Re: [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-01

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 23 October 2022 17:37 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62B10C14F743 for <spasm@ietfa.amsl.com>; Sun, 23 Oct 2022 10:37:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.012
X-Spam-Level:
X-Spam-Status: No, score=-2.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pkr6z_8RewHy for <spasm@ietfa.amsl.com>; Sun, 23 Oct 2022 10:37:17 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70099.outbound.protection.outlook.com [40.107.7.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2475EC14F748 for <spasm@ietf.org>; Sun, 23 Oct 2022 10:37:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fZcaioAzVu9Fmw93BSPQ6ylR4h6BCU8F8NdrZtVGdYP1zDEME9jqMm6tzDTve+DggEFtrjdOx05e5zf+oTh/diZBonxFwrbtA2tzkZ1qBEovvYahwVghDDVWL9Cy6rSN21yYaKegeiR2CSPuEsCprSHkKH5g6tNAF7qpwi8gni1qnCbLm4FW6U/SjBHDOpyNvEDViY5zFtajdQJ7zhjrUTVsOknEBtu46UKFzORx/3KV2QtvILmEKrJsihX9wFZUcCXM54Zr+68CQoR8zYynJlZB+dF/oqmrUL/7JZGJVJ0dOKoQnSkc+Ivezbbd/pvxvduYteYt7LiT250WSh9zCg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0G5btW/FkBqZoFZNdpeWerQUsGMtTiwxtcU2RDN0KTY=; b=jTBjU50QtumW4BSi57Dx+8rQqLwGa492tmmVMkUezxzpZ6iEns2MPSNUu6OjGs7bFYM/NsY/6xAtCek3XlmRO93Fiq1ualI9IEPxl4HNFcyhYdlKnUTKlsI+YEIJt1tP/5pyel7Sj6VpL1t0nxrTQPrroNjefE6Soz/4f4LlZXpLIxD8oaKtYyp6fIDoHYrKeS96RXjs2OiMcjvqEUnbekJ6zfx2vUnoprxFQtxk8K0JGnspOhL0dBcxMdifRB4FS5bLNrPaTaQtdW6PMf9p/MdvyAIml1bAJw73+vVIG76vbfH1U6Is31+Iw0ugiVSFY9Kpc8uF0KhqkmqHEiPtZQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0G5btW/FkBqZoFZNdpeWerQUsGMtTiwxtcU2RDN0KTY=; b=ROk3Susf1EtkOoioBB39yvTZYPz+DllYuPEVB7KtoBvj8eEAjrnwZDaIeCNSIsBbdb/npiuPqTwBmHkPekWevomJ5Z0Zr3IB3WTV8rzVSm5V3wwdEKgNV9OmcUG2jvOCUhDM5NtiWVBk0dC0zPNDeF2YgQVFXrksjVR5vFwUnmVKo2CM4vkJKhVxi/DmvtyNN0jJkUlbK83XdiRBVJ6P6PLrv18EYqU3kF2YrHdaHedJnXrcZMAD7nKbgMFzwt1aV01hQbt5eZUnSMjjpUAX9z9mkJugUgtI1K6nzj+r+FLttxr48JPPo+RfLJ508gCuA7yRopBWvvfAeFvs5XbCWg==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by PAVPR02MB9299.eurprd02.prod.outlook.com (2603:10a6:102:320::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.32; Sun, 23 Oct 2022 17:37:09 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::ab27:b708:ed83:b088]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::ab27:b708:ed83:b088%6]) with mapi id 15.20.5746.023; Sun, 23 Oct 2022 17:37:08 +0000
Message-ID: <045f0588-11bd-9940-494a-84a25569b750@cs.tcd.ie>
Date: Sun, 23 Oct 2022 18:37:07 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2
