Re: [lamps] More mail madness?

Jim Schaad <ietf@augustcellars.com> Mon, 14 May 2018 17:59 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95540127010 for <spasm@ietfa.amsl.com>; Mon, 14 May 2018 10:59:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GHTCTvJ4-O3B for <spasm@ietfa.amsl.com>; Mon, 14 May 2018 10:59:29 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7272D124205 for <spasm@ietf.org>; Mon, 14 May 2018 10:59:28 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Mon, 14 May 2018 10:56:46 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Richard Barnes' <rlb@ipv.sx>, 'Russ Housley' <housley@vigilsec.com>
CC: spasm@ietf.org
References: <CAMm+LwiOfdptL6u=SyCtQnz7xKrJD6HTDkKs+JGeHf54CSiv8A@mail.gmail.com> <B0CE44DF-DC7C-4411-B1CC-30B87E38D3F6@vigilsec.com> <51B631EC-78B3-4FF4-A82C-725A029F3DB3@nohats.ca> <C8E07D79-DFC5-4DA5-981B-26AA91A04D09@vigilsec.com> <CAL02cgQGew0=5s-ipyJSD=kp8+uK5juYFYUdepWeDFjf6raqsw@mail.gmail.com>
In-Reply-To: <CAL02cgQGew0=5s-ipyJSD=kp8+uK5juYFYUdepWeDFjf6raqsw@mail.gmail.com>
Date: Mon, 14 May 2018 10:59:21 -0700
Message-ID: <02dc01d3ebad$4ad7c2c0$e0874840$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_02DD_01D3EB72.9E798700"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQHXifDGlbG83KKWFTkmGgShLneaiwESY5zRAsJnOHIBkucuKwGTT/BHo/BuCBA=
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ds8ILMsB0grJNTYNCBQ31PYgfak>
Subject: Re: [lamps] More mail madness?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 May 2018 17:59:31 -0000

I am not sure what can be done to address the CBC issue in S/MIME (CFB would be PGP).  We can say don’t use it, use and AEAD algorithm but not sure what else can be said.

 

The negotiation thingy is already present as you list the set of algorithms you support (with modes) and thus if you advertise AES-GCM then you are going to support AEAD algorithms and if everybody does so then the message can be sent using that algorithm

 

From: Spasm <spasm-bounces@ietf.org> On Behalf Of Richard Barnes
Sent: Monday, May 14, 2018 9:39 AM
To: Russ Housley <housley@vigilsec.com>
Cc: spasm@ietf.org; Paul Wouters <paul@nohats.ca>; Phillip Hallam-Baker <phill@hallambaker.com>; IETF <ietf@ietf.org>
Subject: Re: [lamps] More mail madness?

 

Russ: Is there some more work to be done here to address the CBC/CFB issues?  Even if the encapsulation has AEAD support, maybe there's some negotiation thingy?

 

On Mon, May 14, 2018, 12:37 Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com> > wrote:

 

On May 14, 2018, at 12:35 PM, Paul Wouters <paul@nohats.ca <mailto:paul@nohats.ca> > wrote:





On May 14, 2018, at 12:29, Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com> > wrote:

We are working on text for S/MIME that says that each portion of a MIME multi-part needs to be handled in its own sandbox.  The direct exfiltration that is described happens because the mail user agent glues the various portions together for display to the user, which in the example on the web page causes an image to be fetched from the attacker's website with the message plaintext as part of the URL.


So that’s the bandaid. What and where will work be done on a solution?

 

LAMPS just sent an update to the S/MIME message document to the IESG.  My guess is that there will be discussion on the spasm@ietf.org <mailto:spasm@ietf.org>  mail list.

 

Russ

 

_______________________________________________
Spasm mailing list
Spasm@ietf.org <mailto:Spasm@ietf.org> 
https://www.ietf.org/mailman/listinfo/spasm