IETF
LAMPS
lamps@jabber.ietf.org
Thursday, July 29, 2021< ^ >
Meetecho-alex has set the subject to: LAMPS at IETF 111
Room Configuration
Room Occupants

GMT+0
[21:32:15] mcr joins the room
[21:33:59] dkg joins the room
[21:36:05] Meetecho joins the room
[21:42:33] meetecho-alexamirante joins the room
[21:45:03] Alessandro Toppi_web_773 joins the room
[21:45:03] Ken Takayama_web_800 joins the room
[21:45:03] Yoshiro Yoneya_web_983 joins the room
[21:45:03] Daniel Gillmor_web_442 joins the room
[21:45:03] Kazunori Fujiwara_web_606 joins the room
[21:45:03] Kohei Isobe_web_254 joins the room
[21:49:56] Michael Richardson_web_899 joins the room
[21:51:28] Deb Cooley_web_295 joins the room
[21:51:48] Yoshiro Yoneya joins the room
[21:52:10] Korry Luke_web_979 joins the room
[21:53:47] Roman Danyliw_web_791 joins the room
[21:54:05] Russ Housley_web_109 joins the room
[21:54:32] Rebecca Guthrie_web_438 joins the room
[21:54:33] Deb Cooley_web_295 leaves the room
[21:55:09] Scott Fluhrer_web_391 joins the room
[21:56:01] Jonathan Hammell_web_609 joins the room
[21:56:49] Deb Cooley_web_209 joins the room
[21:56:49] Tim Hollebeek_web_854 joins the room
[21:56:56] Kaitlin Pollet_web_601 joins the room
[21:57:03] cw-ietf joins the room
[21:57:30] Florence D_web_632 joins the room
[21:57:31] Tadahiko Ito_web_823 joins the room
[21:58:01] <Jonathan Hammell_web_609> Sorry, I don't have a set up for this session that is conducive to taking notes.
[21:58:34] Andrew S_web_386 joins the room
[21:58:35] Alexey Melnikov_web_298 joins the room
[21:58:46] Bernie Hoeneisen_web_990 joins the room
[21:58:46] <Russ Housley_web_109> okay.  Thanks for doing it last time.
[21:58:49] <Deb Cooley_web_209> I can do it.
[21:58:54] <dkg> thanks, Deb
[21:59:02] <Russ Housley_web_109> Thanks Deb!
[21:59:12] Robert Moskowitz joins the room
[21:59:38] Clint McKay_web_456 joins the room
[21:59:49] Taiji Kimura_web_923 joins the room
[21:59:49] Valery Smyslov_web_932 joins the room
[22:00:04] Stefan Santesson_web_673 joins the room
[22:00:05] Bernie Hoeneisen_web_990 leaves the room
[22:00:12] Bernie Hoeneisen_web_284 joins the room
[22:00:17] Robert Moskowitz_web_979 joins the room
[22:00:50] Rolf Sonneveld_web_795 joins the room
[22:00:50] Corey Bonnell_web_954 joins the room
[22:01:00] <dkg> we can start with point 3 if you like
[22:01:22] Hernâni Marques_web_338 joins the room
[22:01:27] <Alexey Melnikov_web_298> Eliot is co-chairing RFCEd program...
[22:01:41] Taiji Kimura_web_923 leaves the room
[22:02:05] Joseph Salowey_web_446 joins the room
[22:02:37] Stefan Santesson_web_673 leaves the room
[22:02:40] Taiji Kimura_web_976 joins the room
[22:02:45] Nicholas Gajcowski_web_385 joins the room
[22:03:04] Dan Harkins_web_913 joins the room
[22:03:15] Tomofumi Okubo_web_704 joins the room
[22:03:19] Stefan Santesson_web_782 joins the room
[22:03:56] Tero Kivinen_web_951 joins the room
[22:04:05] Ned Smith_web_517 joins the room
[22:04:35] Ira McDonald_web_535 joins the room
[22:04:49] Ira McDonald_web_535 leaves the room
[22:05:00] Ira McDonald_web_594 joins the room
[22:05:11] Carlos Silva_web_864 joins the room
[22:05:24] Michael Richardson_web_899 leaves the room
[22:06:02] <Russ Housley_web_109> Do not need to "tamper" the ones with no protection
[22:06:29] <Stefan Santesson_web_782> Why don't use test vectors with infinite validity?
