IETF Logo Mail Archive

Re: [lamps] Draft addition of header protection to the LAMPS charter

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 04 January 2019 16:35 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E31C130E33 for <spasm@ietfa.amsl.com>; Fri, 4 Jan 2019 08:35:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pKOECVRQ3rGd for <spasm@ietfa.amsl.com>; Fri, 4 Jan 2019 08:35:30 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BB49130E30 for <spasm@ietf.org>; Fri, 4 Jan 2019 08:35:30 -0800 (PST)
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 3BD63F99B; Fri, 4 Jan 2019 11:35:27 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 4DD3B203C1; Fri, 4 Jan 2019 11:35:26 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: John Levine <johnl@taugh.com>, spasm@ietf.org
Cc: bernie@ietf.hoeneisen.ch
In-Reply-To: <20190104012415.AA6C3200C425F9@ary.qy>
References: <20190104012415.AA6C3200C425F9@ary.qy>
Date: Fri, 04 Jan 2019 11:35:22 -0500
Message-ID: <87h8eonzxx.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/13fW9WWGXNtOBfg6oga1rpoXei4>
Subject: Re: [lamps] Draft addition of header protection to the LAMPS charter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2019 16:35:32 -0000

On Thu 2019-01-03 20:24:15 -0500, John Levine wrote:
> In article <alpine.DEB.2.20.1901032153560.13542@softronics.hoeneisen.ch> you write:
>
>>I think we need to include what's the current situation with this 
>>issue, in particular mention that there is a solution in on Standards 
>>Track already (RFC5751). How about something like this:

Bernie, thanks for your proposed change.  The second revision of your
text looks fine to me.  It is certainly "not widely implemented" --
iirc, there was only one implementation of it anywhere last i looked.

FWIW, i lean in Bernie's direction as far as "somewhat underspecified"
because the specification does lead to significant usability gaps (as
identified later in the proposed charter text) due to lack of guidance
about how a receiving MUA should interpret conflicting headers on the
inside and outside of the message's cryptographic envelope ("This entity
SHOULD be presented as the top-level message, taking into account header
merging issues as previously discussed." -- but with no mention of
"merging" anywhere else in the document).

This isn't so much a UI issue (which would be out of scope, as Russ
says) as it is an open semantic question, and i do think that's within
scope here.

> If we're adding references to the charter which seems to me a
> premature optimization, add RFC 6376, which is a well-specified
> mechanism for full-message signatures, too.

John, would you be ok with leaving out RFC 6376 (DKIM) if we changed the
charter text to say "end-to-end cryptographic protection" instead of
just "cryptographic protection"?  is DKIM ever used by the sender
themselves, instead of by the domain itself (for example, with a
user-specific selector)?

I'm not sure that the charter text is a good place for such a catalog,
though perhaps these references could show up in a "related mechanisms"
section of the resultant document.

         --dkg

v2.23.0 | Report a Bug | By Email