Re: [Spasm] Updating S/MIME handling of message/rfc822?
Wei Chuang <weihaw@google.com> Thu, 19 May 2016 17:59 UTC
Return-Path: <weihaw@google.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B06AC12DB76 for <spasm@ietfa.amsl.com>; Thu, 19 May 2016 10:59:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.126
X-Spam-Level:
X-Spam-Status: No, score=-4.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ThaTyGwIhcGm for <spasm@ietfa.amsl.com>; Thu, 19 May 2016 10:59:02 -0700 (PDT)
Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77AC612DB73 for <spasm@ietf.org>; Thu, 19 May 2016 10:59:02 -0700 (PDT)
Received: by mail-oi0-x230.google.com with SMTP id x19so141462983oix.2 for <spasm@ietf.org>; Thu, 19 May 2016 10:59:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=USsBMdF3wNegSRkCfzpXOHpPub4h/B5IOilE4WQMGz8=; b=do6/NvFVgVUEPCXE2/LVDtc+1IV/pJgWhAR9ff6AYNN593LJg+sGZoY6x5IontmP5w BehvYhTDiBuaMBOHiUSJZmg9wb4uAV9eaXVH1rCRMu8H4pjI3oKeqnG9j9N6fsg3HkR+ v6we2MQoAfaVEkDfkh+InyaDzTRrfKKzdJ6HZhT9Hcs1y7DcjVFj/kSpumcxM5xm7Ob8 +GciPiIlwrM8I82KWtkQtPnHa3TviDgqSYR+nAeAC250gN7LUVvoAou0MXZ+qyQvI/xg o7kbBjbh9dQpKL5r8sLbMdtHS5CvBL8+OKEBR6ZzPy/eegfoIuya9PLKDTKdSDpuWxPM Zq0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=USsBMdF3wNegSRkCfzpXOHpPub4h/B5IOilE4WQMGz8=; b=Rce6CRmpzTY5lT3sjFEATGR72niJhoeugcAVYXRwKaha4trj7YC/JoXkyWuiAcxrDM SSuKqZ/6mX/dC29oIuzukox5qQ/Lsz97j+qaP6xVud11caKPrvLwYTaJ8FJru9pmQMl7 Q0eoBoxSOk/VvtbEnj+WOmKELx5IwaWMeP69WzyB8j2LqMCmICHuwZyWvYLx3JOWyJXy vLuWNQRIuOtzrrKP3nmWeT+ViN+8RvWsUhpI3zu++XbBVtCTML3S6RXT4f2JYoPqBCTn uQZonN3kIX7066rPh+XC4NL5PZBihgVR3U4mSqS4r2af5xjASmh7CrVoyqMCLw/rBUf/ lX7g==
X-Gm-Message-State: AOPr4FUcKh+EJj9jk8rEERTvJ4BwgtvEzUS7J5evB8nczRyMhwUqOJ+ydcK3pnq70h0j2EufUJUAC0cNGnvxge0E
X-Received: by 10.157.31.36 with SMTP id x33mr9655643otd.26.1463680741686; Thu, 19 May 2016 10:59:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.32.202 with HTTP; Thu, 19 May 2016 10:59:00 -0700 (PDT)
In-Reply-To: <CAAFsWK0hHQySouJPQZBfDVKTJdoyY7HLEoVAD=tbFhDhNyjLxg@mail.gmail.com>
References: <CAAFsWK0hHQySouJPQZBfDVKTJdoyY7HLEoVAD=tbFhDhNyjLxg@mail.gmail.com>
From: Wei Chuang <weihaw@google.com>
Date: Thu, 19 May 2016 10:59:00 -0700
Message-ID: <CAAFsWK3QCidCOaPnRU9ddZOWCiu+3szAG=8m=DaaCVJc+LWWww@mail.gmail.com>
To: spasm@ietf.org
Content-Type: multipart/alternative; boundary="001a113e5896ac97ea053335ba5d"
Archived-At: <http://mailarchive.ietf.org/arch/msg/spasm/i-pVN9809fIx9mjqgheq6vFN51o>
Subject: Re: [Spasm] Updating S/MIME handling of message/rfc822?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2016 17:59:05 -0000
In case anyone is interested in this topic, I found this draft that provides a better direction than what I had proposed. https://tools.ietf.org/html/draft-melnikov-smime-header-signing-01 -Wei On Fri, May 13, 2016 at 4:09 PM, Wei Chuang <weihaw@google.com> wrote: > Hi, > > I would like to propose that draft-schaad-rfc5751-bis-00 further specify > handling message/rfc822 processing and specify how to merge message > headers from > decrypted/decoded non message/rfc822 types mime parts. If we can clarify > header > processing this could provide significant improvement in privacy as > revealing > headers like subject can reveal a great deal about the content of the > message > and even metadata like date can be used with traffic analysis to reveal > hidden > recipients (Bcc). > > There already exists "Securing Header Fields" as experimental RFC7508. > This > proposes that certain message header fields are signed and verified, and > optionally can replace or delete the field. This provides a high degree of > flexibility and one approach would be to standard track this. But this RFC > requires a fairly significant change to S/MIME / CMS processing steps, and > there > would be a deployed base that would find it difficult to interoperate with. > Another more feasibile approach is to clarify RFC5751 message/rfc822 > language. > Likely this can get most of the header hiding benefit with a smaller > change to > CMS processing. > > This proposes that if it is desirable to protect header integrity and > privacy > that message/rfc822 be used as specifed in RFC5280. However this instead > of > presenting both the outer header (original) and the inner header > (message/rfc822) part to the recipient, this proposes that when the CMS > processing is done, the inner headers in message/rfc822 update the outer > ones. > If there is a conflict between the inner and outer, then the inner header > replaces the outer ones. Body content in message/rfc822 part replaces > that of > the parent as well. Further there should a signed attribute that tells the > recipient to protect header integrity and privacy upon reply or forwarding > of > the message. There also should be a capability specified as well. Before > sending the message implementations would move these headers to the > message/rfc822 part, leaving those header fields unspecified in the sent > outer message header. > > Compliant implementations should protect at least these message headers: > Subject > Date > References > Message-ID > Keywords > Original-XXX > This list is not meant to be exhaustive. A complete list generated > from (http://www.iana.org/assignments/message-headers/ > message-headers.xhtml) can > be done at a later time. This list also makes no attempt to hide transport > artifacts like the trace headers as these are outside of the control of the > sender and recipient, or the sender and recipient headers as these are > needed by > transport. (Other much more heavy weight approaches are better suited to > handle > hiding those headers) > > thanks, > -Wei >
- [Spasm] Updating S/MIME handling of message/rfc82… Wei Chuang
- Re: [Spasm] Updating S/MIME handling of message/r… Wei Chuang
- Re: [Spasm] Updating S/MIME handling of message/r… Alexey Melnikov