From nobody Mon Apr 4 20:55:50 2016 Return-Path: X-Original-To: arcing@ietfa.amsl.com Delivered-To: arcing@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF2E412D153 for ; Mon, 4 Apr 2016 20:55:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SFk6eXkMKiDH for ; Mon, 4 Apr 2016 20:55:48 -0700 (PDT) Received: from mail-qk0-x231.google.com (mail-qk0-x231.google.com [IPv6:2607:f8b0:400d:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDEAD12D09F for ; Mon, 4 Apr 2016 20:55:47 -0700 (PDT) Received: by mail-qk0-x231.google.com with SMTP id s5so630534qkd.0 for ; Mon, 04 Apr 2016 20:55:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:message-id:date:to:mime-version; bh=gpDAyU1oegfMduK0kg9f4jEPpc+TVxxLc3MjdnTQQ84=; b=yzpovhWNn7oXBysaZ1mBmE9hSlwEu0iEVjPYZ6Nf/uAXJbWN93Odybrq+a7+Bd2fmM 9iKasgEcKfvgPX/hluiKSA55LUlMO48Fp6iPRDOU62p6whFPZlUkPLefKNASJkgJTvRP 0knoz90i3pg+k4gYHeO7YVfp+sBUsHCou4Odc9fYFf0qL+u/jSRlV7oGqljuMOe2VJiR iASF0jIGvynhLsgP5FdDbqZYDIOAQCy+ztcDNkfhqURJvynkGVz5+LSugKLqKPiGGzap 1Wte1uQBgwpQToZBcg8n6M+SQMa+mzMjbs3n/ax1ko0QIXnL1DeWd47i7cRxoZ1+S3KK ff8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:message-id:date:to:mime-version; bh=gpDAyU1oegfMduK0kg9f4jEPpc+TVxxLc3MjdnTQQ84=; b=T56liUF6i2qrm11UYiACUmF7kEr9zVK1vtJIbIA97xIYxAfmTr0N42b20Uq/EVpY/U BWe1h0e/8n0Y9kjzhWrzeaXOFIlutg3jcCF/4hmrQY2/SlTufqFjxBHQMGlOp1+/I2qm Ek3ar9x6zbQ8PhA4AQoW7Yx3/hBAODMGzVDl6/0BWhAxnShtufszdv9Oe5TEPJEjWBf+ UZEolcuQ+g8P9EEjbyaZL8+uziZdGQ7aBVkiEldZPnjFK/ZdQpHbX0C54VUJgAdS1XRS /wfshmJK/Ej7d9w4WWhhNG8bGcmVnnoWzqznfBk5rRDwL5b8JvoIjnHHM3R/+3Pkiydk RY3w== X-Gm-Message-State: AD7BkJKqhpExzYVQwOIq4F7SR5C3P/SgTGC7DNTogy4ASS3TbYtt3fsaIUM+paNT/bJI0w== X-Received: by 10.55.52.142 with SMTP id b136mr20733471qka.5.1459828546954; Mon, 04 Apr 2016 20:55:46 -0700 (PDT) Received: from ?IPv6:2001:67c:370:136:d854:f5fb:229:dcce? ([2001:67c:370:136:d854:f5fb:229:dcce]) by smtp.gmail.com with ESMTPSA id 2sm13796234qgi.33.2016.04.04.20.55.45 for (version=TLSv1/SSLv3 cipher=OTHER); Mon, 04 Apr 2016 20:55:46 -0700 (PDT) From: Suzanne Woolf Content-Type: multipart/alternative; boundary="Apple-Mail=_C187E363-F4FC-4363-852C-F11A4142DFFE" Message-Id: Date: Mon, 4 Apr 2016 23:55:44 -0400 To: arcing@ietf.org Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) X-Mailer: Apple Mail (2.2104) Archived-At: Subject: [Arcing] BOF at IETF95 Tuesday morning X-BeenThere: arcing@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: This list will discuss different architectural approaches to signalling alternative resolution contexts for Internet names List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Apr 2016 03:55:50 -0000 --Apple-Mail=_C187E363-F4FC-4363-852C-F11A4142DFFE Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi, Meeting materials for the ARCING BOF are available at = https://datatracker.ietf.org/meeting/95/materials.html#arcing = .=20 ARCING BOF Agenda for IETF95 (Buenos Aires) Date: April 5, 2016 @ 10:00-12:00 (Tuesday morning session) Location: Atlantico C Chairs: Joe Hildebrand, Suzanne Woolf Presentations materials: = https://datatracker.ietf.org/meeting/95/materials.html#arcing 1. Intro: motivation for the BoF (10 min) ...And some things we=E2=80=99re not doing 2. Ed Lewis: draft-lewis-domain-names (20 min) 3. Ted Hardie: draft-hardie-resolution-contexts (20 min) 4. Brian Trammell: draft-trammell-inip-pins (20 min) 5. Discussion: Is there an interesting set of problems here? Is it possible to provide good guidance on solving them? We=E2=80=99ve kept the agenda simple in the interests of promoting = discussion of broad issues and some thinking outside of boxes. best, Suzanne --Apple-Mail=_C187E363-F4FC-4363-852C-F11A4142DFFE Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hi,

