IETF Logo Mail Archive

Re: [lamps] S/MIME fix

Russ Housley <housley@vigilsec.com> Fri, 18 May 2018 11:18 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E14312D868 for <spasm@ietfa.amsl.com>; Fri, 18 May 2018 04:18:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OliDiuqNrOx0 for <spasm@ietfa.amsl.com>; Fri, 18 May 2018 04:18:17 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6271412D7F8 for <SPASM@ietf.org>; Fri, 18 May 2018 04:18:17 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 518943005AE for <SPASM@ietf.org>; Fri, 18 May 2018 07:18:15 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Zk-_WEhwntsP for <SPASM@ietf.org>; Fri, 18 May 2018 07:18:14 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id E85B230044B for <SPASM@ietf.org>; Fri, 18 May 2018 07:18:13 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_46EB5316-6FCC-495F-B6C4-4AC9F0FEDEAD"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Fri, 18 May 2018 07:18:14 -0400
References: <CAMm+Lwj=VTBHYxH-iOaqEUHxALpBfSXWG3p0+xxUnY+o4CmGvA@mail.gmail.com> <BN6PR14MB1106A2890EE8B9243B4EA08C83920@BN6PR14MB1106.namprd14.prod.outlook.com> <CAMm+LwhuBoQ1VHQy-=E2FODYq4Fnzs8e24Yqyfg4akwQTsqc=w@mail.gmail.com> <1e8468d7-da6c-62f1-e24b-1ee03df22606@cs.tcd.ie> <e678276f-79c2-ec3c-7df5-f70794740f77@nostrum.com> <AB332E06-E1F5-4E82-9EF8-B49846865DAC@vigilsec.com> <f623981f-a379-4a94-0fda-a765a8318841@nostrum.com> <CAMm+LwjFqv4JiRLTBAcZB+EvBC0nH53jgBaCfFfaGTa5QSbrZw@mail.gmail.com> <c6424d23-493c-8831-41c1-2ebcc808b7c9@nostrum.com> <CAErg=HF9hMZwPsZUAK81WigdmGLTGaRK7bJ=BrjnHhjBWvYNLg@mail.gmail.com>
To: SPASM <SPASM@ietf.org>
In-Reply-To: <CAErg=HF9hMZwPsZUAK81WigdmGLTGaRK7bJ=BrjnHhjBWvYNLg@mail.gmail.com>
Message-Id: <2D6DD22A-AB08-409B-AB74-B6F27511F878@vigilsec.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/N-30ek4-18xhAbesmcy0aIQJyYo>
Subject: Re: [lamps] S/MIME fix
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2018 11:18:20 -0000

{ RETRANSMISSION due to the short mail list outage yesterday. }

Ryan:

It seems to me that the LAMPS WG should say something about how to avoid the eFail attack in the Security Considerations of draft-ietf-lamps-rfc5751.

Russ


> On May 17, 2018, at 2:53 PM, Ryan Sleevi <ryan-ietf@sleevi.com <mailto:ryan-ietf@sleevi.com>> wrote:
> 
> I'm having trouble understanding how the current discussion relates to the LAMPS work. It sounds from Phil's initial message, is that this isn't related to LAMPS. There's been suggestions that this might be the CA/Browser Forum (despite the CA/Browser Forum not even having a proposed charter to clean this up), that this might be a W3C/WHATWG issue (despite the browsers explicitly rejecting some of these proposals), or perhaps somewhere else.
> 
> For my own understanding, is there a concrete proposal for either a document or work LAMPS should take on? Otherwise, would it be better to have this discussion elsewhere?
> 
> On Thu, May 17, 2018 at 11:51 AM, Adam Roach <adam@nostrum.com <mailto:adam@nostrum.com>> wrote:
> On 5/17/18 10:46 AM, Phillip Hallam-Baker wrote:
>> I am composing this in Gmail right now. And there is my outlook client in the window underneath. ​The Web browser is not just a full fledged email client, it is the client of choice.
> 
> I don't want to get too far down the rabbit hole of semantics here, but claiming that a browser is an email client because it can run Gmail is fully congruent with claiming your operating system is an email client because it can run Outlook.
> 
> More to the point: you know what I meant.
> 
> /a
> 
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org <mailto:Spasm@ietf.org>
> https://www.ietf.org/mailman/listinfo/spasm <https://www.ietf.org/mailman/listinfo/spasm>
> 
>

v2.23.0 | Report a Bug | By Email