbp50SwK3EZjypY2MKAAAAQAAAAnfu9eZQaI0aFean4ClC8KAEAAAAA@brutesquadlabs.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2627
In-Reply-To: <200310280212.h9S2CPq01616@cs.auckland.ac.nz>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Importance: Normal
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit
> -----Original Message----- > From: Peter Gutmann [mailto:pgut001@cs.auckland.ac.nz] > Sent: Monday, October 27, 2003 6:12 PM > To: blake@brutesquadlabs.com; jimsch@exmsft.com; > pgut001@cs.auckland.ac.nz > Cc: ietf-smime@imc.org > Subject: RE: Request change in son-of-rfc2633 > > The problem is that taking one or the other view changes a > simple "You've used > the wrong cert" (or "Cert to verify this isn't available") to > "An attacker is > modifying your messages!", which will cause very different > reactions in users. Yeah, I'm with you, so the "discuss the implications of this" that I mentioned would need to cover behavior when presented with multiple certificates with the same SKI. Something like: "When looking up certificates using the subjectKeyIdentifier field, S/MIME agents MUST be prepared to handle multiple certificates that have the same subjectKeyIdentifier value gracefully." No, that needs a lot of work. I'll call him a "strawman". Blake
- Request change in son-of-rfc2633 Jim Schaad
- Re: Request change in son-of-rfc2633 Russ Housley
- Re: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Peter Gutmann
- Re: Request change in son-of-rfc2633 Steve Hanna
- RE: Request change in son-of-rfc2633 Santosh Chokhani
- Re: Request change in son-of-rfc2633 Peter Gutmann
- Re: Request change in son-of-rfc2633 Peter Gutmann