IETF Logo Mail Archive

Re: [lamps] Éric Vyncke's No Objection on draft-ietf-lamps-samples-07: (with COMMENT)

"Brown, Wendy (10421)" <wendy.brown@protiviti.com> Thu, 03 February 2022 12:37 UTC

Return-Path: <wendy.brown@protiviti.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45FC63A158D for <spasm@ietfa.amsl.com>; Thu, 3 Feb 2022 04:37:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=protiviti.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MImFUf05L2aW for <spasm@ietfa.amsl.com>; Thu, 3 Feb 2022 04:37:32 -0800 (PST)
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2043.outbound.protection.outlook.com [40.107.92.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F9733A1588 for <spasm@ietf.org>; Thu, 3 Feb 2022 04:37:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cUtVWrwXMBQJ4Jy5e5gQpp4AxnxeJuJImt8PHQqq56124mGY85tUYw+ok3XlCYGInW8hTgCfngQ0c4b7xJNzzznd+Y1iN3HoZxnAR7LZ2/XoRk27ChEXeS+2oqj+IIllKR0mAfujwX1KUQiflkPcooyT5o+UrewNizfkUKV+m/ZO6/szDc5MItoaLpGUOlFOl3W/2A+MWM7dKeWhr232mBm98YSIej/AKrptKbNLkqzYF20UyvBJk19SSMDGY8pNJ4KBeX1j42YmY56Md1oxEUd87yRekq4OISFNHoa4UxDTs8lglUFogyXUCaBPYXmw+t0+3LJ7jFY+uqDOlSbzAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ls0U3Iesk6aDi4WtdhBdi1Lj/djRlqKZqYPP8fe+UQI=; b=dEuYkB/7LgFSm0YdDVNOT8+on9q/KxfPbWd5b1npWyxA1NmbgmkIacVXPoQB3A396hvtjfCZ5dBuh4xhQ+LUzgZJ4kvwC/sAFa7qLgKV7lFsBdEYy04G1C+RyLVWUoMKdPPDNdXzQ+a8U7HVX35zkULsrXUk9ZW8pUe3whnRsscUv9a7S6cnAjDqSSzhnVpd6q2z7/3LPsPst3YeHVBJnsJLPdOOyQdh55TbPsxTPJQ+o9fDpFz/2+B6rVyFtHHq9934PXfffCcKtq1HLGCLUbgTC4DdUXKNvULkwXs4JJqCXgUceMgWxlxduKOtWp7raqhdS5BteQP87qmO3qQVyQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protiviti.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ls0U3Iesk6aDi4WtdhBdi1Lj/djRlqKZqYPP8fe+UQI=; b=6UtQ5dwj3olwCjNjQz8eJDSngpD1Hq18483Tn1TzDfszYtWC/mFs2GyNWwHwMdSldmH7ZRzy3NfEOiB4cxxRkklaTgDj+CmwqVl4uwv6dxgpyT3YSY5tqVOPMFEHxn2oZo6fK/6p2PQbQlaPXVRVNw6p31Lee4gDzLiGyD8xVTo=
Received: from SA1PR03MB6626.namprd03.prod.outlook.com (2603:10b6:806:1c9::21) by CO1PR03MB5794.namprd03.prod.outlook.com (2603:10b6:303:9d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.12; Thu, 3 Feb 2022 12:37:30 +0000
Received: from SA1PR03MB6626.namprd03.prod.outlook.com ([fe80::e1b3:99ce:2e47:d70a]) by SA1PR03MB6626.namprd03.prod.outlook.com ([fe80::e1b3:99ce:2e47:d70a%3]) with mapi id 15.20.4951.012; Thu, 3 Feb 2022 12:37:29 +0000
From: "Brown, Wendy (10421)" <wendy.brown@protiviti.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, Russ Housley <housley@vigilsec.com>
CC: LAMPS <spasm@ietf.org>
Thread-Topic: [lamps] Éric Vyncke's No Objection on draft-ietf-lamps-samples-07: (with COMMENT)
Thread-Index: AQHYGMTJ+S9PH0xfJEOMUhYHXfOoWqyBwy5w
Date: Thu, 03 Feb 2022 12:37:29 +0000
Message-ID: <SA1PR03MB6626DA4E54A0884EB3375DAEEE289@SA1PR03MB6626.namprd03.prod.outlook.com>
References: <164121362047.8756.3046187711723091521@ietfa.amsl.com> <87iltxm232.fsf@fifthhorseman.net> <BN0P110MB141942ABD162C393D21FAC2990279@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM> <84DFE375-B0F5-400E-A9B5-B262575288F4@vigilsec.com> <BN0P110MB14193C8DDC7CA647B315580190279@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM> <FFC0F164-E951-4FA8-B0D4-D5FDE68D7522@vigilsec.com> <4ED0C69D-AE63-45BD-919A-42F3A31198C8@ll.mit.edu> <874k5gmqi4.fsf@fifthhorseman.net>
