Re: [lamps] header-protection test vectors: should they include intermediate CA?
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 28 May 2021 03:14 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70EC83A135B for <spasm@ietfa.amsl.com>; Thu, 27 May 2021 20:14:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=qohyb6b/; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=3wCyuwks
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0StrP3UW7V0I for <spasm@ietfa.amsl.com>; Thu, 27 May 2021 20:14:07 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B3333A135A for <spasm@ietf.org>; Thu, 27 May 2021 20:14:06 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1622171643; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=relQ2stg4XQ28/sSgfdtVUaMZG3OoWABtwGY8BzdJwg=; b=qohyb6b/lQtObbZvK/68Re0CPGAlJ18m6Lm/5+ftIXWjfI+6geAoBPdzleXjhGAQ7WPdd ix4DS///jzhmS/hDQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1622171643; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=relQ2stg4XQ28/sSgfdtVUaMZG3OoWABtwGY8BzdJwg=; b=3wCyuwksOC2IDL46aOrRXcWHA3Eue+MiIlSUWWpJM+BUpvyzWJ2cPYFAhmkHYHZgbFKps jhcWsUWuO6xP1GIxJa3T05f5yMln74DB3Vzq4rUC6P1uH8CLAzHjSAZq6YAGyz9zJPpuUnY /P1wNzhdA++2NJUoQNC22J82FjHGUHXyH1kQPnsKFl7XcoKeCuam5t8AIniTe13tFxbDk6j 7YLNGJ6ExSVYm+PnBDjCvRYDy+y6KCXx3DRvCg2mSwfMQX/whhM3s4UPzxXPG+L7a2+PctN Xqkq/StuoCsKpm9axwwYGusekdsVntrU2+qb5FyAHcLL0HLsQ+MBe/R2XTEA==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 87750F9A6; Thu, 27 May 2021 23:14:03 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id F110D20362; Thu, 27 May 2021 21:15:58 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Ryan Sleevi <ryan-ietf@sleevi.com>
Cc: LAMPS WG <spasm@ietf.org>
In-Reply-To: <CAErg=HERjHrV1HznAyRAzrhmN6EiiRv21m0LtNrFEzPexBHnFA@mail.gmail.com>
References: <87r1hrj0qt.fsf@fifthhorseman.net> <CAErg=HERjHrV1HznAyRAzrhmN6EiiRv21m0LtNrFEzPexBHnFA@mail.gmail.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Thu, 27 May 2021 21:15:58 -0400
Message-ID: <87lf7zirox.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ukIEDBmiB-3x10W61_0y8QI3wzs>
Subject: Re: [lamps] header-protection test vectors: should they include intermediate CA?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 May 2021 03:14:13 -0000
Hi Ryan--
On Thu 2021-05-27 20:08:45 -0400, Ryan Sleevi wrote:
> There is a slight benefit, although in the context of S/MIME and CMS, it's
> far more esoteric, particularly for S/MIME.
Thanks for the detailed breakdown of the processing, update, and
verification model used by Windows. fwiw, i'm not expecting that any
MUA receiving these messages would even consider updating their stance
toward what roots are trusted just to process the message -- that would
be a strange (and dangerous) tradeoff.
From the sender's perspective, whether the receiving party has a known
set of trusted roots, or a subscription to a service (like "AuthRoot")
that provides just-in-time delivery of system-trusted roots seems
basically indistinguishable to the sender.
So, I don't see anything in your description that gives me any reason to
think i should ship any root certificates in the PKCS#7 bundle. The
draft won't do that unless someone else on the list presents a strong
counterargument for doing so.
Given that we don't know who the relying party is going to be, though,
and it's not always clear even to the microsoft CDN how to find a
particular intermediate cert, i don't think this analysis lands on the
same conclusion for shipping the certificate of an intermediate CA,
which is what i was proposing.
So far, it looks like the next draft (-06) *will* go ahead and ship the
cross-signed intermediate cert, so that any receiving party that is
already willing to rely on either of the two example root CAs can
validate the message without needing to chase down any intermediate
cert.
I hope folks will speak up here on the list if they think this is a bad
idea!
--dkg
- [lamps] header-protection test vectors: should th… Daniel Kahn Gillmor
- Re: [lamps] header-protection test vectors: shoul… Ryan Sleevi
- Re: [lamps] header-protection test vectors: shoul… Daniel Kahn Gillmor
- Re: [lamps] header-protection test vectors: shoul… Russ Housley