Meeting= materials for the ARCING BOF are available at https://datatracker.ietf.org/meeting/95/materials.html#arcing




= --Apple-Mail=_C187E363-F4FC-4363-852C-F11A4142DFFE-- From nobody Wed Apr 6 16:53:08 2016 Return-Path: X-Original-To: arcing@ietfa.amsl.com Delivered-To: arcing@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDCF412D14D for ; Wed, 6 Apr 2016 16:53:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.399 X-Spam-Level: X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OIJkjNm5FedB for ; Wed, 6 Apr 2016 16:53:04 -0700 (PDT) Received: from mail-pf0-x231.google.com (mail-pf0-x231.google.com [IPv6:2607:f8b0:400e:c00::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C92A812D160 for ; Wed, 6 Apr 2016 16:53:03 -0700 (PDT) Received: by mail-pf0-x231.google.com with SMTP id n1so43191251pfn.2 for ; Wed, 06 Apr 2016 16:53:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:message-id:subject:mime-version; bh=fWLmgalKkdJvkYVC/AuiuNej3tR9/5K02GcB8yNDajc=; b=iPVpDvSIU9gOP+lKwbgjVI9lcRNK66I08nTcLIB6fUBgh5GXLCas6taPVOEqYw6Mcr ZHmtCRZ5FcCvNdM99rOt77foraT4w2nFqM7FfpISZGVgLc4sVYEGji71oHaeXHnTcSqU yRnoCIIMBGiRfrsZuYnrlv20WMXJar6vAnvHumkHEVWBxJ4vLO0sVlYeeiwpX4ERyL04 VVSYLFQkwmo0fBvApu8ymG1BD7X8W2G/EHNW/JCZVyC0LWFTzsENtos5A/Yj71v1gat+ Tm268yxFPZ4vHdkx06Hb0JyKa7DsSEODKxeMQ56c0bolcCeX+O01WTJfCjB1m1xWnQMo u2ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:date:from:to:message-id:subject :mime-version; bh=fWLmgalKkdJvkYVC/AuiuNej3tR9/5K02GcB8yNDajc=; b=cMCHhPO7rADGUAUJ39hwKWbhcRl9ziMFKveyz22LluKEFyCLqFbEXkGIcAkkh7neEb e3kYoX4jsJHsWkJyouHotTwCZ42wOgKITahGWAf4pq0M/aRaZ1TVu5FsECYAdxQR6wmM 4EIUaJT4RStcFYqM35BznSM6o9gY5A19OWjmIln6E2gwP1IX0sxm3Ved5iB9HA8+hinx JBYdSqkCib+WhQJ2daxJmQ/ec+eIxnG/gl9+6NF8xL+0P4783OHTBpPi5RAADEBZHmGw 2hw7grzxuI7uczFWa3MRTfqJf/8XvDe0eY0jqF2VFqOXhKX8y7gLOdiNPsNPqH4Ygtps TriA== X-Gm-Message-State: AD7BkJKPb4fIog7ni0+BMjHVgOCDba2VUnSsqGEFGnnZ/V5tlYIMzwnVdkS4PEzzEnXvUg== X-Received: by 10.98.79.7 with SMTP id d7mr88239pfb.77.1459986783302; Wed, 06 Apr 2016 16:53:03 -0700 (PDT) Received: from mail.outlook.com (ec2-52-24-139-88.us-west-2.compute.amazonaws.com. [52.24.139.88]) by smtp.gmail.com with ESMTPSA id 62sm7335017pfk.83.2016.04.06.16.53.01 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 06 Apr 2016 16:53:02 -0700 (PDT) Sender: Phillip Hallam-Baker Date: Wed, 6 Apr 2016 23:53:00 +0000 (UTC) From: Phillip Hallam-Baker To: arcing@ietf.org Message-ID: <994C5976EA09B556.213991A5-DB27-4B37-8DB6-1060D55ACCC7@mail.outlook.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_684_1777269432.1459986780791" X-Mailer: Outlook for iOS and Android Archived-At: Subject: [Arcing] The PrismProof Naming Games X-BeenThere: arcing@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: This list will discuss different architectural approaches to signalling alternative resolution contexts for Internet names List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Apr 2016 23:53:07 -0000 ------=_Part_684_1777269432.1459986780791 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable I see two types of naming scheme: 1) One that avoids ambiguity by means of a registry2) One that avoids ambig= uity by means of random or cryptographic techniques=C2=A0 =C2=A02a) Random = strings (e.g. GUIDs)=C2=A0 =C2=A02b) Cryptographic digest of the data itsel= f - limited to static data=C2=A0 =C2=A02c) Cryptographic digest of a public= signature key - permits identification of dynamic data. The last is the most flexible that does not require registration. A while back, as part of my PrismProof usable end-to end email project, I l= ooked into ways of creating email addresses that had the following properti= es: 1) Compatible with existing email clients, contacts directories etc. Can be= entered without code changes.2) Break when existing SMTP infratrustructure= attempts to process3) Contain a fingerprint of a public key that is a root= of trust for an email user. The objective here is to be able to use an existing email client (Thunderbi= rd, Windows Live Mail, Outlook) to send and receive S/MIME and OpenPGP encr= ypted mail with zero user impact and without the need to make use of an app= lication plugin. All the 'PrismProof' part was performed by an SMTP/IMAP pr= oxy performing any necessary encryption, key discovery, etc. [Obviously, this is not the desired endpoint, I want apps to support the in= frastructure native. But I have come to loathe application plugins because = they do not compose] The fingerprint format I am using is not particularly important here except= to note that it is designed to support versioning and also resist content = type substitution attacks by calculating BASE32 (SHA-2-512 ( + ":" + SHA-2-512 ())) https://tools.ietf.org/html/draft-hallambaker-udf-03 So the approach the initial SMTP code took was to use the fact that a quest= ion mark is a de-facto non permitted character in an email address even tho= ugh most clients accept use. MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ?alice@gmail.com In the 2014 implementation, this was interpreted as 'send mail to alice@gma= il.com=C2=A0but only if an email security profile for Alice@gmail.com can b= e located that has a valid signature with a key authorized under a trust ro= ot with the fingerprint MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ' Which worked well enough for SMTP. =C2=A0But then I got thinking of things = like, how do I make use of the same approach in other applications, how do = I make that General? So I started looking at Alice@gmail.com.MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ.onion Which looked good till I realized that, 1) I am not doing TOR and 2) in my = world, the root of authority is that fingerprint. It specifies the entire t= rust context in which all else is interpreted. It could specify a different= DNSSEC root, it could specify WebPKI roots. So really, the email address should be: Alice@gmail.com.MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ Or if the profile is personal to just Alice and specifies where to send mai= l, it could just be Anon@MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ Sent from Outlook Mobile ------=_Part_684_1777269432.1459986780791 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
I see two types of naming scheme:

