Re: [yam] Russ Housley's Discuss on draft-ietf-yam-rfc4409bis-02: (with DISCUSS)
S Moonesamy <sm+ietf@elandsys.com> Tue, 23 August 2011 20:04 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: yam@ietfa.amsl.com
Delivered-To: yam@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD6E821F8D2B; Tue, 23 Aug 2011 13:04:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.613
X-Spam-Level:
X-Spam-Status: No, score=-102.613 tagged_above=-999 required=5 tests=[AWL=-0.014, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a+upZCkGUyd8; Tue, 23 Aug 2011 13:04:28 -0700 (PDT)
Received: from mail.elandsys.com (mail.elandsys.com [208.69.177.125]) by ietfa.amsl.com (Postfix) with ESMTP id 10BE821F8D25; Tue, 23 Aug 2011 13:04:28 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([41.136.238.32]) (authenticated bits=0) by mail.elandsys.com (8.13.8/8.13.8) with ESMTP id p7NK5GhZ008136; Tue, 23 Aug 2011 13:05:21 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=elandsys.com; s=mail; t=1314129925; bh=5N0Dn2TJCVxKHNSFJhX2XcLhPu8=; h=Message-Id:Date:To:From:Subject:Cc:In-Reply-To:References: Mime-Version:Content-Type; b=rA6/H14FYh3rcUgJAFhYcvJY4FtWrnsgZvX/ceTojkDNDrU5NXNpTiQL9GJLyFLYh R+V4WC6cm08BJW6QDgKN/EX1BvcgjboKBB1xqTPj8LFb49vnpY6paR1BNsiD+fR+NS cgdCnSGRd/lC4ats8K8NnDHvWWZYGpgpraT5QChc=
Message-Id: <6.2.5.6.2.20110823123557.0d863778@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Tue, 23 Aug 2011 13:04:57 -0700
To: Russ Housley <housley@vigilsec.com>, The IESG <iesg@ietf.org>
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <20110822174540.26398.33846.idtracker@ietfa.amsl.com>
References: <20110822174540.26398.33846.idtracker@ietfa.amsl.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: richard Barnes <rbarnes@bbn.com>, draft-ietf-yam-rfc4409bis@tools.ietf.org, yam@ietf.org, yam-chairs@tools.ietf.org
Subject: Re: [yam] Russ Housley's Discuss on draft-ietf-yam-rfc4409bis-02: (with DISCUSS)
X-BeenThere: yam@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Yet Another Mail working group discussion list <yam.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yam>, <mailto:yam-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/yam>
List-Post: <mailto:yam@ietf.org>
List-Help: <mailto:yam-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yam>, <mailto:yam-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2011 20:04:28 -0000
Hi Russ, At 10:45 22-08-2011, Russ Housley wrote: >---------------------------------------------------------------------- >DISCUSS: >---------------------------------------------------------------------- > > > The specification says: > > If an incoming message includes a DKIM [DKIM], PGP [RFC4880], > S/MIME [RFC5751], or other signature, sites SHOULD consider what > effect message modifications will have on the validity of the > signature, and MAY use the presence or absence of a signature as > a criterion when deciding what, if any, modifications to make. > > This text is a warning that there are dragons here, but it does not > tell the reader anything about the real consequences. I believe > that the text ought to be saying that portions of the incoming > message that are covered by the signature SHOULD NOT be altered. > The consequences of such alteration should probably be included in > the security considerations. The YAM WG was asked for feedback about this issue. Dave Crocker suggested the following text as a replacement for the text you quoted above: "Message modification can affect the validity of an existing message signature, such as by DKIM [DKIM], PGP [RFC4880], and can render the signature invalid. This, in turn, can affect message handling by later receivers, such as filtering engines that consider the presence or absence of a signature." The rationale for having the text is that "awareness of the possibility of signature-breaking is an important thing when implementing submit processors, so some text along these lines is useful advice. The actual consequences are completely context-specific". Ned Freed pointed out that "first and foremost, since "signature" is in general completely open-ended thing, recommending that signature preservation always be a priority over submit message processing is: (a) Impossible to implement since there's no way to tell the difference between a new signature scheme and some random collection of header fields, a new media type, or whatever and (b) A really bad idea since the use of a signature can (and sometimes does) conflict with the operational policies associated with a submit agent. And the latter can be a legal requirement in some venues. There were several objections to the total removal of the text. Based on the feedback received, I think the appropriate path is to have the text replaced. Do you consider the proposed change as acceptable? Regards, S. Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Russ Housley
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Dave CROCKER
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Pete Resnick
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Dave CROCKER
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Frank Ellermann
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Frank Ellermann
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Pete Resnick
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Alessandro Vesely
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Barry Leiba
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John Levine
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Murray S. Kucherawy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Tony Hansen
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… SM
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy