Re: [Trans] CT for opportunistic STARTTLS in SMTP
Trevor Freeman <trevorf@exchange.microsoft.com> Thu, 27 February 2014 06:53 UTC
Return-Path: <trevorf@exchange.microsoft.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90EF31A02E8 for <trans@ietfa.amsl.com>; Wed, 26 Feb 2014 22:53:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zjwHjTMOJZIH for <trans@ietfa.amsl.com>; Wed, 26 Feb 2014 22:53:43 -0800 (PST)
Received: from na01-by1-obe.outbound.o365filtering.com (na01-by1-obe.ptr.o365filtering.com [64.4.22.92]) by ietfa.amsl.com (Postfix) with ESMTP id C75501A0481 for <trans@ietf.org>; Wed, 26 Feb 2014 22:53:42 -0800 (PST)
Received: from BLUSR01CA103.namsdf01.sdf.exchangelabs.com (10.255.124.148) by BLUSR01MB589.namsdf01.sdf.exchangelabs.com (10.255.124.163) with Microsoft SMTP Server (TLS) id 15.0.898.0; Thu, 27 Feb 2014 04:18:54 +0000
Received: from SN2FFOFD004.ffo.gbl (10.255.124.132) by BLUSR01CA103.outlook.office365.com (10.255.124.148) with Microsoft SMTP Server (TLS) id 15.0.898.5 via Frontend Transport; Thu, 27 Feb 2014 04:18:53 +0000
Received: from hybrid.exchange.microsoft.com (131.107.159.99) by SN2FFOFD004.mail.o365filtering.com (10.111.201.41) with Microsoft SMTP Server (TLS) id 15.0.898.4 via Frontend Transport; Thu, 27 Feb 2014 04:18:53 +0000
Received: from DFM-TK5MBX15-08.exchange.corp.microsoft.com (157.54.109.47) by DFM-TK5EDG15-01.exchange.corp.microsoft.com (157.54.27.96) with Microsoft SMTP Server (TLS) id 15.0.847.32; Wed, 26 Feb 2014 20:18:48 -0800
Received: from DFM-TK5MBX15-05.exchange.corp.microsoft.com (157.54.109.44) by DFM-TK5MBX15-08.exchange.corp.microsoft.com (157.54.109.47) with Microsoft SMTP Server (TLS) id 15.0.847.32; Wed, 26 Feb 2014 20:18:47 -0800
Received: from DFM-TK5MBX15-05.exchange.corp.microsoft.com ([157.54.109.44]) by DFM-TK5MBX15-05.exchange.corp.microsoft.com ([169.254.5.188]) with mapi id 15.00.0847.030; Wed, 26 Feb 2014 20:18:46 -0800
From: Trevor Freeman <trevorf@exchange.microsoft.com>
To: Phillip Hallam-Baker <hallam@gmail.com>, Ben Laurie <benl@google.com>
Thread-Topic: [Trans] CT for opportunistic STARTTLS in SMTP
Thread-Index: AQHPMktUK1TcKUm7rUKelX8JKB3CNJrGwbEAgAAE1oD//5WxkIAAq+CA//99JXCAAWO9AIAAKYWAgAABYYCAABybAIAATCTz
Date: Thu, 27 Feb 2014 04:18:45 +0000
Message-ID: <80df79360fe44df1ba28ed867b4ebbbe@DFM-TK5MBX15-05.exchange.corp.microsoft.com>
References: <53063600.4020102@gmail.com> <878ut0usxw.fsf@alice.fifthhorseman.net> <CAMm+LwjANZrgKXxRD-f4POdn7vz9_f1W2Mj8xTGEFVO9-3Unng@mail.gmail.com> <530BB8E3.30303@gmail.com> <530BBCE6.1070100@fifthhorseman.net> <CABrd9SQeReQ_LMFxYJhA2NBCPKCsUXiHjmaF5UgOUEvi-ZJovg@mail.gmail.com> <DEEC5007-F38F-4A20-ADA3-A612C31326C4@vpnc.org> <CABrd9ST9U_KK1bTGAGeUFyr8Gx7GWkau9HiPfcgyOwjnozXuFA@mail.gmail.com> <200B1469-C0AB-4560-B799-F09D4C7221EA@vpnc.org> <2c3b987f362f479fa0d437513b65efa5@DFM-TK5MBX15-05.exchange.corp.microsoft.com> <CAMm+LwgicNZnYtphb5Kp=1bR8G8mMR=ZrVzAgB1DQGsYUPB7cw@mail.gmail.com> <4289ed5e74314d56ad59be2e92d0ccb3@DFM-TK5MBX15-07.exchange.corp.microsoft.com> <CABrd9SSPjfFfO3LPX1PSeBTyL0gLxz0DPR7te06r3fVmzCD13w@mail.gmail.com> <CAMm+LwjEr5M14+Ycb1PRZa7Wb0hx=4EjC52PXxaN2p95aQuV4A@mail.gmail.com> <CABrd9SSJMPhYLGAMfrF_JVGz=2DsxpiDGO9T21QtMi+Owo_jfw@mail.gmail.com>, <CAMm+Lwgj8tUAtMU_BXNhbwHqf7vbadrVqiVoEbXGz8eOWTpFnQ@mail.gmail.com>
