Re: [lamps] Draft addition of header protection to the LAMPS charter

[Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>]

Hi Daniel

On Mon, 7 Jan 2019, Daniel Kahn Gillmor wrote:

> On Mon 2019-01-07 09:38:25 +0100, Bernie Hoeneisen wrote:
>
> If you could remember the names of the couple of others you found, or
> dig them back up with another websearch, that'd be great.

If I (re-)find more information on rebex and others, I'll share it.

>> Outside the S/MIME world, I can refer to the four implementations that
>> support pEp (pretty Easy privacy). pEp is specified to perform Header
>> protection (almost) the same way as described in RFC 5751.
>
> RFC 5751 doesn't cover anything outside of S/MIME, but i agree with you
> -- i want whatever header protection LAMPS specifies to work for
> PGP/MIME as well.

If we can agree on a proposal that works for PGP and S/MIME, that would be 
great.

> Can you explain what the "(almost)" means in the paragraph above?

As you mention above, RFC 5751 is only defined for S/MIME, though in 
pEp it works by the same principle.

> Are you talking about "pEp email format 1" or "pEp email format 2" of
> https://pep.foundation/dev/repos/internet-drafts/file/tip/pep-email/draft-marques-pep-email.mkd
> or are you talking about something else?

I refer to 'pEp email format 2', which performs header protection 
by message encapsulation in a similar way as described in RFC 5751.

However, I understand that you may be confused by the current version of 
draft-marques-pep-email, as this draft is rather incomplete at this stage, 
i.e. it does not yet describe the case, if both ends are pEp-aware. 
Hernani promised an update of that I-D by the end of this week.

> Can we settle on a single proposal?

Do you have any issues or counter proposals on the HB-2 or HB-3.1 
charter proposals (I sent to this list last week)?


cheers
  Bernie