[22:07:20] <Alexey Melnikov_web_298> Stefan: DKG's test CAs have long validity
[22:08:03] <Stefan Santesson_web_782> Sure: Meant practically infinite
[22:08:22] <Tero Kivinen_web_951> Regenerate them every month from the repository with latest certificates etc... if you have the test vectors in web that should be ok.
[22:09:00] bhoeneis joins the room
[22:09:03] <Tero Kivinen_web_951> We can archive old versions...
[22:10:28] <Russ Housley_web_109> Deb are you taking totes here: https://codimd.ietf.org/notes-ietf-111-lamps
[22:10:39] <Deb Cooley_web_209> I hope so.
[22:11:05] <Russ Housley_web_109> Yep. I see it.
[22:11:13] <Deb Cooley_web_209> do you not see it?
[22:11:16] <Deb Cooley_web_209> shew....
[22:11:24] <Alexey Melnikov_web_298> Deb: I can see it
[22:11:35] <Deb Cooley_web_209> you are right to be worried.... rookie note taker....
[22:11:54] <Alexey Melnikov_web_298> You are doing just fine :-)!
[22:16:08] <Hernâni Marques_web_338> Especially widely used ones would be interesting, like Outlook for Android: https://play.google.com/store/apps/details?id=com.microsoft.office.outlook
[22:16:27] <Hernâni Marques_web_338> And of course Mail on iOS, where there were issues importing to root CA.
[22:16:37] <Hernâni Marques_web_338> *the root CA
[22:17:02] <Alexey Melnikov_web_298> Outlook is also available on iOS.
[22:17:08] <Hernâni Marques_web_338> OK!
[22:21:02] Rebecca Guthrie_web_438 leaves the room
[22:21:26] <Deb Cooley_web_209> the right side is easier for the user?  correct?
[22:21:47] PRAT Julien_web_458 joins the room
[22:22:13] <Alexey Melnikov_web_298> Deb: easier - yes. Better - it depends on who you ask :-)
[22:22:20] <Hernâni Marques_web_338> A problem certainly is that you don't have a chance to learn the subject at all; at least not on an UI level.
[22:22:24] <Deb Cooley_web_209> apparently.
[22:22:36] <Jonathan Hammell_web_609> How do you know which is the protected subject? Unprotected/protected subject text look the same.  Did you do a tamper test?
[22:22:43] Rebecca Guthrie_web_916 joins the room
[22:22:49] <dkg> Hernâni Marques: i'd argue that this is not a problem -- in fact, it's *less* confusing because the user doesn't know how to differentiate between the two.
[22:22:52] <Hernâni Marques_web_338> Well, the idea would be to add more test vectors for that. :)
[22:22:53] <dkg> (for signed-only)
[22:23:07] <Jonathan Hammell_web_609> Ah, it is more evident in this example.
[22:23:14] <Alexey Melnikov_web_298> Jonathan: no tempered messages yet. But we discussed creating some
[22:23:24] Phillip Hallam-Baker_web_499 joins the room
[22:23:25] <dkg> in this example, the subject was obscured (because the message was also encrypted)
[22:27:39] Carlos Silva_web_864 leaves the room
[22:28:22] <Hernâni Marques_web_338> Outlook is just heavily, heavily beyond repair. In Apple Mail, for both, the wrapped and injected case, things are much less extreme.
[22:29:57] <dkg> i'm getting choppy audio from Bernie
[22:30:44] <dkg> is anyone else getting choppy audio?
[22:30:46] <Hernâni Marques_web_338> Yeah, in Apple Mail--in the wrapped case--the email is displayed with the headers inline and you can immediately reply; without clicking on an attachment. And no attachment is shown. Also there are no severe display issues for the Legacy Display (Injected case).
[22:31:09] <Alessandro Toppi_web_773> @dkg: audio is fine here
[22:31:09] cw-ietf leaves the room
[22:31:47] <dkg> changing networks shortly to try to improve the link
[22:32:15] <Hernâni Marques_web_338> I think he's switching the network...
[22:32:20] Daniel Gillmor_web_442 leaves the room
[22:32:24] Daniel Gillmor_web_600 joins the room
[22:33:26] <Hernâni Marques_web_338> The question here is we can rely on the receiving side, as Apple Mail, e.g., by default doesn't encrypt (just signs) by default.
[22:34:13] <Hernâni Marques_web_338> (There everything leaks by default.)
[22:34:15] dkg joins the room
[22:34:46] <Hernâni Marques_web_338> (You can, however, once opt-in for it, then all further messages get encrypted; at least for a specific recipient.)
