ietf
[Top] [All Lists]

Case distinctions as theoretical exercise (was: Re: dane-openpgp 2nd LC resolution)

2016-03-13 10:11:03
Paul, Doug,

I want to respond to two issues/questions only right now and am
going to do so in two separate messages.  Perhaps someone else
will get to the other questions before I do -- I think they have
been answered and explained several times already.   This is
therefore message 1 of 2.

I don't know why we (that "email community") and you (Paul) are
having so much trouble communicating, but

--On Saturday, March 12, 2016 4:09 PM -0500 Paul Wouters
<paul(_at_)nohats(_dot_)ca> wrote:

...
However, the email community experts themselves have already
stated that finding an email server compliant to case 2 is a
theoretical exercise only.

I can't speak for others, but I certainly didn't say that.

The specs (and generally-accepted good practice) recommend using
prohibition, aliasing (of some flavor), or other mechanisms to
avoid making subtle distinctions in addresses that are likely to
be confusing to users and/or to stress expectations about human
memory and precision beyond reasonable limits.  I would
certainly recommend that a final delivery system not provide a
mailbox named pauL(_at_)example(_dot_)com to a different recipient than a
mailbox named paul(_at_)example(_dot_)com.  I am agnostic about whether
they should be the _same_ mailbox or associated with the same
key: some recipient might plausibly use an obscure form of an
address as a mail classification tool or as part of a very cheap
sender-checking model.  Such models, whether done that way or by
subaddresses or the like, are surprisingly effective against
casual bulk attacks even if much less so against focused and
determined ones.   

The same thing could be said for other distinctions.  For
example, joe(_dot_)bloggs(_at_)example(_dot_)com is a popular form for a
local-part and has been used on some systems for years.  IIR,
there is even a standards-track spec that recommends it.  I
would certainly not suggest that a system that uses that form
for local-parts also support separate mailboxes, assigned to
separate recipients, named like "joebloggs(_at_)example(_dot_)com".
Whether is it better to not support the latter at all, to make
it an alias for the joe(_dot_)bloggs(_at_)example(_dot_)com form, or to
algorithmically remove the special characters(s), possibly also
making joe+bloggs(_at_)example(_dot_)com point to the same mailbox, is a
matter of taste: the specs are (deliberately) mute on the
subject.

However, there is a huge difference between "bad idea to assign
these different mailbox names to different recipients and I'm
not aware of any contemporary system that does it" and
"theoretical exercise only".  It is really not hard to imagine
reasons for doing such things (no matter what you, or I, think
about them). They are explicitly allowed by the spec and are a
part (if only a small one) of why there are "no guessing" rules
in 5321 and elsewhere.   And that, in turn, brings me back to a
point I've tried to make several times: it is a bad idea to try
to modify the rules about interpreting mailbox names (or "email
addresses" if you prefer) via some sort of back door, even an
experimental one.    If you want to modify those rules, write
something that does it up-front and explicitly (and that
"updates" 5321), rather than trying to hide it in a
key-retrieval spec.

Now, having said all of that, I want to note that this has
little or nothing to do with the protocol requirements of
draft-ietf-dane-openpgpkey-08.   At least as I read it, that I-D
simply applies a hash function to the mailbox name as given and
does not attempt to find "equivalent" or "canonical" names.
That means that the very worse case is a false negative about
finding a key.  You want to experiment with that, fine -- I
won't lose any sleep over it.  I do believe that, if that is the
protocol spec, there is a lot of surplus and confusing text in
the I-D that should just come out.  Alternately, if you really
believe that draft-ietf-dane-openpgpkey should do aliasing or
canonicalization, take that up on the SMTP and/or DANE lists
(where you and Warren reported you've already lost the argument
once), not here.   Making the argument on the IETF list is
really just demonstration that there is no IETF consensus about
the draft of which you are the author because these issues are
unresolved and important.

    john