Re: [Spasm] Fwd: New Version Notification for draft-ietf-lamps-eai-addresses-09.txt
Viktor Dukhovni <ietf-dane@dukhovni.org> Tue, 18 April 2017 19:28 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BF8A1250B8 for <spasm@ietfa.amsl.com>; Tue, 18 Apr 2017 12:28:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WcuZIzmUhO58 for <spasm@ietfa.amsl.com>; Tue, 18 Apr 2017 12:28:08 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [108.5.242.66]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CD671270AC for <spasm@ietf.org>; Tue, 18 Apr 2017 12:28:08 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 95A887A3309; Tue, 18 Apr 2017 19:28:07 +0000 (UTC)
Date: Tue, 18 Apr 2017 19:28:07 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: spasm@ietf.org
Message-ID: <20170418192807.GH25754@mournblade.imrryr.org>
Reply-To: spasm@ietf.org
References: <149229472895.17667.5213935202883938437.idtracker@ietfa.amsl.com> <CAAFsWK3qNJ4K4e7cVm1cyhyySUCxjMJdoDpfLDnRH+UrvZOPjw@mail.gmail.com> <20170416191332.GC25754@mournblade.imrryr.org> <000201d2b7d3$5d7fe150$187fa3f0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <000201d2b7d3$5d7fe150$187fa3f0$@augustcellars.com>
User-Agent: Mutt/1.7.2 (2016-11-26)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/qQKIPtBGnmZqzjmorUt9jCkdzcM>
Subject: Re: [Spasm] Fwd: New Version Notification for draft-ietf-lamps-eai-addresses-09.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Apr 2017 19:28:10 -0000
On Mon, Apr 17, 2017 at 04:35:55PM -0700, Jim Schaad wrote: > > > An updated draft of "Internationalized Email Addresses in X.509 > > > certificates" with the latest comments is now posted. Comments welcome. > > > > This version is I think flawed. > > > > * It fails to describe how rfc822Name name constraints are to > > be used to restrict SMTPUtf8Name altnames. (By decoding any > > U-labels in the rfc822Name constraint and then applying to > > the SMTPUtf8Name with byte-for-byte comparison whole domain > > or ancestor domain as appropriate). > > > > * It incorrectly asserts that SMTPUtf8Name is only for addresses > > with a non-ASCII localpart, while in fact even ASCII localparts > > at UTF-8 domains can be used with SMTPUtf8Name, whenever the > > relevant email address employs a UTF-8 domain name. > > > [JLS] Based on previous mails on the list. It is my understanding that the > WG position is correctly reflected in the document. What position is that? I don't recall any discussion of, let alone consensus for, storing addresses with ASCII localparts and UTF-8 domains in rfc822Name SANs. The description of how to apply rfc822Name constraints to SMTPUtf8Name is a much-to-concise reference to section 5, but that deals with comparison of reference identifiers and SANs, and not domain-valued rfc822Name constraints against SANs. Even if some of the steps are similar I think a separate description is called for. > * The new text of section 6 is confusing. There seems to be > a misunderstanding here, that may account for both the > technical errors and the confusing explanatory text. > > [JLS] I am still trying to find the energy to go through the document, but > I agree that there does need to be some editing before the document > progresses. In particular section 6 needs work. Perhaps shorter, focused much more on the protocol, and less on the rationale (which could be touched on briefly at the end). Why is the example (2nd pair of addresses) showing A-labels in the domain part of the SMTPUtf8Name SAN element? I thought those were supposed to be stored as UTF-8. Why is there an rfc822Name SAN element with A-labels? I thought that all domains were to be stored as UTF-8 U-labels and use SMTPUtf8Name when that representation is non-ASCII. Surely the second part of the example should have a UTF-8 domain part and have only a SMTPUtf8Name and no rfc822Name? -- Viktor.
- [Spasm] Fwd: New Version Notification for draft-i… Wei Chuang
- Re: [Spasm] Fwd: New Version Notification for dra… Viktor Dukhovni
- Re: [Spasm] Fwd: New Version Notification for dra… Jim Schaad
- Re: [Spasm] Fwd: New Version Notification for dra… Viktor Dukhovni
- Re: [Spasm] Fwd: New Version Notification for dra… Wei Chuang
- Re: [Spasm] Fwd: New Version Notification for dra… Wei Chuang
- Re: [Spasm] New Version Notification for draft-ie… Russ Housley