IETF Logo Mail Archive

Re: [Uta] Eric Rescorla's Yes on draft-ietf-uta-email-deep-09: (with COMMENT)

"Chris Newman" <chris.newman@oracle.com> Fri, 27 October 2017 20:55 UTC

Return-Path: <chris.newman@oracle.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F0BD13F5A9; Fri, 27 Oct 2017 13:55:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JYtyyzR6KoYX; Fri, 27 Oct 2017 13:55:09 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4262313F3F5; Fri, 27 Oct 2017 13:55:09 -0700 (PDT)
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v9RKt6Hn014440 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 27 Oct 2017 20:55:07 GMT
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id v9RKt5rf010109 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 27 Oct 2017 20:55:06 GMT
Received: from abhmp0011.oracle.com (abhmp0011.oracle.com [141.146.116.17]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id v9RKt5Rk006471; Fri, 27 Oct 2017 20:55:05 GMT
Received: from [10.145.239.223] (/10.145.239.223) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 27 Oct 2017 13:55:05 -0700
From: Chris Newman <chris.newman@oracle.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Keith Moore <moore@network-heretics.com>, The IESG <iesg@ietf.org>, draft-ietf-uta-email-deep@ietf.org, uta-chairs@ietf.org, Leif Johansson <leifj@sunet.se>, "uta@ietf.org" <uta@ietf.org>
Date: Fri, 27 Oct 2017 13:55:02 -0700
Message-ID: <412F718C-F4C9-427C-8D07-3561F374C804@oracle.com>
In-Reply-To: <CABcZeBPx2zS8Wr5179wkcmv-_=KeQSfCi91tb0OpSax7QbETPg@mail.gmail.com>
References: <150852235551.15416.1247335476327491501.idtracker@ietfa.amsl.com> <98fddd93-a0a8-efa3-ce2e-530449ae536c@network-heretics.com> <8B20BC5A-A60A-4A31-9345-E970B31BC2C3@oracle.com> <a67ef1d0-1637-fe48-9fb1-664ad8b3172d@network-heretics.com> <D5ED7737-D201-41A2-B24D-661D10D19EE0@oracle.com> <CABcZeBPx2zS8Wr5179wkcmv-_=KeQSfCi91tb0OpSax7QbETPg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.7r5425)
X-Source-IP: userv0022.oracle.com [156.151.31.74]
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/jQi95ln06T2D2dwd0dmwttukBXE>
Subject: Re: [Uta] Eric Rescorla's Yes on draft-ietf-uta-email-deep-09: (with COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 20:55:11 -0000

On 27 Oct 2017, at 11:34, Eric Rescorla wrote:
> On Fri, Oct 27, 2017 at 11:03 AM, Chris Newman 
> <chris.newman@oracle.com>
> wrote:
>
>> On 26 Oct 2017, at 19:56, Keith Moore wrote:
>>
>>> On 10/26/2017 07:18 PM, Chris Newman wrote:
>>>
>>> Line 304
>>>>>>        preference to services supporting STARTTLS (if offered).  
>>>>>> (See
>>>>>>        also Section 4.5.)
>>>>>> I note that 6186 is kind of unclear on what should go in SNI. It
>>>>>> obviously
>>>>>> needs to be what you are checking against (which 6186 gets right) 
>>>>>> but
>>>>>> maybe
>>>>>> it's worth clarifying in this document somewhere.
>>>>>>
>>>>> Hmm.    I might need to come back to that one.   Lots of layers to 
>>>>> sift
>>>>> through.  Feel free to suggest text.
>>>>>
>>>>
>>>> I believe RFC 7817 handles this issue sufficiently.
>>>>
>>>
>>> Not sure whether EKR was referring specifically to the use of SNI 
>>> with
>>> SRV records or not, but that's what I had assumed he meant.  So far 
>>> I
>>> haven't found any specific advice for (a) what name the MUA should 
>>> specify
>>> in SNI, or (b) what names the server should recognize and have 
>>> certificates
>>> for.   It's pretty clear that the server needs to have a certificate 
>>> for
>>> the name on the right hand side of the SRV record, but should it 
>>> also have
>>> a certificate for the name on the left hand side?  (e.g. _pop3s._
>>> tcp.example.com?)  That would potentially make SRV discovery more 
>>> secure.
>>>
>>> But I think that's well beyond what the WG (and IESG) approved.   So 
>>> I
>>> guess I'm inclined to leave the -10 text as it is now without 
>>> specifically
>>> addressing this issue.
>>>
>>
>> I just re-read the related text a bit more carefully. Although RFC 
>> 7817
>> adequately covers what subjectAltName identities mail servers need to
>> support in certificates, it doesn't cover what goes in SNI (although 
>> it
>> mentions SNI). Ditto for RFC 6186. This is annoying; the issue really
>> should have been addressed in 7817 or 6125 :-(
>>
>> I suspect in practice that most MUAs use the post-SRV-lookup hostname 
>> in
>> TLS SNI. And server support for that name form in SNI will be 
>> necessary to
>> interoperate with MUAs that don't support RFC 6186 (or use an 
>> alternative
>> autodiscovery mechanism in preference to RFC 6186). So the remaining
>> question is would it be useful/helpful for a server to also support 
>> an SNI
>> based on the SRV record or SRV-ID name? I don't think the answer to 
>> that
>> question is important enough to justify a normative change to this 
>> document.
>>
>> To address this, I suggest we add a sentence to the end of section 
>> 4.4
>> (just before the sentence referencing 7817):
>>
>> --
>> Mail servers supporting SNI need to support the post-SRV hostname to
>> interoperate with MUAs that have not implemented RFC 6186.
>> --
>
> So to be clear, what you are saying is that when I enter 
> "mail.example.com"
> but it's hosted on "mailhosting.com", and that indirection is done via 
> SRV,
> that the certificate contains "mail.example.com" but the SNI contains 
> "
> mailhosting.com"?

Partly correct, but insufficient to support MUAs that don't implement 
RFC 6186 (which is presently the majority of MUAs). If a mail hosting 
company wants to use SNI to host multiple domains, it has two naming 
approaches for non-6186 customers:

1. customer1.mailhosting.example, customer2.mailhosting.example
2. or customer1.example, customer2.example
(these names can point to the same IP addresses)

These names will be used both for SNI and as the DNS-ID in the 
certificate. If the site chooses to support RFC 6186, then RFC 7817 
requires the certificates have an SRV-ID _in addition to_ the DNS-ID 
(and 6186 clients are required to check the SRV-ID).

So I think my proposed additional statement in combination with the 
requirements in RFC 7817 is sufficient to clarify what goes in SNI and 
to define secure use of RFC 6186 discovery.

		- Chris

> -Ekr
>
> I view that as a statement of fact rather than a normative change so I
>> think it's kosher. Saying more on the topic would probably cross the
>> normative change line so I'd prefer not to go there.
>>
>>                 - Chris
>>

v2.23.0 | Report a Bug | By Email