IETF Logo Mail Archive

Re: [lamps] Draft addition of header protection to the LAMPS charter

Bernie Hoeneisen <bernie@ietf.hoeneisen.ch> Fri, 11 January 2019 20:05 UTC

Return-Path: <bernie@ietf.hoeneisen.ch>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98324128B14 for <spasm@ietfa.amsl.com>; Fri, 11 Jan 2019 12:05:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sWlu6sG1CpUU for <spasm@ietfa.amsl.com>; Fri, 11 Jan 2019 12:05:49 -0800 (PST)
Received: from softronics.hoeneisen.ch (softronics.hoeneisen.ch [62.2.86.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78C9E128AFB for <spasm@ietf.org>; Fri, 11 Jan 2019 12:05:49 -0800 (PST)
Received: from localhost ([127.0.0.1]) by softronics.hoeneisen.ch with esmtp (Exim 4.86_2) (envelope-from <bernie@ietf.hoeneisen.ch>) id 1gi33p-000183-Kn; Fri, 11 Jan 2019 21:05:45 +0100
Date: Fri, 11 Jan 2019 21:05:45 +0100
From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
X-X-Sender: bhoeneis@softronics.hoeneisen.ch
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
cc: Russ Housley <housley@vigilsec.com>, LAMPS WG <spasm@ietf.org>
In-Reply-To: <87imyvcb3m.fsf@fifthhorseman.net>
Message-ID: <alpine.DEB.2.20.1901112104250.28417@softronics.hoeneisen.ch>
References: <DC188C55-6FDE-4E64-9151-54815E96B50B@vigilsec.com> <87bm5hxdn0.fsf@fifthhorseman.net> <1194C123-1234-4B86-8EC1-26CE577CAFDA@vigilsec.com> <BB06AD4F-5F6F-4986-9ADC-04B44E34D0DE@vigilsec.com> <87imyvcb3m.fsf@fifthhorseman.net>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: multipart/mixed; BOUNDARY="37663318-23106365-1547237145=:28417"
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: bernie@ietf.hoeneisen.ch
X-SA-Exim-Scanned: No (on softronics.hoeneisen.ch); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/7lJaBIc6YJVwxXw94tuPI4siDEc>
Subject: Re: [lamps] Draft addition of header protection to the LAMPS charter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jan 2019 20:05:52 -0000

Hi Daniel

Thanks for your input. Your latest proposal (DKG-2) works for me. As you
say, it even fits better to the existing charter text and probably
allays the concerns raised by John and Stephen about explit references to
(legacy) RFCs.

Hernani's small amendment (HM-1) looks even better.

I suggest to go forward with the wording HM-1, though DKG-2 is also a
viable option for me.

cheers,
   Bernie

--

http://ucom.ch/
Modern Telephony Solutions and Tech Consulting for Internet Technology

* * *

On Fri, 11 Jan 2019, Hernâni Marques (p≡p project) wrote:

> --- BEGIN HM-1 ---
>
> 7. Update the specification for the cryptographic protection of email
> headers -- both for signatures and encryption -- to improve the
> implementation situation with respect to privacy, security, usability
> and interoperability in cryptographically-protected electronic mail.
> Most current implementations of cryptographically-protected electronic
> mail protect only the body of the message, which leaves significant room
> for attacks against otherwise-protected messages.
>
> --- END HM-1 ---


* * *

On Fri, 11 Jan 2019, Daniel Kahn Gillmor wrote:

> --- BEGIN DKG-2 ---
>
> 7. Update the specification for the cryptographic protection of e-mail
> headers - both for signatures and encryption - to improve the
> implementation situation with respect to privacy, security and usability
> in cryptographically-protected electronic mail.  Most current
> implementations of cryptographically-protected electronic mail protect
> only the body of the message, which leaves significant room for attacks
> against otherwise-protected messages.
>
> --- END DKG-2 ---

v2.23.0 | Report a Bug | By Email