Content-Language: en-US
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, "Kampanakis, Panos" <kpanos=40amazon.com@dmarc.ietf.org>, Michael Jenkins <m.jenkins.364706@gmail.com>
Cc: Russ Housley <housley@vigilsec.com>, LAMPS <spasm@ietf.org>
References: <PH0PR00MB10003EC6A096FE0A363BBFB9F5459@PH0PR00MB1000.namprd00.prod.outlook.com> <PH0PR00MB10002A7A2850A1333B4F6C00F54A9@PH0PR00MB1000.namprd00.prod.outlook.com> <35BEB1D9-7EA5-4CD4-BADA-88CCB0E9E8F9@vigilsec.com> <25D23241-1390-4F21-B84F-29D3629A3368@vigilsec.com> <4835bc312c5540a99a9f4b51665e2f75@amazon.com> <CAC2=hnf9k9cHXrFFXXApPRvF8hNUmwFsX5onYneo8eBVoDWV0Q@mail.gmail.com> <4027a47b3b05438b8c02069bac280555@amazon.com> <A9F70D16-145B-4D3E-92DF-9019A3D97803@ll.mit.edu>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <A9F70D16-145B-4D3E-92DF-9019A3D97803@ll.mit.edu>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------3yy1CXlP3aqmf0hig7Pxx0Zh"
X-ClientProxiedBy: DUZPR01CA0080.eurprd01.prod.exchangelabs.com (2603:10a6:10:46a::9) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|PAVPR02MB9299:EE_
X-MS-Office365-Filtering-Correlation-Id: 5561841b-afcf-4017-bcfc-08dab51d35c3
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: UO4zFxj+SFS6lyzKI88Sbm+JTKNDYfo8nQn4DoyG/UnpGVfCEDuFI3O0WjgMToJhnorigBYQCyU3Dfrvuui+e+HJ5kqUOnC0cHAu95P3sHxM07ogIIC856ECvxnX8s8XIQ3nWl73l2tL4eJO2SYztmoCoSGVP/dv0LJoUh0epO4XVNt/Xn8jfyxV2Q0fhj6EI/NhHjH859k0KHpTGEwdZtKowUb6s1iiddtAv/VClNONz1bE/VRjgr5niL18ZMrpjS1FKNaIih/gBtpmFXRyfx3hLHybxfZIT9glGqpZwaVqAxgNvuG/MjaCpG//xAtTwdc6GgOZXR1+pXZTW4kKN2hJ+NAkfyTwDzVfcD741AOt5jvmqNT20iT8frv++GGyeVnJgVX4fJChyCObfuJs2wYL+hZ943bRQn/0pHgnkGPDJB7/+ST+BEgUtLdOaV/4AUkiQhksP8d8ks5QIvRg2A29+lmNd+v5VK/ogPeZPxQi/d4w6DiD98feUqKts6eHWhQBMnezHlxgNH8lWauXe2HhPWyOsk1yVYuX3I/u9sktYtq2F/ExdaX27GCiXBXI/RFdLmPltXzfpBzO4V/bz/jE4+xwGsIJQIoqQC3ewZPwXxSCUwsWpPnHP09P+t4iaZfDfskwzFzAmTsex42hkN39tpQswCXvIsdKXmaqxAPDq3rXbKMLU0M3OISfF4AGxDmB26viv8PGZzqER1eDalMA3WyL1REZeC0SWqf/JMfIPReYGMaEgLBOTWN/j3pLtwTQ6TyAgYmUn2cwSZqbRbgy/jCuUh/5tHD4SCgjzbBOYSBf1iFGkKnjteYwe7iP
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(39860400002)(136003)(366004)(346002)(376002)(451199015)(31686004)(31696002)(6506007)(66946007)(66476007)(4326008)(45080400002)(54906003)(786003)(8676002)(110136005)(38100700002)(66556008)(564344004)(33964004)(86362001)(36756003)(6486002)(478600001)(41300700001)(2906002)(316002)(6512007)(186003)(53546011)(235185007)(44832011)(5660300002)(21480400003)(83380400001)(2616005)(8936002)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: MyWEbnR0o7BimgNkam2LRuGetvkaAkbxYZdtne7Ud7McFCqGVnd/ZSIQvJ0vJ6x1XmzTtui4EOCqKAXiRwGeZDNivtJps8hxYQd0O4K+hZuOpZuSBpGF8kxz3xYP62rbRFV/8odfdiDE+cgENhp0qVgsnmkdO8dqlZTGQB+9xpKrFmSHypppa9LEwLo5GwUeY1xeZH4A63QwBvNw5vcc9K3trUE/xj50mEiojfnWFE6xZXInRdqvHr4H/w9oltwUSnd1ZV7p7tBruHq9neD+VZwc3yMQoQzyPlm5Fb0IOL6ilBhAWDvvhK7VNqkC3gm1HACvGTpv08oOYb/kaRv6D2BL3gBgyazEjZztjLKWuNQDlgb2LWWNyZXeXxQiVc7MdNKwvPr212/R+wxRt8QeYDWdNGBNb7E6FEOPwsJE6ql8Ahk5WJ29WPOI8OCHox87ztAWZOh7EAWQtEDAyp4qWJBNZL5Yc98dK9HX6WZPsmPEW2GreYG8ySBJwKiYM+mGx5/SVheQTzTU7TnbKruruqQARy972TgGobaUgdY9IKVNVjkYDPVCnq9WuCd6nRaw/vqdMNPaJu9oc0w5hfPpw4ToMAWYvi4WFaL8lN+HVA9gzBzR7XPwTOUhxayGlNakrRPmwACtn2i3OKSD+i7QMHReJNmupEmZanUGOquHRrfWXOsPnF/j8nwNBTSOSDSfrZrg8h8V/S+x7FZEvpCb9TIU9VfkH2I9oYNUMakGcg3/EagLf6sSsbT22uhKoBcTW7mi5OKumYab5bfXcGpF8zsnk2rj1Ccmk7Uoi2LmxeqyAxG/o8KTe4U1Akmtm+Y3d3wBnhRTQ/sd0VPfFNckfnl1ogQesXqHSAp1gzEoA3JDN8iI4Rbm9YxuBvOT3Xytu5sPB5ctzt39O+CC4b1dXQsKD1jH9eIgpaI8lZw5a3bauQsDlF9wLabySs4y2V08oJdszaAZ8CLgF09t2wi8xJhOTu3lo29pvbG8trJn8pG5OASssPYhbT9e4uMTNJOh8mPe3m7y1kFbNnlab3/Tbtm0pnEkgNXl+PMywOYVCGd0QBoBjuvQ5+oPQf1R+ZYL+16e1mLVp02i1QAHBAkKnjOKCuUDsjKkywySgP1GoufhFhvVuOcPxxWjhS4+GeMNkpSzp27s1x6pYK9UAhIk3ATMdncTQ7sWRXHoGGiIldeGED8+9L5c68b60AxWkd4TCDfUNlVnE35g2WzFU06aEBEkv0FBxyUCsS4NoORzHk33iux5CuGx4MQB2M7mDqmdIjrp72zce7rz708Z8BHlBMzvx2G68TmeUClw0e+hx8KA9eOmWjwrO6jGQIG4mXUyELR+K1WaKpQawZOftH2LZRbweQ2OZml6vq3EUwkHoSkZR+DaTdTVaqkIHG2kpvIQzGw9QpD4izxcxj20YUr0PNszv6Zq4/ccIEWvdYrUYe7aJYLhtJNPEL6KH4yapLuoDbuA5Rik2P6Ei6k35zLQgfievSS1IWr0i9Z02mrLTP2hr6Vh6Wc1Ep4aRaHjti1DMwYdlIe5tnSw37nynP8SgmAO6V50Zt2fn2opmH7UWlKp3j0ecg/QGR79yxbFda0GGjzayq7UYAUwSoGDF1+pVm8vMMbMWILTIHy0UQ+L+MzIeLlBtNogoxiXng27nppF
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 5561841b-afcf-4017-bcfc-08dab51d35c3
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Oct 2022 17:37:08.7983 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Zr6q6UpyUiPMHcC4kx+S5t8hAdIAxfGjPF8MuM1fpeCJ/RzDWHjsc2TCiN+qaPzv
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR02MB9299
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/FpjbQ7olfLqr-L2s014_97Rdmvs>
Subject: Re: [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-01
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Oct 2022 17:37:19 -0000


On 23/10/2022 04:00, Blumenthal, Uri - 0553 - MITLL wrote:
>   So, no skin off anybody’s back to adopt it.

I don't believe the above is correct. Pretty much anything
that can add complexity to pki libraries has an associated
cost in terms of vulnerabilities.

S.