IETF Logo Mail Archive

Re: [lamps] S/MIME fix

Tim Hollebeek <tim.hollebeek@digicert.com> Wed, 16 May 2018 23:36 UTC

Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 310D4126D73 for <spasm@ietfa.amsl.com>; Wed, 16 May 2018 16:36:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.599, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ismoGIbxRbYd for <spasm@ietfa.amsl.com>; Wed, 16 May 2018 16:36:46 -0700 (PDT)
Received: from mail1.bemta8.messagelabs.com (mail1.bemta8.messagelabs.com [216.82.243.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BBD1126C2F for <SPASM@ietf.org>; Wed, 16 May 2018 16:36:46 -0700 (PDT)
Received: from [216.82.242.46] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-8.bemta-8.messagelabs.com id D6/B9-05993-D80CCFA5; Wed, 16 May 2018 23:36:45 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA1WSWUwTURSGe2em7aDUXIYKxwZcStzQNqghafR B5MX6gHtiRKIMONLGLmSmGtyJGqNQFEFU6gIikAhqRTFqArGCShRlDRjRYIhgFBVRYxDRaqdT UN++c/7/nuXm0CTzRqGhuQwHx9tYi1YxjmrWXwzROT0/E2M+l6kNNb9KlIbjg2eQ4XxnquFUb acyjjJeye5QGFsqvxHG0tJhwui600utpBLlZluKPSNZbnpR069ML0vIuOQdlmeig8uy0Diawk 4SDr06RogBg3MJ6MvPQVLwCsHINy+ZhYJoBY6BztoGn4um1XgPtDfsFtMk1kD+/d9I5FA8BWp LcpUiq/FUuFl/TS7xcjja6PYzhaeDu8qtEFmFk+BGYS0hMoObCPjkWiJyEF4MnutF/joIh8HQ 48uE1CscunqL/AxYDT2tjQqJJ8K711655E+Cc1/rAvmpUH+4NeCPhLaibP9egKsJaDw0EDDpY LCggJSEFgTPsveTkhANHZ35gddbYaiuWClxEgxUDQfyk6Eip4eSuJqE7r4NEkfA8aunAvnzCm h/OlfacjOcqBCnE5u9RlDS7SZz0RzXP9u5fBqJixB4jjSRLv83hcCjwl5KMkVDwZX+AE+BWx/ PkhIvgtM/7ikkngYnsnuUEsfC+wefUTGiK9AsgeO3c7xufqw+hTenmRxW1mzRzYsx6K2cILBp nIVNEfSpdut15Lu2fTIZuo36BhPq0CSa0E5UHfWOJDITUuybd5hYwbSJ32bhhDoUQdNaUOXc/ ZnIhPBcGpexxWzxneyoDHSwVq2aI8oqIZ21CuY0SXqMFtAvq/OcJP2w/aSTZCib3cZpwlWpoh WLVtM221ih0fNvQ5GaUBWSyWRMcDrHW82O//V+FE4jbaiqWKwSbLY5xvr1+0YhfKMgz4g4ioP 9K2kyUYl1rnZtckxm4RnPzC/vcixMPfu86gNdP8nesG5vvKVr79CFxdHrrU8KIpfOKFuxavxA Rznp1G2swlzF90p9WVT6mvgWvKgveehDzbLVwVzW+F3lzB7vcMKnvIUHwzhjyOWwH+7IpsnNo YILVe880Bwb/7Y1jo9y8TtmzKZnf8zTUoKJnRdN8gL7BwtoKIb5AwAA
X-Env-Sender: tim.hollebeek@digicert.com
X-Msg-Ref: server-14.tower-96.messagelabs.com!1526513803!102348485!1
X-Originating-IP: [207.46.163.17]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.9.15; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 10154 invoked from network); 16 May 2018 23:36:44 -0000
Received: from mail-dm3nam03lp0017.outbound.protection.outlook.com (HELO NAM03-DM3-obe.outbound.protection.outlook.com) (207.46.163.17) by server-14.tower-96.messagelabs.com with AES256-SHA256 encrypted SMTP; 16 May 2018 23:36:44 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r0/IS+fQN+uUkfNBGJJJTKUoGixmh+1L2QYo3G3O6Dg=; b=o0Wx9X2iXYPp6UorX9LPhd4iSfbI7SynrnN2PtFPkeBGn5ble/ylcniQjEuYXrroOMT9LagUp3eEEyA4bsMgYxP/Kqq3KJtttj9vJaq7qNJ0TM5mzPNrOwSgr9AD4AIRjVIPANnWFnyJOU9Yz3/eNi6/amubztDaVhmBUSQSAXU=
Received: from BN6PR14MB1106.namprd14.prod.outlook.com (10.173.161.15) by BN6PR14MB1169.namprd14.prod.outlook.com (10.173.161.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.776.11; Wed, 16 May 2018 23:36:42 +0000
Received: from BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::40d8:6bed:a1a5:de4e]) by BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::40d8:6bed:a1a5:de4e%3]) with mapi id 15.20.0776.010; Wed, 16 May 2018 23:36:42 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: Adam Roach <adam@nostrum.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Phillip Hallam-Baker <phill@hallambaker.com>