In-Reply-To: <CAMm+Lwgj8tUAtMU_BXNhbwHqf7vbadrVqiVoEbXGz8eOWTpFnQ@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.13]
Content-Type: multipart/alternative; boundary="_000_80df79360fe44df1ba28ed867b4ebbbeDFMTK5MBX1505exchangeco_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.159.99; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(377454003)(199002)(189002)(24454002)(15404003)(76482001)(47976001)(69226001)(15975445006)(85306002)(93886001)(65816001)(66066001)(31966008)(93516002)(81686001)(80022001)(6806004)(74876001)(19580405001)(20776003)(63696002)(77096001)(74662001)(4396001)(79102001)(84676001)(44976005)(74502001)(47446002)(83322001)(19580395003)(80976001)(71186001)(15395725004)(53806001)(59766001)(15202345003)(76786001)(74706001)(76796001)(85852003)(2656002)(46102001)(77982001)(90146001)(49866001)(50986001)(83072002)(87266001)(56776001)(95666003)(93136001)(81542001)(81342001)(512954002)(87936001)(16236675003)(74366001)(47736001)(94316002)(54356001)(95416001)(54316002)(84326002)(51856001)(94946001)(56816005)(33646001)(81816001)(92566001)(24736002); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUSR01MB589; H:hybrid.exchange.microsoft.com; FPR:EF1CF195.AFF66CC0.8DFD356F.4EDBF971.20415; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-Forefront-PRVS: 013568035E
X-OriginatorOrg: exchange.microsoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/eqwb_j4QPDGmdkqOaqoKHpyjP2g
Cc: "trans@ietf.org" <trans@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Subject: Re: [Trans] CT for opportunistic STARTTLS in SMTP
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2014 06:53:45 -0000
SMTP servers for large organizations and public email services do have performance considerations so I would not totally dismiss this issue. There likely is some tolerance of delays bit not a lot. Typical case for TLS client auth with SMTP is server to server submission not client submission. The majority of email servers have self signed certificates for SMTP. However where organizations want TLS auth to work for SMTP they use CA issued SSL like certificates for the email servers. The main difference with pure SSL certificates is typically an SMTP server support multiple SMTP domain so has multiple domain names in the certificates. TLS server auth is also different for client and server submission. Again, both would be more tolerant of some delays. ________________________________ From: Phillip Hallam-Baker <hallam@gmail.com> Sent: 26 February 2014 07:29 To: Ben Laurie Cc: Trevor Freeman; trans@ietf.org; Paul Hoffman; Daniel Kahn Gillmor Subject: Re: [Trans] CT for opportunistic STARTTLS in SMTP On Wed, Feb 26, 2014 at 8:46 AM, Ben Laurie <benl@google.com<mailto:benl@google.com>> wrote: > I am not sure that it makes a lot of sense to consider them in the same pot > though because email has very different protocol requirements and > constraints. It is asynchronous which means that we don't really care about > latency much, certainly not at the sub second level. Exactly, so it would be entirely possible to check with the log(s) before proceeding with the connection. This is nice because we could (I think!) even not require the SCT to appear in the TLS connection at all - the client could look