In-Reply-To: <874k5gmqi4.fsf@fifthhorseman.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_Enabled=true; MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_SetDate=2022-02-03T12:34:16Z; MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_Method=Standard; MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_Name=General-PRO; MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_SiteId=16532572-d567-4d67-8727-f12f7bb6aed3; MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_ActionId=71330c22-b998-45e6-aaf5-e57baf53e1c4; MSIP_Label_da623df2-7a25-4a8f-b59b-3a3459c1375f_ContentBits=0
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=protiviti.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8c4dfff0-d3e2-468c-e160-08d9e711f15a
x-ms-traffictypediagnostic: CO1PR03MB5794:EE_
x-microsoft-antispam-prvs: <CO1PR03MB5794AB20945E0251295C9F28EE289@CO1PR03MB5794.namprd03.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:1751;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: W+t4IFqkMLH+XGtC/VfCGd1KdARX5a1OKR5BnOOoaAb2ufcZs1DJfsxC2vzRy5WLYqd/PYy71xOEtKQ2cMX88+81ISGxZ7dtWV6XYNEjEgzdTyZN/pK269qoMT30dsrsYcNKS6qzRcwxGuqZJJcf0vlQD1yk8TeBTX096LFo9Yh7F/7dJ9GpjHLHhl+LqD612ko2+Uk4eB03Hld7uRKaHBfy75VXnJzpgOOErNmTGCnR9TdCsigTJSR3FojEIL5C3iBzA8bP8moph1ZkXNzY9yIKs5epPGl/cfydypqHCmA4tEIBOgnvVfmS7xxyXyrKTr7BGwt2nfYyv/hDnY8dIQrZMKh8TM6zzAmYJ7BeTuMJGopzUAu/ctoZL2q2xieqCvNUzKJB2183NsiwJdDqQM1y0bCj48RejrWU2T3ao8SXhT91I9I+ia5uj/7umNr1OUMo/wVoLVdDbOPmp6aFL1xBRZbBooQ0Tfd7A4YtS95Z+gDJxWNNXWhtD9KMFP+56zhqVZj4Bs5933dMSlceTxmZmaMgs2kEl+HGHYY0ajX4ALHv2cLvthGoNANE0of5+vHJOSR/r3L5RXhjadMPLrBRgt5y3lvn+y4nvRJ2PO/xdZ/z5NJxKatmJXvC15E3gvShC4ssxS20v7BXFCXuDUIuoRw3T0A+Q2FT8Dzb8eNeT0yyfxcnB0r8W3+kMqNCqOgB/3201hh4CFUwC4R9FQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR03MB6626.namprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(64756008)(66446008)(66556008)(66476007)(66946007)(4326008)(8936002)(76116006)(86362001)(122000001)(5660300002)(52536014)(99936003)(110136005)(38070700005)(2906002)(316002)(508600001)(186003)(53546011)(83380400001)(38100700002)(55016003)(45080400002)(71200400001)(9686003)(224303003)(7696005)(33656002)(6506007)(26005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jK6BxIswb1a2B9yVrlQQLhaNkirX2Yr2q0JUia/pcEKqE0BSYovZRAPVGgNLqVGTz92xkH/sb10DFwsvr+I8WEqn3gM0GVSXBf8kfeN4Stpa+/aaTewQszamGp2UW2kiR7L5VqH71cJjdYgU3++lAuxumVTXEzmmEN8MHleawoYeScPSj7gh6o01FJ5sp+TR1BV9tUqiKcISEKKVXeqC5TH5JMcRPU4IuzznsUscYmvzqwsNDkVfaMujBcEr4OAFZAxhUEI3Jzw8IMFnkj8cMc+AtYgd2PcehNVXy3J0Kao2oZwOXEHgY3AsJDAZyEnHyQTReDq7Yp9514lMCg2PjLOGtEQsXdP5XppuIGkch0F/XqZnnf7xPApfQUCGGZ4gsXecPFpHANAi2ijOV8GbMJBvTBf99tUmTe3QxC59RnOxb/j87AvWon1p84Q0QIIAD8h+seZJbPplMpFOYrCJNvmOTpHCQ6ywj2uok2jTENqKE++yBD0twnntAvaUywsw6AmsJM9dQXSjU8x/ENtnQzREwuMHFQg0/dtOch/z5zvbLQoc4PPAXln982PXwhSr3CZG5llt8C3sUnJVGOsCvjept5+12DJiok4Q/xKhOD4jn1wQuRJqJrUs8dtflgpX3MS9gikV6oglVWsdz18rULRz+hPFEmvCgF57rK7XFF45kjlE+tIpl0QifC6bgyJGw72wn5LfIjJiHfwV98ehz9cOVXU8fGG5ge5Idpi0E0ytTipZgefwR6Kl4b4ibRmsXSIZtnsZ/gCSTtPs+eKza5C6v8Fg2xpjtnKMlOHujJeozH5JqmDjEK2VRDaUaHn1LjxLBjpciedYgSII8RkGtTrLChjZS5HQ8IsSEokSmMjJPqPp5aIrl6n7XlzR4zgILGxb0bU/zuFeODpWTJYjEN00YMoehSQcNKWevwnPaOHNQ/Uro0ZjjeGudObyMxq6/kMrXuQLjM4FnmKk/KLaTLdFivXXGA5/2JkW4oBN6eEa4pSzdWnX+p1JuXPvWzwfhGQ801gVBmJadgle1UA3H7MCJt/8xgkcS5L3qsmo1Mu9JnBcBQ0oTMFBPR0sP4oGUvr5EsoX0VMS3vqyIsNpgMPIXJHUWkbCNHDCpC9ire1IXwdHtvwuOUtGvUMcedpkn6RTJjz7Truq2mXcymqkVJLNhGDf5vNHM4j5r28mAXnAJp95hiYtt6H2mzz0PUrDUrcvgceBrd2bvi1WVRpM8dgC9OfhN4x98Faqkbe+s9RLM/jjAWv+Ljtr/8Mf89Y/ngjhgQ0nhI0BF2kO/GVms5lpt9LY3FfRz+nfcylq7lPKee+YpITJVCCXfp9p2ThzXhzUAo47CCYmztVTCzL1HKcMV15CCJbPkrw5UoUjSEJOWy99maSICbotk1onVtFVllwMogacd5MgZKm5fX+QBcA9M2cmRZ0UyLY4exJnZqiDpaURBNdaFCGhSN1fcLKTxfFR96RSpXMxy1oH0WRBvZ8sAA/95cQy6FLECccpngXYNYDuv0pfpAfaK8pF3ldsbOnc8ulk4czwi6fd7nSGddffYZqCUxDL23IAz7/ZMWvdevm1wVO+fombgnKOz3TXxti7Nu/G/NmpCGTRf/30gw==
Content-Type: multipart/signed; micalg="2.16.840.1.101.3.4.2.1"; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_0012_01D818D0.D6BE9CB0"
MIME-Version: 1.0
X-OriginatorOrg: protiviti.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR03MB6626.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8c4dfff0-d3e2-468c-e160-08d9e711f15a
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Feb 2022 12:37:29.8111 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 16532572-d567-4d67-8727-f12f7bb6aed3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ujvah3FK9Ik+CUqs1A1Brn01YtwPGk4Lc2p1VaNynJYuY1nhNB4+Coy43gA3kmDdou3qJNbUcILDn5ibTGuXpg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR03MB5794
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/1km7iHM3lo2KVOsnUBKv75PXaEE>
Subject: Re: [lamps] Éric Vyncke's No Objection on draft-ietf-lamps-samples-07: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Feb 2022 12:37:37 -0000

There may be a register setting required, but outlook will let you use certificates that have an rfc822Name that does not match your current email and I thought it also accepted certificates with multiple email SANs, although I have not test that recently.

-----Original Message-----
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 
Sent: Thursday, February 3, 2022 1:08 AM
To: Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu>; Russ Housley <housley@vigilsec.com>
Cc: LAMPS <spasm@ietf.org>
Subject: Re: [lamps] Éric Vyncke's No Objection on draft-ietf-lamps-samples-07: (with COMMENT)

On Wed 2022-02-02 23:10:24 +0000, Blumenthal, Uri - 0553 - MITLL wrote:
> Agreed, not exactly following 5280 – but can you argue with MS or Apple? I tried – unsuccessfully.

Are you saying that you asked MS and Apple to ensure that their MUAs (Outlook and Mail.app?) would accept a certificate that has multiple e-mail addresses in it, and they declined?  and it doesn't currently work? (i haven't tested)

Is there a public record of that attempt?  Did MS or Apple have a specific reason to not want it?

         --dkg

v2.23.0 | Report a Bug | By Email