CC: SPASM <SPASM@ietf.org>
Thread-Topic: [lamps] S/MIME fix
Thread-Index: AQHT7SJdOmZQG8Umo0udkM2b+/ucJqQyxYkAgAAQmoCAAAXxgIAAFUGAgAAPyLA=
Date: Wed, 16 May 2018 23:36:41 +0000
Message-ID: <BN6PR14MB110682FAA3AF8A692AA92BDF83920@BN6PR14MB1106.namprd14.prod.outlook.com>
References: <CAMm+Lwj=VTBHYxH-iOaqEUHxALpBfSXWG3p0+xxUnY+o4CmGvA@mail.gmail.com> <BN6PR14MB1106A2890EE8B9243B4EA08C83920@BN6PR14MB1106.namprd14.prod.outlook.com> <CAMm+LwhuBoQ1VHQy-=E2FODYq4Fnzs8e24Yqyfg4akwQTsqc=w@mail.gmail.com> <1e8468d7-da6c-62f1-e24b-1ee03df22606@cs.tcd.ie> <e678276f-79c2-ec3c-7df5-f70794740f77@nostrum.com>
In-Reply-To: <e678276f-79c2-ec3c-7df5-f70794740f77@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [98.111.202.5]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR14MB1169; 7:auTY2TCTy9cEm2Px8vObozcVf7BX9gPy9c7q6JDoeuMXdvboeEgyacVQuDabp9WzoIPWsFoN07OjNo66r9xfgWToeRnvgkYf7WNjuTcD3Fp2PxUFOu1jmUn9JWzZXJDK13WE+9IXmF9T2c/L0rTLQYaQwbDMVVqJ0L9omnufRCCA49b50dAsMd1vJ9rV9QTUDpLwWDvTqJjOinm3yHJs2PQ2KeXsbAl8W1X/wYw9Ix6bfjiijpMKPiPhiVOcS3J+
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:(32856632585715); BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(49563074)(7193020); SRVR:BN6PR14MB1169;
x-ms-traffictypediagnostic: BN6PR14MB1169:
x-microsoft-antispam-prvs: <BN6PR14MB11697603324F4BC32BC6C75E83920@BN6PR14MB1169.namprd14.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(32856632585715)(192374486261705)(258766100185102);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415395)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231254)(944501410)(52105095)(149027)(150027)(6041310)(20161123560045)(20161123558120)(20161123564045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:BN6PR14MB1169; BCL:0; PCL:0; RULEID:; SRVR:BN6PR14MB1169;
x-forefront-prvs: 0674DC6DD3
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(39860400002)(346002)(376002)(39380400002)(396003)(13464003)(199004)(189003)(305945005)(4326008)(68736007)(7696005)(7736002)(59450400001)(93886005)(6436002)(74316002)(53546011)(229853002)(76176011)(6116002)(316002)(3846002)(66066001)(102836004)(6506007)(99936001)(14454004)(575784001)(97736004)(3660700001)(44832011)(99286004)(86362001)(26005)(55016002)(5250100002)(8676002)(81166006)(9686003)(476003)(81156014)(106356001)(486006)(6246003)(33656002)(186003)(6306002)(2906002)(3280700002)(5660300001)(25786009)(110136005)(105586002)(11346002)(446003)(2900100001)(8936002)(53936002)(478600001)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR14MB1169; H:BN6PR14MB1106.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: ze1AVL53dOueJ+CZA4CktJzRt8kPd8uoxarsFrHAM0MXS2EIrFZsUJVqG/3YhQ6n5anD76qMqjEOuCqg3VYTDdoN8TG2OcmFaa7ilTkw+hJXOTRhC6WTsL/ShMI+RR94dLi83YMvFGv5kdgVuz4wImzMan4DnfTWPP/DM8HV7a4I5XtstosofSttd+Nc+QbW
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_08CD_01D3ED4D.30BD1880"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 9aa8061d-f67b-443b-87c1-08d5bb85e0fd
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9aa8061d-f67b-443b-87c1-08d5bb85e0fd
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 May 2018 23:36:42.0777 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR14MB1169
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/xUTXOVVqis2SOASzu2bmkW2k-CQ>
Subject: Re: [lamps] S/MIME fix
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 May 2018 23:36:49 -0000