1) One that= avoids ambiguity by means of a registry
2) One that avoids ambig= uity by means of random or cryptographic techniques
   = 2a) Random strings (e.g. GUIDs)
   2b) Cryptographic di= gest of the data itself - limited to static data
   2c)= Cryptographic digest of a public signature key - permits identification of= dynamic data.

The last is the most flexible that = does not require registration.

A while back, as pa= rt of my PrismProof usable end-to end email project, I looked into ways of = creating email addresses that had the following properties:

<= /div>
1) Compatible with existing email clients, contacts directories e= tc. Can be entered without code changes.
2) Break when existing S= MTP infratrustructure attempts to process
3) Contain a fingerprin= t of a public key that is a root of trust for an email user.

=
The objective here is to be able to use an existing email client= (Thunderbird, Windows Live Mail, Outlook) to send and receive S/MIME and O= penPGP encrypted mail with zero user impact and without the need to make us= e of an application plugin. All the 'PrismProof' part was performed by an S= MTP/IMAP proxy performing any necessary encryption, key discovery, etc.

[Obviously, this is not the desired endpoint, I want = apps to support the infrastructure native. But I have come to loathe applic= ation plugins because they do not compose]

The fin= gerprint format I am using is not particularly important here except to not= e that it is designed to support versioning and also resist content type su= bstitution attacks by calculating BASE32 (SHA-2-512 (<IANA-content-type&= gt; + ":" + SHA-2-512 (<content>)))



So the approach the initial= SMTP code took was to use the fact that a question mark is a de-facto non = permitted character in an email address even though most clients accept use= .

MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ?= alice@gmail.c<= /a>om

In the 2014 implementation, th= is was interpreted as 'send mail to alice@gmail.com but only if = an email security profile for Al= ice@gmail.com can be located that has a valid signature with a key a= uthorized under a trust root with the fingerprint MB2GK-6DUF5-YGYYL-JNY5E-R= WSHZ'


Which worked well enough for = SMTP.  But then I got thinking of things like, how do I make use of th= e same approach in other applications, how do I make that General?

So I started looking at


Which looked good till I realized that, = 1) I am not doing TOR and 2) in my world, the root of authority is that fin= gerprint. It specifies the entire trust context in which all else is interp= reted. It could specify a different DNSSEC root, it could specify WebPKI ro= ots.

So really, the email address should be:
=

Alice@gmail.com.MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ

Or if the profile is personal to just Alice and specifies w= here to send mail, it could just be

Anon@MB2GK-6DU= F5-YGYYL-JNY5E-RWSHZ


Sent from Outlook Mobile
------=_Part_684_1777269432.1459986780791--