up the cert by hash... Yes, CT might be applicable but it is designed to meet constraints that probably don't apply. > But that also means we > can't pass credentials in-band as in SSL. I'm not sure what you mean by this? Credentials pertaining to the sender/recipient? Clearly server credentials can be sent in-band. PPE is mostly focused on end-to-end encryption. We can pass certs for SSL in-band. But right now CA issued certs are only required for email clients doing SUBMIT and the implementations are weak. OK so it turned out that Apple's wasn't meant to ignore the server cert like I assumed. But I have an attack that negates the CA cert checking on at least one other platform. So adding CT to STARTTLS as is makes no sense unless the scope of CT is wider than CA issued SSL certs. It means we either have to do security policy or end-to-end encryption with client certs. I do have a plan to do both but each requires more moving pieces and they each require the same additional pieces. So there if we are going to invest for one we might as well do both. -- Website: http://hallambaker.com/
- [Trans] Draft agenda Melinda Shore
- Re: [Trans] Draft agenda Eran Messeri
- Re: [Trans] Draft agenda Rob Stradling
- Re: [Trans] Draft agenda Melinda Shore
- Re: [Trans] Draft agenda Ben Laurie
- Re: [Trans] Draft agenda Melinda Shore
- Re: [Trans] Draft agenda Phillip Hallam-Baker
- Re: [Trans] Draft agenda Eran Messeri
- Re: [Trans] Draft agenda Daniel Kahn Gillmor
- Re: [Trans] Draft agenda Phillip Hallam-Baker
- Re: [Trans] Draft agenda Melinda Shore
- Re: [Trans] Draft agenda Daniel Kahn Gillmor
- Re: [Trans] Draft agenda Ben Laurie
- Re: [Trans] Draft agenda Ben Laurie
- Re: [Trans] Draft agenda Ben Laurie
- Re: [Trans] Draft agenda Rob Stradling
- Re: [Trans] Draft agenda Phillip Hallam-Baker
- [Trans] CT for opportunistic STARTTLS in SMTP Paul Hoffman
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Ben Laurie
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Paul Hoffman
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Trevor Freeman
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Phillip Hallam-Baker
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Trevor Freeman
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Ben Laurie
- Re: [Trans] Draft agenda Ben Laurie
- Re: [Trans] Draft agenda Rob Stradling
- Re: [Trans] Draft agenda Ben Laurie
- Re: [Trans] Draft agenda Rob Stradling
- [Trans] running code (was: Re: Draft agenda) Stephen Farrell
- Re: [Trans] Draft agenda Carl Wallace
- Re: [Trans] running code (was: Re: Draft agenda) Ben Laurie
- Re: [Trans] running code Stephen Farrell
- Re: [Trans] running code Ben Laurie
- Re: [Trans] Draft agenda Rob Stradling
- Re: [Trans] Draft agenda Carl Wallace
- Re: [Trans] Draft agenda Tomas Gustavsson
- Re: [Trans] running code Stephen Farrell
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Phillip Hallam-Baker
- Re: [Trans] Draft agenda Rob Stradling
- Re: [Trans] running code (was: Re: Draft agenda) Phillip Hallam-Baker
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Ben Laurie
- Re: [Trans] running code Ben Laurie
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Phillip Hallam-Baker
- Re: [Trans] CT for opportunistic STARTTLS in SMTP Trevor Freeman