IETF Logo Mail Archive

Re: [lamps] Suresh Krishnan's No Objection on draft-ietf-lamps-eai-addresses-15: (with COMMENT)

Alexey Melnikov <aamelnikov@fastmail.fm> Mon, 12 February 2018 10:39 UTC

Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E7891273E2; Mon, 12 Feb 2018 02:39:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.72
X-Spam-Level:
X-Spam-Status: No, score=-2.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=xiHcE8AF; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=NDBJEBBm
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hTsPSNZk9mWV; Mon, 12 Feb 2018 02:39:48 -0800 (PST)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A329E127369; Mon, 12 Feb 2018 02:39:48 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id A20E020C68; Mon, 12 Feb 2018 05:39:47 -0500 (EST)
Received: from web5 ([10.202.2.215]) by compute7.internal (MEProxy); Mon, 12 Feb 2018 05:39:47 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=DRAGM+Z3dqnFnueeIlCEG+2BFx9Iw WSgiX/cBitmf3Y=; b=xiHcE8AFBsbCGS27CXW6scPyS79FsH3kbOaOtVYCXgir/ W0tpnoZ/+tvI6w5Z/acVE8ZwoZPm/W5F0IGFsSBVrEETVeeCq7Vb2I9TO5PeVBh7 04HiCciBwr3rKVc4OEQZU/3iCzmohSbi8QYnDR4YwZyVzsQU1NRtKUmcC0eao96Z m0gFQHhiuxdYZwKiRVCvJHZHASHp9BqSzYT3BhI32jpYEpY6sSOpUHIoB76X+y/I 6n4DLvzw4NF5NbZGFOVeoyXMEd6Z4tkbm8xNxsCE6iE0x2JHZXMtSzWiplkWJPUr AExtaqme+wrYygzbykUC8Hi7ioWz1qkKerQ9Mm/Ew==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=DRAGM+ Z3dqnFnueeIlCEG+2BFx9IwWSgiX/cBitmf3Y=; b=NDBJEBBmEQqtwL4yelfeVv 1hR6k2MJAS/STJMt5NVLT/aRcz2AjkEWgiWv+6iuLPOwfLzj0lsrrxOka1scKXgB 7zNikd7SSE046cPGRbx96+wNvLmMN9yEx+XUoYjEQlJfR47MvomSrk0PGhuBGjwk mTiJSLSEFuniv6FTFPlbvoUk+TOmUFLpcAW1Ue6ECxs2Of5l5ytGeRM0wDwyY0Ak 7latuj2hRK913wrxZutN7ZN5WNre7pt9IxISrxtq21MPWyofKfEyJJAq0ij6AXUF j/jYyehnjFo3CJSsYPjMTCRmSxybOJFTi1c8NV5IYER+yVRnVkQlmmpm/igU9AoA ==
X-ME-Sender: <xms:826BWlDHCONXltNx2kTaLosOJqGKZLkhsHwBGdC8K8Efxc2Nuz4fpw>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 74CC69E0EF; Mon, 12 Feb 2018 05:39:47 -0500 (EST)
Message-Id: <1518431987.1831236.1267758584.2A4EF883@webmail.messagingengine.com>
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: Suresh Krishnan <Suresh@kaloom.com>
Cc: The IESG <iesg@ietf.org>, spasm@ietf.org, lamps-chairs@ietf.org, draft-ietf-lamps-eai-addresses@ietf.org, housley@vigilsec.com
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-fde26eb3
In-Reply-To: <39EBFE0E-F7D5-4257-9254-CEC8D15C4435@kaloom.com>
References: <151564026499.22453.4457143592887035396.idtracker@ietfa.amsl.com> <1515687117.1257366.1232046744.30F6CC88@webmail.messagingengine.com> <39EBFE0E-F7D5-4257-9254-CEC8D15C4435@kaloom.com>
Date: Mon, 12 Feb 2018 10:39:47 +0000
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/A547CiAHm9GVs2jxJyN8P2p3UGI>
Subject: Re: [lamps] Suresh Krishnan's No Objection on draft-ietf-lamps-eai-addresses-15: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Feb 2018 10:39:50 -0000

Hi Suresh,

On Mon, Feb 12, 2018, at 7:17 AM, Suresh Krishnan wrote:
> Hi Alexey,
> 
> > On Jan 11, 2018, at 11:11 AM, Alexey Melnikov <aamelnikov@fastmail.fm> wrote:
> > 
> > Hi Suresh,
> > 
> > On Thu, Jan 11, 2018, at 3:11 AM, Suresh Krishnan wrote:
> >> Suresh Krishnan has entered the following ballot position for
> >> draft-ietf-lamps-eai-addresses-15: No Objection
> >> 
> >> I think some of the comparison issues brought up in RFC6943 might be relevant
> >> in the Security Considerations here.
> > 
> > Can you be more specific? Are you thinking about confusable characters or about something else?
> 
> Yep. Exactly about visually confusable characters.

The document already covers that:

7.  Security Considerations

   Use of SmtpUTF8Mailbox for certificate subjectAltName (and
   issuerAltName) will incur many of the same security considerations as
   in Section 8 in [RFC5280], but introduces a new issue by permitting
   non-ASCII characters in the email address local-part.  This issue, as
   mentioned in Section 4.4 of [RFC5890] and in Section 4 of [RFC6532],
   is that use of Unicode introduces the risk of visually similar and
   identical characters which can be exploited to deceive the recipient.
   The former document references some means to mitigate against these
   attacks.

I looked at RFC 6943. While it is a good document, I don't see an obvious way of referencing it. There is so much material there unrelated to Internationalization, so it is difficult to find a useful way of referencing it. If you have some specific suggestions, please let me know.

Thank you,
Alexey

v2.23.0 | Report a Bug | By Email