Re: [lamps] Proposed addition of header protection to the LAMPS charter

[Daniel Kahn Gillmor <dkg@fifthhorseman.net>]

On Mon 2018-11-05 22:34:33 -0500, Russ Housley wrote:
> In the session earlier today, there was interest in adding a header
> protection work item to the agenda.  Alexey talked about this in
> Montreal, and he posted a draft a few weeks ago:
> draft-melnikov-lamps-header-protection.  Several people said that they
> would implement a solution if the WG produced an RFC on this topic.

This seemed to be acceptable to folks in the room, and i've seen mainly
agreement on the list to adjust the charter in this way.

I propose the following change to the charter so that we can move
forward with adoption of this work:


--- a/lamps-charter.txt
+++ b/lamps-charter.txt
@@ -58,6 +58,14 @@ certificate for a trust anchor, which is often called a Root
 Certification Authority (CA) certificate, to identify the next
 public key that will be used by the trust anchor.
 
+7. Specify a mechanism for the cryptographic protection of e-mail
+headers.  Most current implementations protect only the body of the
+message, which leaves significant room for attacks against
+otherwise-protected messages.  Cryptographic protection (both for
+signatures and encryption) which applies to the headers in conjunction
+with the message body are necessary to close significant security and
+usability gaps in cryptographically-protected electronic mail.
+
 In addition, the LAMPS WG may investigate other updates to documents
 produced by the PKIX and S/MIME WGs, but the LAMPS WG shall not adopt
 any of these potential work items without rechartering.



happy to hear any concerns or suggestions for improvement!

Regards,

        --dkg