Re: [Uta] Last call: <draft-ietf-uta-smtp-require-tls-03> "SMTP Require TLS Option"
Jim Fenton <fenton@bluepopcorn.net> Wed, 15 August 2018 17:31 UTC
Return-Path: <fenton@bluepopcorn.net>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D2FD13106F for <uta@ietfa.amsl.com>; Wed, 15 Aug 2018 10:31:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bluepopcorn.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1wrPKS16Mc5 for <uta@ietfa.amsl.com>; Wed, 15 Aug 2018 10:31:11 -0700 (PDT)
Received: from v2.bluepopcorn.net (v2.bluepopcorn.net [IPv6:2607:f2f8:a994::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B67141310A8 for <uta@ietf.org>; Wed, 15 Aug 2018 10:31:10 -0700 (PDT)
Received: from steel.local ([12.124.76.250]) (authenticated bits=0) by v2.bluepopcorn.net (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id w7FHV8qI017355 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <uta@ietf.org>; Wed, 15 Aug 2018 10:31:10 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net; s=supersize; t=1534354270; bh=temFUy/wSvfeFIdH8aR4wie8Ba07UZfEmkm0zG1MB6E=; h=Subject:To:References:From:Date:In-Reply-To; b=TbBo2T4RfxLMcMVGOoGZOHDhP5/WWBMk3/fcmBUZDZw+qWRO05G8xeTNk4O1a8ivG gFiVJkaTapZNY5a3DH5CFruRFVl+iJFu/lydZJUqcC2KMgqM5i1PRwZ34wwjctDVkK 9kLQ+QdCf6aRFTR2pnOBmbTaqW7rOdvLCdaLd47o=
To: uta@ietf.org
References: <002801d434a7$fab29f60$f017de20$@gmail.com>
From: Jim Fenton <fenton@bluepopcorn.net>
Message-ID: <a320d95a-e0a4-4c15-ee85-97070bfebba4@bluepopcorn.net>
Date: Wed, 15 Aug 2018 10:31:03 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <002801d434a7$fab29f60$f017de20$@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/J4Jg8HSt84b-cqCjjYaGc84lzbE>
Subject: Re: [Uta] Last call: <draft-ietf-uta-smtp-require-tls-03> "SMTP Require TLS Option"
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Aug 2018 17:31:28 -0000
Valery, Thanks for your review. Responses inline. On 8/15/18 7:55 AM, Valery Smyslov wrote: > Hi, > > here is my review of the document. > > The draft is well written, however I found few places where it could be improved. > > 1. Section 2: > > In the following para: > > In order to specify REQUIRETLS treatment for a given message, the > REQUIRETLS option is specified on the MAIL FROM command when that > message is transmitted. This option MUST only be specified in the > context of an SMTP session meeting the security requirements that > have been specified: > > The last sentence uses uppercase MUST, while in fact using MUST NOT is more > appropriate giving the meaning of the sentence. I.e. "This option MUST NOT be > specified unless all the following requirements are met in the context of SMTP session:" "MUST only" is logically equivalent to "MUST NOT...unless". Since they're equivalent, I have no objection to the wording you suggest, although IMO "MUST NOT...unless" is somewhat of a double negative as compared with "MUST only". > > And in the following list I believe using uppercase words is unnecessary, > since they described not a protocol (REQUIRETLS) behavior, but > the requirements for REQUIRETLS to be used. I suggest changing > those MUSTs to lowercase. > > o The session itself MUST employ TLS transmission. > > o The certificate presented by the SMTP server MUST either verify > successfully in a trust chain leading to a certificate trusted by > the SMTP client or it MUST verify succesfully using DANE as > specified in RFC 7672 [RFC7672]. For trust chains, the choice of > trusted (root) certificates is at the discretion of the SMTP > client. > > o Following the negotiation of STARTTLS, the SMTP server MUST > advertise in the subsequent EHLO response that it supports > REQUIRETLS. I'm not claiming to be an expert on RFC 2119 usage, but the three MUSTs that you cite are absolute requirements of the specification. It could be worded to be more normative to the implementation of REQUIRETLS, that in order to send a message requiring TLS that the session MUST employ TLS transmission, verify certificates, and advertise its support of REQUIRETLS in STARTTLS sessions. But I still think that my use of uppercase MUST is proper. Other opinions? > > 2. I also have a question regarding the last bullet above - why advertising > REQUIRETLS is linked with negotiation of STARTTLS? > It is my understanding that TLS session may be established > without negotiation STARTTLS (as recommended by RFC8314), > so why the last bullet doesn't say just: "The SMTP server must > advertise in the EHLO response that it supports REQUIRETLS"? > Am I missing something here? The same question is applicable > to the first para in Section 4.3, where STARTTLS and REQUIRETLS are > also logically linked. As Jeremy Harris pointed out while I was typing this, REQUIRETLS is only accepted within TLS-protected sessions. I had originally proposed advertising REQUIRETLS in all EHLO responses (TLS or not) as an optimization (don't bother negotiating STARTTLS if you have a message requiring TLS and the server doesn't support REQUIRETLS) but that wouldn't have been correct. But you are correct that REQUIRETLS should be advertised in EHLO responses for all TLS-protected sessions, not just STARTTLS. Support for REQUIRETLS in such sessions was an afterthought on my part and I seem to have missed that adjustment here. > > (and note a typo in a second bullet above: s/succesfully/successfully) Thanks! > > 3. Section 8.1. > > REQUIRETLS is generally effective against passive attackers who are > merely trying to eavesdrop on an SMTP exchange between an SMTP client > and server. This assumes, of course, the cryptographic integrity of > the TLS connection being used. > > I assume that it is encryption (and not an integrity) that protects > messages confidentiality against passive eavesdroppers, doesn't it? I didn't mean content integrity -- I meant that the TLS session has integrity (i.e., is secure). But I can see how this might be interpreted as you have read it. Perhaps it should say "cryptographic security" rather than "cryptographic integrity". -Jim
- [Uta] Last call: <draft-ietf-uta-smtp-require-tls… Valery Smyslov
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Valery Smyslov
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Jim Fenton
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Jeremy Harris
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Valery Smyslov
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Valery Smyslov
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Viktor Dukhovni
- Re: [Uta] Last call: <draft-ietf-uta-smtp-require… Jim Fenton