[22:35:27] <Hernâni Marques_web_338> Outlook and TB are fine; Apple Mail not.
[22:36:26] <Deb Cooley_web_209> Is that not configurable?
[22:36:34] <Jonathan Hammell_web_609> Thanks Hernâni
[22:36:43] <Hernâni Marques_web_338> I didn't find any global setting for that.
[22:36:45] <Deb Cooley_web_209> (it definitely is in Outlook)
[22:36:53] <Deb Cooley_web_209> huh...
[22:37:06] <Hernâni Marques_web_338> But you can opt-in for a particular recipient at least; i.e., if you close the padlock once, all further messages (also after restarting) go out signed and encrypted.
[22:37:30] <Hernâni Marques_web_338> Question is just if regular users get that; that's a bit like Telegram, where most things go out unencrypted.
[22:37:57] <Hernâni Marques_web_338> And Apple Mail is a very widespread MUA. :/
[22:39:03] <Hernâni Marques_web_338> I would be part of that (non-editor).
[22:39:09] <Alexey Melnikov_web_298> It would be good to reach out to some S/MIME implementors
[22:39:21] Hendrik Brockhaus_web_791 joins the room
[22:39:26] <Alexey Melnikov_web_298> E.g. from Microsoft, Apple, Google
[22:39:29] <Russ Housley_web_109> Who wants to participate in a design team?
[22:39:44] <Hernâni Marques_web_338> o/
[22:41:02] <Russ Housley_web_109> I will reach out to a few folks
[22:41:24] <Roman Danyliw_web_791> I'll try too
[22:41:24] <Alexey Melnikov_web_298> Yes, I think we need to contact some people offline
[22:41:53] <Jonathan Hammell_web_609> I want to review some of the screenshot examples from other mail clients.  Maybe that will spur some comments.
[22:43:31] Bron Gondwana_web_112 joins the room
[22:43:55] <Jonathan Hammell_web_609> pine? ;)
[22:44:06] <Deb Cooley_web_209> ha
[22:45:05] <bhoeneis> jonathan: I am working on pine (alpine). currently trying to get the test certificated imported
[22:45:16] Hendrik Brockhaus_web_791 leaves the room
[22:45:20] Hendrik Brockhaus_web_697 joins the room
[22:45:38] Hendrik Brockhaus_web_697 leaves the room
[22:45:42] <bhoeneis> s/certificated/certificates/
[22:45:58] Hendrik Brockhaus_web_590 joins the room
[22:46:31] Bron Gondwana_web_112 leaves the room
[22:48:10] dkg leaves the room
[22:48:52] <Russ Housley_web_109> I had trouble with the earlier version of the PKCS#12 on Mac
[22:49:10] <Deb Cooley_web_209> Does Apple allow key import?
[22:49:13] Michael Rosa_web_102 joins the room
[22:49:15] <Deb Cooley_web_209> not key gen?
[22:49:30] <Deb Cooley_web_209> that is what a pkcs 12 is.
[22:49:50] <Deb Cooley_web_209> oh that's weird.
[22:49:56] <Deb Cooley_web_209> that points to a format issue
[22:50:22] <Alexey Melnikov_web_298> openssl command line to the rescue...
[22:50:54] <Deb Cooley_web_209> blech
[22:51:22] Yoshiro Yoneya_web_983 leaves the room
[22:51:28] Yoshiro Yoneya_web_170 joins the room
[22:51:30] <Robert Moskowitz> I agree with Deb.   See my drafts on making real certs using the command line...
[22:52:05] <Alexey Melnikov_web_298> I am not saying it is pretty. I just found it to be pretty versatile.
[22:52:09] <Deb Cooley_web_209> are you volunteering?
[22:52:20] <Deb Cooley_web_209> @Alexey:  for sure.
[22:52:33] <Alexey Melnikov_web_298> I might be ;-)
[22:52:46] <Alexey Melnikov_web_298> I spent lots of time playing with p12 files
[22:52:55] <Deb Cooley_web_209> @robert m:  are you volunteering....LOL
[22:52:57] <Hernâni Marques_web_338> A workaround we used was to export from TB and import into Apple Mail and Outlook.
[22:53:15] <Robert Moskowitz> And I gave up as I did not have the time available.
[22:54:51] <Robert Moskowitz> No Deb.  I do have to fix things I found in my draft trying to make certs for Dan, and I will have to do that as well for DRIP IDs interfacing with X.509 aviation world.  Perhaps it may fall out over the next couple months.  I use TB, so perhaps I should get with the program.....
