Re: [lamps] I-D Action: draft-ietf-lamps-header-protection-04.txt
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 21 May 2021 15:09 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C78C3A141D; Fri, 21 May 2021 08:09:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.305
X-Spam-Level:
X-Spam-Status: No, score=-1.305 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=h/knoq+o; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=L2GBfNDs
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T0wyfQelJ85t; Fri, 21 May 2021 08:08:58 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7CC33A1438; Fri, 21 May 2021 08:08:58 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1621609737; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=xEIbzQ93ZzZUJ9LW65UENTzFDXHxGxIk5Ic13s/RUEY=; b=h/knoq+o8UhOP7mu2Xlx5OTJO2dWhKNEWBja7Pn93ojkykMYXUBl4f59KRYPBvFJSpEEB pop2mVbEMEEiHEbCQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1621609737; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=xEIbzQ93ZzZUJ9LW65UENTzFDXHxGxIk5Ic13s/RUEY=; b=L2GBfNDsumA/nwCgdNc50zxN/OinwC4sOTDpFz5Gna3/jzD+D+zCBLeuOUzvl7fPQwwNT pML/H0W1btg+JyX6WAOZ+VMyXF4w3kaqw0F4b1irpmlR2mEcSDs/iVE2O96dc4AOwI/VBYU /NpfDPsscXpkld9bhoULGdT95hP/6/b5sNAg/wPJTEypwMZIMtT7xXgNXltCJ2ia+Y0bQO2 DmnFUIRtEGUPsMonmCeAAJ5DgDkOEy+mTp1PAADd1e88tICGlThnrZvFBNmVj0Prg4MC/N+ idWZvyaVAEahKXLzgVhVA+FRIBls2qN7QZT272zArIxW8pjlZ4ewe2iB0ydA==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 2199CF9A5; Fri, 21 May 2021 11:08:57 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id BCDC62040E; Fri, 21 May 2021 11:08:53 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: internet-drafts@ietf.org, i-d-announce@ietf.org
Cc: spasm@ietf.org
In-Reply-To: <162160781467.25034.3233595208980051398@ietfa.amsl.com>
References: <162160781467.25034.3233595208980051398@ietfa.amsl.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Fri, 21 May 2021 11:08:52 -0400
Message-ID: <87h7iwdszf.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/aQWz1Z1VMYkc6laXHdzJh2rAbfU>
Subject: Re: [lamps] I-D Action: draft-ietf-lamps-header-protection-04.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 May 2021 15:09:12 -0000
On Fri 2021-05-21 07:36:54 -0700, internet-drafts@ietf.org wrote: > Title : Header Protection for S/MIME > Authors : Daniel Kahn Gillmor > Bernie Hoeneisen > Alexey Melnikov > Filename : draft-ietf-lamps-header-protection-04.txt > Pages : 168 > Date : 2021-05-21 Hi LAMPS folks-- There are few textual changes in -04 from -03, but the main difference is that the draft now includes test vectors. I think the next steps on the document will be a textual cleanup, as the draft is currently a bit disorganized. Two primary questions for the WG to answer for MUAs that will choose how to consume messages with header protection: A) does the draft adequately describe the two known header protection schemes, such that they can be consumed reliably? B) is the draft sufficient in its guidance about how header protection (or lack thereof) should be interpreted by a receiving MUA? Test Vectors ------------ The new test vectors are generated with the certificates and keys from draft-ietf-lamps-samples-04. They make up the bulk of the draft. Each test vector is an e-mail message. In addition to publishing them in the draft, they are also available in more accessible formats at https://header-protection.cmrg.net/ . The formats offered include mbox, zipped maildir, individual .eml files, and a public-facing IMAP server. There are a variety of different messages, as requested during the LAMPS meeting at IETF 110: - the cryptographic payload varies between a simple text/plain message, and a more complex multipart/alternative message with an attached PNG image. - Some baseline messages have no cryptographic protection at all, to make comparisons more clear. - There are messages with cryptographic protection (both signed and signed+encrypted) but no header protection, also for comparison. - the messages with header protection include messages using both the "injected headers" scheme and the "wrapped message" scheme. I'm asking for people to take screenshots with their preferred MUA of whatever messages they can. There are more detailed instructions at https://header-protection.cmrg.net/ Note that all the test vectors with cryptographic protections rely on RSA keys and certificates, and do *not* require Ed25519 or X25519. It seems more sensible to establish and evaluate header protection patterns without requiring MUAs to have already implemented the CFRG curves. I've already made screenshots of all the messages (both rendering and replying) using three S/MIME-capable clients: - Thunderbird 78.10.0 - Evolution 3.38.3 - Balsa 2.6.2 I will likely include go on to include more screenshots from MUAs that are accessible and scriptable from the GNU/Linux platform that i'm most comfortable with. I'd really appreciate contributions from folks comfortable with other platforms. These screenshots are visible directly in the repository at https://gitlab.com/dkg/lamps-header-protection Recommendations Needed ---------------------- We need screenshots of the test vectors (and the experience that comes with people actually trying to exercise their MUAs) because we need the WG to come to a decision on two specific questions for MUAs that *generate* messages with protected headers: C) The draft recommends that each MUA be able to *consume* messages with either header protection scheme (few MUAs correctly handle either scheme today). But we should recommend generation of only one specific scheme. Which scheme should be recommended? D) The draft describes a framework for Header Confidentiality Policies (HCPs), and defines two specific HCPs (hcp_strong and hcp_minimal) but does not recommend anything. I think it should recommend one for MUAs that opt into header protection but don't know what to pick. Which which one should be recommended? If the draft can make these recommendations, then a MUA developer that doesn't want to make any policy decisions can just focus on implementation. I think that's a good thing -- making policy decisions in a relatively novel space can be a cause for inertia. I have my own current intuitions about how to answer C and D, but I'm just an editor of the document -- I want the document to reflect WG consensus. Regards, --dkg
- [lamps] I-D Action: draft-ietf-lamps-header-prote… internet-drafts
- Re: [lamps] I-D Action: draft-ietf-lamps-header-p… Daniel Kahn Gillmor