ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: CSV and STARTTLS

2004-07-01 19:35:30
from [John Leslie] [Permanent Link] 

Andrew Newton <andy(_at_)hxr(_dot_)us> wrote:

From section B.4.1 of draft-marid-csv-intro:


B.4.1  StartTLS

  A common certificate method as used with StartTLS [RFC3207] can
  authenticate an unknown server after an investment in signed periodic
  digital certificates, encryption capabilities, and services of a
  Certificate Authority.  This investment creates a barrier for
  large-scale use over the open Internet.  Reliance on the certificate
  signature also adds a need to vet Certificate Authorities in addition
  to the confirmed domains.


   This (IMHO) intends to say that StartTLS can offer strong authentication,
but it comes at the expense of a lot of certificate-related baggage.


  Spontaneous communications are at the core of Internet design and
  operation.  So omission of a Certificate Authority is typically
  allowed of clients.  When this is allowed, StartTLS loses any ability
  to authenticate the relationship of the client to its claimed domain
  name


   This intends to say that, in order to allow communication between
MTAs lacking any prior relationship, StartTLS is implemented with a
critical piece of that baggage removed. It goes on to warn that, with
this critical piece of baggage removed, StartTLS is no longer able to
authenticate the relationship claimed to the EHLO name.


Does this imply that the strong authentication provided by certificate 
validation of TLS is to be subjugated by CSV, which is most likely to 
be weaker authentication?


   That certainly was not intended. StartTLS, even in its weakend form,
is still useful for its intended purpose: it's just not useful as a
means of authenticating the EHLO name.


Also, I think many security-minded folks may disagree with the 
characterization in the first paragraph.  Opportunistic encryption with 
peer authentication using TLS happens every day on the Internet.


   You've lost me, Andy. I can only guess that you interpreted "creates
a barrier" to mean that the expense of the investment "creates" an
"insurmountable barrier", which strikes me as an unlikely parsing, even
with the following paragraph amputated. Given the paragraph which follows,
it seems clear to me that "omission of a Certificate Authority" is a
common method of surmounting the barrier.

   Or did you mean something else?

--
John Leslie <john(_at_)jlc(_dot_)net>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: CSV and alternative authentication techniques, Hector Santos
Next by Date:  apology to matthew, Dave Crocker
Previous by Thread:  Re: CSV and STARTTLS, Andrew Newton
Next by Thread:  Re: CSV and STARTTLS, Andrew Newton
Indexes:  [Date] [Thread] [Top] [All Lists]