[22:58:03] <Tadahiko Ito_web_823> I just came up with a wondering about the maximum size of Signed / encrypted data that can be displayed... are there any rule?
[22:58:11] Phillip Hallam-Baker_web_499 leaves the room
[22:58:17] Nicholas Gajcowski_web_385 leaves the room
[22:58:26] <Deb Cooley_web_209> displayed?  or size limits on email?
[22:58:37] Ira McDonald_web_594 leaves the room
[22:58:43] <Tadahiko Ito_web_823> both.
[22:58:52] <Alexey Melnikov_web_298> I will review
[22:59:02] <Alexey Melnikov_web_298> (I read earlier version)
[22:59:10] <Deb Cooley_web_209> we commonly see a limit of 10GB
[22:59:19] <Robert Moskowitz> Perhaps a slim RFC pointing to the github and what is the intent of content of github?
[22:59:28] <Deb Cooley_web_209> (to be clear I don't like the limit, but it is what we see)
[22:59:46] <Hernâni Marques_web_338> 10MB oder 10GB?
[22:59:48] <Tadahiko Ito_web_823> Thanks  deb
[22:59:49] <Deb Cooley_web_209> I don't know of a limit on 'display'
[22:59:57] <Alexey Melnikov_web_298> IMAP (RFC 3501) limit is 4Gb
[23:00:00] <dkg> thanks all!
[23:00:01] Robert Moskowitz_web_979 leaves the room
[23:00:01] Kaitlin Pollet_web_601 leaves the room
[23:00:01] Dan Harkins_web_913 leaves the room
[23:00:02] Corey Bonnell_web_954 leaves the room
[23:00:02] Valery Smyslov_web_932 leaves the room
[23:00:02] Rebecca Guthrie_web_916 leaves the room
[23:00:03] Florence D_web_632 leaves the room
[23:00:03] Robert Moskowitz leaves the room
[23:00:04] <Hernâni Marques_web_338> Okay
[23:00:04] Scott Fluhrer_web_391 leaves the room
[23:00:04] Tim Hollebeek_web_854 leaves the room
[23:00:05] Ned Smith_web_517 leaves the room
[23:00:05] Rolf Sonneveld_web_795 leaves the room
[23:00:05] <Hernâni Marques_web_338> Ty!
[23:00:06] Hendrik Brockhaus_web_590 leaves the room
[23:00:07] Roman Danyliw_web_791 leaves the room
[23:00:08] Andrew S_web_386 leaves the room
[23:00:08] Joseph Salowey_web_446 leaves the room
[23:00:09] Michael Rosa_web_102 leaves the room
[23:00:09] Clint McKay_web_456 leaves the room
[23:00:12] Ken Takayama_web_800 leaves the room
[23:00:12] Tomofumi Okubo_web_704 leaves the room
[23:00:15] Jonathan Hammell_web_609 leaves the room
[23:00:17] Alexey Melnikov_web_298 leaves the room
[23:00:23] PRAT Julien_web_458 leaves the room
[23:00:26] Hernâni Marques_web_338 leaves the room
[23:00:33] Tero Kivinen_web_951 leaves the room
[23:00:36] Daniel Gillmor_web_600 leaves the room
[23:00:42] Daniel Gillmor_web_115 joins the room
[23:00:43] Korry Luke_web_979 leaves the room
[23:00:48] Bernie Hoeneisen_web_284 leaves the room
[23:01:04] Yoshiro Yoneya leaves the room
[23:01:07] Taiji Kimura_web_976 leaves the room
[23:01:09] Deb Cooley_web_209 leaves the room
[23:01:16] Tadahiko Ito_web_823 leaves the room
[23:01:24] Meetecho leaves the room
[23:01:28] Kohei Isobe_web_254 leaves the room
[23:01:46] Yoshiro Yoneya_web_170 leaves the room
[23:01:55] Alessandro Amirante_web_139 joins the room
[23:02:15] Alessandro Amirante_web_139 leaves the room
[23:02:21] Alessandro Toppi_web_773 leaves the room
[23:02:21] Stefan Santesson_web_782 leaves the room
[23:02:21] Daniel Gillmor_web_115 leaves the room
[23:02:21] Russ Housley_web_109 leaves the room
[23:02:21] Kazunori Fujiwara_web_606 leaves the room
[23:02:40] dkg leaves the room
[23:15:52] meetecho-alexamirante leaves the room
[23:29:38] bhoeneis leaves the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!