This is interesting, I hadn't thought of the parallels with WebRTC, despite 
the fact that I've given a talk on the fact that all of these things are 
basically the same problem.

I have a soft spot for the WebRTC security stuff.  It really is far more 
elegant and well designed than it initially appears.  It's not perfect, but 
it's worth looking at closely and thinking carefully about.

-Tim

> -----Original Message-----
> From: Adam Roach [mailto:adam@nostrum.com]
> Sent: Wednesday, May 16, 2018 6:33 PM
> To: Stephen Farrell <stephen.farrell@cs.tcd.ie>; Phillip Hallam-Baker
> <phill@hallambaker.com>; Tim Hollebeek <tim.hollebeek@digicert.com>
> Cc: SPASM <SPASM@ietf.org>
> Subject: Re: [lamps] S/MIME fix
>
> On 5/16/18 4:16 PM, Stephen Farrell wrote:
> > - Designs pre-date web user agent which changes trust model (where's
> > the private key kept? Needs new infrastructure)
>
>
> To understand the challenges surrounding what you suggest, you probably
> want to study the issues surrounding isolated media streams in WebRTC.
> Start by looking at section 4.3.2.4 of draft-ietf-rtcweb-security, and then 
> read
> through <https://clicktime.symantec.com/a/1/ZUvdrU2DWW-aLe1I1x-
> uWvB_9Olp-hukiQj_tS5vyo4=?d=J11B9dbh9pdZkagcAZSOz6N-
> lMrt249fI1GArrhjTyT2Mv0bxRlEJ34cZbS87eUKrlHkdxKTyM16fzk6Oa2cbNkCsS6
> T7wEgMqMBZ7jiNVeZi__gmD30Y7U3ikHJyMppa7BM6IWhNCSXAbGI1SCtQpF9
> pZ2hlFhqpJrzzXd65YdPDL9iwlDdNbt72F5wUNK26Zb-
> sF9hbGrLwyarefR9gaWnh15R3EjJ-
> OqlLE4CDFWsBJGSxmMLBvwj263QrMrRM72PJxKZU3XFmsj9e3cEupBLjH6N0QX
> oLmMD42i2wt0MnYSoCtKaiTWzTg33hRlj8XVNAc32mj0D-
> o18pnLVxHi2q9Nbdn3kYxepwnSq&u=https%3A%2F%2Fwww.w3.org%2FTR%2F
> webrtc%2F%23isolated-media-streams>.
>
> To create an analogous situation for secure email, you'd need to use 
> webcrypto
> in a way that stored your private key in the browser (inaccessible to the 
> page),
> and develop web standards that add some affordance for web pages to hand
> encrypted data to the browser in a way that causes the corresponding
> unencrypted data to be displayed to the user, but isolated from the web page
> completely (e.g., rendered into an iframe that the parent cannot inspect).
>
> Whether that kind of isolated context for email (which should be usable for
> real-time messaging as well, if done correctly) is reasonable or too clunky 
> to
> work is yet to be seen. (I've had a few conversations that concluded "too
> clunky," but reasonable people may disagree.) In any case, the bulk of the 
> work
> for that kind of system would need to take place in the W3C.
>
> There are, of course, possible trade-offs to be made in which the user 
> trusts
> the web-hosted mail service with access to message plain text, or even to 
> their
> private key; but once you take that leap, you're doing scantly better than 
> the
> hop-by-hop security provided by DANE and/or MTA-STS.
>
> /a

v2.23.0 | Report a Bug | By Email