Hello,
This is respect to DNSSEC validation for S/MIME
When generating a hash for use in DNS, the draft for DANE/SMIME
currently only uses the username portion of the address.
The obvious (and noted) privacy implications are that someone could
discover e-mail addresses by rainbow table DNS queries and/or zone walking.
I believe this can be mitigated.
S/MIME makes use of x.509 certificates, so I suggest using the serial
number from the x.509 certificate as a salt with the username before
taking the hash.
This could be done optionally rather than mandatory, though I certainly
would want to do it on mail systems I administer.
One of the things I worry about is spammers discovering valid e-mail
addresses through the DANE S/MIME and then using the public key of that
user to send encrypted malware that can not be filtered on the SMTP
servers because it is hidden.
If the serial number for the x.509 certificate is a salt for the hash,
then spammers can not determine the validity of an e-mail address from
DNS but those who already have the certificate can use DNS to DANE
validate the certificate.
Thank you for your time,
Michael A. Peters (aka Alice Wonder)
_______________________________________________
dane mailing list
dane@ietf.org
https://www.ietf.org/mailman/listinfo/dane
