IETF Logo Mail Archive

Re: [Uta] Eric Rescorla's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)

Nico Williams <nico@cryptonector.com> Wed, 27 February 2019 23:44 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F9981311E1; Wed, 27 Feb 2019 15:44:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.514
X-Spam-Level:
X-Spam-Status: No, score=-0.514 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FAKE_REPLY_C=1.486, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mH0kIUzSyTWP; Wed, 27 Feb 2019 15:44:10 -0800 (PST)
Received: from palegreen.birch.relay.mailchannels.net (palegreen.birch.relay.mailchannels.net [23.83.209.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE1FE1311E0; Wed, 27 Feb 2019 15:44:09 -0800 (PST)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 42E58434D3; Wed, 27 Feb 2019 23:44:08 +0000 (UTC)
Received: from pdx1-sub0-mail-a75.g.dreamhost.com (unknown [100.96.28.213]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id DDB7F43501; Wed, 27 Feb 2019 23:44:07 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from pdx1-sub0-mail-a75.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.16.3); Wed, 27 Feb 2019 23:44:08 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Lettuce-Relation: 38e725ea3e73f684_1551311048120_1336803029
X-MC-Loop-Signature: 1551311048120:3636668202
X-MC-Ingress-Time: 1551311048120
Received: from pdx1-sub0-mail-a75.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a75.g.dreamhost.com (Postfix) with ESMTP id 8765C81EA5; Wed, 27 Feb 2019 15:44:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:subject:message-id:mime-version:content-type :in-reply-to; s=cryptonector.com; bh=OoZmDSxh7fw7mKcuRTi2Jn9QUY4 =; b=hG2Dlg3HMpZEabgchk01BcouCrYXcAEu71xbqxZ8vh6SY0MfuBq2CIdcCYe jU9Eku8LGoQAgPzHdQynTWa/dypH39VFAn3qMJ9AOxJeC9Cfdl7au7n3r8kuF0LD 3qi7ise5bdyEGwH9vOfRjWWNL8egEi9EZnvd3H2bD/fTDQ7k=
Received: from localhost (unknown [8.2.105.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a75.g.dreamhost.com (Postfix) with ESMTPSA id A71E481EA8; Wed, 27 Feb 2019 15:44:06 -0800 (PST)
Date: Wed, 27 Feb 2019 17:44:04 -0600
X-DH-BACKEND: pdx1-sub0-mail-a75
From: Nico Williams <nico@cryptonector.com>
To: uta@ietf.org, iesg@ietf.org
Message-ID: <20190227234403.GF4108@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <155076162945.8595.2671476533659571699.idtracker@ietfa.amsl.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-VR-OUT-STATUS: OK
X-VR-OUT-SCORE: 0
X-VR-OUT-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedutddrvddvgddtlecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucggtfgfnhhsuhgsshgtrhhisggvpdfftffgtefojffquffvnecuuegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfggtggujggfsehttdertddtredvnecuhfhrohhmpefpihgtohcuhghilhhlihgrmhhsuceonhhitghosegtrhihphhtohhnvggtthhorhdrtghomheqnecukfhppeekrddvrddutdehrddujeenucfrrghrrghmpehmohguvgepshhmthhppdhhvghloheplhhotggrlhhhohhsthdpihhnvghtpeekrddvrddutdehrddujedprhgvthhurhhnqdhprghthheppfhitghoucghihhllhhirghmshcuoehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmqedpmhgrihhlfhhrohhmpehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmpdhnrhgtphhtthhopehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmnecuvehluhhsthgvrhfuihiivgeptd
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/fH7nMDLdRbCdMFaAyjKi8IORV7Y>
Subject: Re: [Uta] Eric Rescorla's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 23:44:13 -0000

On Thu, 21 Feb 2019 07:07:09 -0800, Eric Rescorla wrote:
> To elaborate on one point a bit: it seems to me that it's harmful to
> security to allow the sender to unilaterally override the recipient's
> preferences that something be encrypted. To forestall one argument,
> yes, the sender knows the contents of the message, but the recipient
> knows their own circumstances, and they may be at particular risk
> [...]

This is placing too strong an emphasis on security to the detriment of
availability.

As in all things, we have to make trade-offs, and perfection is not
available to us.

In particular:

 - Email to postmaster@domain *must* be able to flow in the face of
   security-related misconfiguration, full stop.

   And, it's not always postmaster that is the contact.  The actual
   address of the actual postmaster can come from DNS SOA RRs, web
   pages, etc...

   If it were only postmaster@... surely you'd be amenable to exempting
   that.


 - Senders own the contents of what they send.  Recipients own the
   contents of what they receive.

   Each can have different policies as to how it should be sent or
   received, but each also can post it on social media, newspapers,
   whatever.

   Just because one of the parties wishes something be kept
   confidential, there is no guarantee in the absence of legal,
   contractual obligations (and PGP or S/MIME, since hop-by-hop
   transport security might not cut it or even be available).

   Refusing to accept insecurely-sent messages does not ensure their
   confidentiality!

The recipient does NOT know the sender's circumstances, and I do think
the sender's trump the recipient's.

HOWEVER, it is fair and *highly* desirable of the recipient to *mark* a
message as received insecurely -- keeping in mind that the recipient
can't force the sender to have authenticated the recipient...

My idea of an ideal end-state for hop-by-hop security for e-mail is
that:

a) *senders* should be able to specify in the envelope that they want
   secure, encrypted, authenticated delivery of email at every hop,

b) senders should get bounces when that cannot happen,

c) *recipients* get an indication of the security of any given e-mail's
   path to the recipient (perhaps we need a Transmitted: header by which
   each sending hop MTA can record what it did to authenticate the next
   hop),

d) (a) and (c) get prominent UI indications in MUAs,

e) as explained above, *senders* get a "make it go please" button for,
   e.g., "hey, dear recipient, your mail system is misconfigured, I
   cannot send secure e-mail" type messages.

Lastly,

f) forward notifications of failure to meet security policy (sender's or
   recipient's!), subject to DoS / spam filtering, naturally.

   A forward notification being like a bounce, but in the other
   direction.  The sender's address, the subject, etc., might not be
   disclosed -- the important thing is that the recipient should be able
   to discover misconfigurations and fix them.

Nico
--

v2.23.0 | Report a Bug | By Email