Re: [lamps] Review comment from the AD
Jim Schaad <ietf@augustcellars.com> Thu, 28 September 2017 14:58 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1D7513474D for <spasm@ietfa.amsl.com>; Thu, 28 Sep 2017 07:58:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DgJquc-bONRK for <spasm@ietfa.amsl.com>; Thu, 28 Sep 2017 07:58:54 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 121C6134744 for <spasm@ietf.org>; Thu, 28 Sep 2017 07:58:54 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1506610687; h=from:subject:to:date:message-id; bh=d/k1bjHjHTppO/RMZwktvEhSn1+SeWc++8AUTZyKUoE=; b=N8x3pIPjMpfhNwArHwYx0S5MyR3d9efseG61xfFa5esPgKinqMWqwh4TlYUU0+blzJdP73JPTdG D69cUs4dA3G2YxRW0j3AjZ9Py0iZ1m0d+uPEumETnLwbA5Zd8CF1UNnGRSHV08LOby9HYnX+Ei5Kh 4qupzYHPBE7x8lMNtmMxWORFBvsDAGMPW5I5h71kW8PA4wpNZsXTFzRsYbOeVUDVPVRLxmo6TrCUr KddXAjw+KBQj/4Y0VYJoVimVas9g+DArHn/r+WlUkJKEfJr1uflld9F780c6f7+nWHS2uak4HpXU4 6fvET97nQQUWlFK8l79kIETvg+kSJZO3SxqA==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Thu, 28 Sep 2017 07:58:06 -0700
Received: from Hebrews (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Thu, 28 Sep 2017 07:58:02 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Russ Housley' <housley@vigilsec.com>
CC: 'SPASM' <spasm@ietf.org>
References: <024101d337c0$2069f5e0$613de1a0$@augustcellars.com> <6EC17286-BCA3-4C56-80A6-EEA8279ED5D6@vigilsec.com> <025901d337dc$917e6970$b47b3c50$@augustcellars.com> <7D7852CB-EF22-425C-8256-591437400325@vigilsec.com>
In-Reply-To: <7D7852CB-EF22-425C-8256-591437400325@vigilsec.com>
Date: Thu, 28 Sep 2017 07:58:45 -0700
Message-ID: <02a201d3386a$49f61830$dde24890$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQFqoV8vTefs2ccFBFEHtScvSvY/6QIgZvajAgAg/7MCNfQeC6No3c1A
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/0-naSY4SSjzXlKPKyv5rNfZ2KOQ>
Subject: Re: [lamps] Review comment from the AD
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Sep 2017 14:58:58 -0000
That would only be true if you checked the most recent CA rather than the one issued at the time in the message. Jim > -----Original Message----- > From: Russ Housley [mailto:housley@vigilsec.com] > Sent: Thursday, September 28, 2017 7:32 AM > To: Jim Schaad <ietf@augustcellars.com> > Cc: SPASM <spasm@ietf.org> > Subject: Re: [lamps] Review comment from the AD > > Jim: > > The CA that issued the certificate to the TSA should revoke that certificate if > the TSA is compromised. So, I think that the revocation checking on the TSA > certification path is enough. > > Russ > > > > On Sep 27, 2017, at 6:04 PM, Jim Schaad <ietf@augustcellars.com> wrote: > > > > Yes, but if the time-stamp authority has been compromised, then it is > > no longer a good authority. So perhaps some extra guidance is needed > > about doing two checks or something. > > > > Jim > > > > > > > >> -----Original Message----- > >> From: Russ Housley [mailto:housley@vigilsec.com] > >> Sent: Wednesday, September 27, 2017 11:56 AM > >> To: Jim Schaad <ietf@augustcellars.com> > >> Cc: SPASM <spasm@ietf.org> > >> Subject: Re: [lamps] Review comment from the AD > >> > >> I think this text was supposed to say that SigningTime is the clock > >> value > > of the > >> signer, which might be very wrong. One might rely on a time-stamp > >> authority [RFC3161], if there is a valid attribute from one in the > > message. > >> Otherwise, the time that the message arrived in your mailbox is the > >> best guess that you have. > >> > >> Russ > >> > >> > >>> On Sep 27, 2017, at 2:40 PM, Jim Schaad <ietf@augustcellars.com> > wrote: > >>> > >>> I have one review comment from EKR on rfc5750bis that I am not sure > >>> what to do with. > >>> > >>> The following paragraph from Section 6 - Security Considerations > >>> > >>> When determining the time for a certificate validity check, agents > >>> have to be careful to use a reliable time. Unless it is from a > >>> trusted agent, this time MUST NOT be the SigningTime attribute found > >>> in an S/MIME message. For most sending agents, the SigningTime > >>> attribute could be deliberately set to direct the receiving agent to > >>> check a CRL that could have out-of-date revocation status for a > >>> certificate, or cause an improper result when checking the Validity > >>> field of a certificate. > >>> > >>> The problem is two-fold: > >>> 1. Should the definition of trusted agent be expanded to be more > >>> clear, and 2. Should that sentence just be deleted because, even if > >>> it is a trusted agent, a compromised key is going to be able to lie > >>> about > > the > >> time anyway. > >>> > >>> My memory was that this text was supposed to deal with things like > >>> time-stamp agents where the time was significant, but it could be > wrong. > >>> > >>> Jim > >>> > >>> > >>> _______________________________________________ > >>> Spasm mailing list > >>> Spasm@ietf.org > >>> https://www.ietf.org/mailman/listinfo/spasm > > > > > > _______________________________________________ > > Spasm mailing list > > Spasm@ietf.org > > https://www.ietf.org/mailman/listinfo/spasm
- [lamps] Review comment from the AD Jim Schaad
- Re: [lamps] Review comment from the AD Russ Housley
- Re: [lamps] Review comment from the AD Jim Schaad
- Re: [lamps] Review comment from the AD Russ Housley
- Re: [lamps] Review comment from the AD Jim Schaad