This draft is still a bad idea for all the reasons I described the last time it came around. Nothing has changed.
If you do publish it, I'd suggest much stronger language in the first sentence of section 9 on security considerations. The security model for S/MIME certs has always been that the trust flows from the CA to the user without involving the user's mail operator. Now the domain is the trust source for all of its users. Sometimes that's reasonable, sometimes not, and there's no way you can tell without knowing information about the domain that's not in the DNS. The fifth paragraph, on mail operator MITM attacks on user mail, is also much too weak. If the domain is a bank that is required by law to archive its employee communications, MITM is reasonable. If it's a public mail operator that uses MITM to compile dossiers of user info to sell to marketers, and to edit ads and web bugs into the messages into mail before re-encrypting them, all without user permission, it's not. If the mail is from another user on the same system, it'll re-sign the mail, too. Of course, the mail operator will assure you it's "required to be able to read everyone's encrypted email" by its business plan. R's, John _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
