From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <notmuch-bounces@notmuchmail.org>
Received: from mp0 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id MOVwBlwLq16ScQAA0tVLHw
	(envelope-from <notmuch-bounces@notmuchmail.org>)
	for <larch@yhetil.org>; Thu, 30 Apr 2020 17:31:08 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0 with LMTPS
	id sCLvM2QLq14TLQAA1q6Kng
	(envelope-from <notmuch-bounces@notmuchmail.org>)
	for <larch@yhetil.org>; Thu, 30 Apr 2020 17:31:16 +0000
Received: from arlo.cworth.org (arlo.cworth.org [50.126.95.6])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id D73C6942399
	for <larch@yhetil.org>; Thu, 30 Apr 2020 17:31:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by arlo.cworth.org (Postfix) with ESMTP id 416176DE13FF;
	Thu, 30 Apr 2020 10:31:02 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at cworth.org
Received: from arlo.cworth.org ([127.0.0.1])
	by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id eGPI4SWVCtJv; Thu, 30 Apr 2020 10:31:01 -0700 (PDT)
Received: from arlo.cworth.org (localhost [IPv6:::1])
	by arlo.cworth.org (Postfix) with ESMTP id 937546DE13BA;
	Thu, 30 Apr 2020 10:30:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
 by arlo.cworth.org (Postfix) with ESMTP id BEB3A6DE13B6
 for <notmuch@notmuchmail.org>; Thu, 30 Apr 2020 10:30:53 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at cworth.org
Received: from arlo.cworth.org ([127.0.0.1])
 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id hoN-2uoPIFfC for <notmuch@notmuchmail.org>;
 Thu, 30 Apr 2020 10:30:52 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117])
 by arlo.cworth.org (Postfix) with ESMTPS id 3E4736DE13AE
 for <notmuch@notmuchmail.org>; Thu, 30 Apr 2020 10:30:52 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;
 d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019;
 t=1588267851; h=from : to : subject : in-reply-to : references : date
 : message-id : mime-version : content-type : from;
 bh=r77oMt6kHeLblmFOEQbh1hZudQffA6tG5qDr3lmVuuk=;
 b=dtVpTNLvINU8flgzV5o0xK0hsC06mAC6px32SFb9ZsLEKGQ+v34INknrxkMtxbQ9c5GCr
 YSj+mn4oWo/BAWgAg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net;
 i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1588267851; h=from : to
 : subject : in-reply-to : references : date : message-id :
 mime-version : content-type : from;
 bh=r77oMt6kHeLblmFOEQbh1hZudQffA6tG5qDr3lmVuuk=;
 b=l/vBB4eimv8+wRYI6KO01YvN5W0AUJyE/3pW9JHzIaNdNPmvX8WPtPKR7zrA8xLiaRFIa
 lw1WA+Puu3+rF6OJU+MSyBVLbznI/QKHdO5nu9R2MJMY6tguuIWj/EK+eMIR/HGKB4t+EJC
 j3oCtuV6zbVPYDKhRqpUdSUyzagulHMXjCfhqvn/hRuvhAJKUbXh9lmN2zhxsq+WHQhrdvA
 Pbzz5NwzT6RaK10a0jUEGEJhT2X5RvYBJ8Q0pw5kxhI9CKiSCsYRuXLDtso8uLAp5Iw6Tna
 mUSQce+b3HulzJA8LfiOYlHn3w3MhprJvj7Vhc0iTjkViBvvcDcEq5iMEY9w==
Received: from fifthhorseman.net (unknown [108.58.6.98])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (No client certificate requested)
 by che.mayfirst.org (Postfix) with ESMTPSA id 0D8FEF9A5;
 Thu, 30 Apr 2020 13:30:50 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000)
 id 9B6A42018F; Thu, 30 Apr 2020 12:51:41 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: David Bremner <david@tethera.net>, Notmuch Mail <notmuch@notmuchmail.org>
Subject: Re: [PATCH 03/15] tests/smime: Include the Sample LAMPS Certificate
 Authority
In-Reply-To: <87v9lj2hjl.fsf@tethera.net>
References: <20200428185723.660184-1-dkg@fifthhorseman.net>
 <20200428185723.660184-4-dkg@fifthhorseman.net> <87v9lj2hjl.fsf@tethera.net>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata=
 mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh
 bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQULCQgH
 AgYVCgkICwIEFgIDAQIeAQIXgAIZARYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJd5Hw3BQkFpJWB
 AAoJEPIGkReQOOXGDYEA/j0ERjPxDleKMZ2LDcWc/3o5cLFwAVzBKQHppu0Be5IWAP0aeTnyEqlp
 RTE7M8zugwkhYeUYfYu0BjecDUMnYz6iDLgzBF3kewUWCSsGAQQB2kcPAQEHQK1IuW0GZmcrs2mx
 CYMl8IHse0tMF8cP7eBNXevrlx2ZiPUEGBYIACYCGwIWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUC
 XeR7TwUJAiGl/gCBdiAEGRYIAB0WIQQsv6x2UaqQJzY+dXHEDyVUMvKBDwUCXeR7BQAKCRDEDyVU
 MvKBD7KmAQCHs+7588C4jto6fMje0Nu97zzoppjJM7lrGF2rVnbHvwD+MgmGUbHzPSUrTWnZBQDi
 /QM595bxNrBA4N1CiXhs2AMJEPIGkReQOOXGpp0BAM7YeBnt/UNvxJAGm4DidSfHU7RDMWe6Tgux
 HrH21cDkAQC9leNFXJsQ7F2ZniRPHa8CkictcQEKPL8VCWpfe8LbArg4BF3ke5wSCisGAQQBl1UB
 BQEBB0Cf+EiAXtntQMf51xpqb6uZ5O0eCLAZtkg0SXHjA1JlEwMBCAeIfgQYFggAJhYhBMS8Lds4
 zOlkhevpwvIGkReQOOXGBQJd5HucAhsMBQkCIaVkAAoJEPIGkReQOOXGdYcBANYnW7VyL2CncKH1
 iO4Zr0IwfdIv6rai1PUHL98pVi3cAP9tMh85CKGDa0Xi/fptQH41meollLW5tLb/bEWMuUNuBQ==
Date: Thu, 30 Apr 2020 12:51:40 -0400
Message-ID: <875zdgx6g3.fsf@fifthhorseman.net>
MIME-Version: 1.0
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Use and development of the notmuch mail system."
 <notmuch.notmuchmail.org>
List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
Content-Type: multipart/mixed;
 boundary="===============8196731918123985558=="
Errors-To: notmuch-bounces@notmuchmail.org
Sender: "notmuch" <notmuch-bounces@notmuchmail.org>
X-Scanner: scn0
X-Spam-Score: -2.01
Authentication-Results: aspmx1.migadu.com;
	dkim=fail (body hash did not verify) header.d=fifthhorseman.net header.s=2019 header.b=dtVpTNLv;
	dkim=fail (body hash did not verify) header.d=fifthhorseman.net header.s=2019rsa header.b=l/vBB4ei;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=fifthhorseman.net (policy=none);
	spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 50.126.95.6 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org
X-Scan-Result: default: False [-2.01 / 13.00];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 GENERIC_REPUTATION(0.00)[-0.46722797083228];
	 DWL_DNSWL_BLOCKED(0.00)[50.126.95.6:from];
	 IP_REPUTATION_HAM(0.00)[asn: 27017(-0.18), country: US(-0.00), ip: 50.126.95.6(-0.47)];
	 R_SPF_ALLOW(-0.20)[+a:c];
	 R_DKIM_REJECT(1.00)[fifthhorseman.net:s=2019,fifthhorseman.net:s=2019rsa];
	 TO_DN_ALL(0.00)[];
	 DKIM_TRACE(0.00)[fifthhorseman.net:-];
	 RCPT_COUNT_TWO(0.00)[2];
	 MX_GOOD(-0.50)[cached: notmuchmail.org];
	 MAILLIST(-0.20)[mailman];
	 SIGNED_PGP(-2.00)[];
	 MIME_TRACE(0.00)[0:+,1:+,2:+,3:~,4:+];
	 RCVD_TLS_LAST(0.00)[];
	 ASN(0.00)[asn:27017, ipnet:50.126.64.0/18, country:US];
	 MID_RHS_MATCH_FROM(0.00)[];
	 FROM_NEQ_ENVFROM(0.00)[dkg@fifthhorseman.net,notmuch-bounces@notmuchmail.org];
	 ARC_NA(0.00)[];
	 URIBL_BLOCKED(0.00)[notmuchmail.org:email,ietf.org:url,fifthhorseman.net:email];
	 FROM_HAS_DN(0.00)[];
	 MIME_GOOD(-0.20)[multipart/mixed,multipart/signed,text/plain];
	 PREVIOUSLY_DELIVERED(0.00)[notmuch@notmuchmail.org];
	 HAS_LIST_UNSUB(-0.01)[];
	 DNSWL_BLOCKED(0.00)[50.126.95.6:from];
	 RCVD_COUNT_SEVEN(0.00)[8];
	 FORGED_SENDER_MAILLIST(0.00)[];
	 DMARC_POLICY_SOFTFAIL(0.10)[fifthhorseman.net : SPF not aligned (relaxed),none]
X-TUID: 86ZzcyOy3APX
Content-Transfer-Encoding: 7bit


--===============8196731918123985558==
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"

--=-=-=
Content-Type: text/plain

On Tue 2020-04-28 22:43:10 -0300, David Bremner wrote:
> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
>
>> This CA is useful for test suites and the like, but is not an
>> actually-secure CA, because its secret key material is also published.
>>
>> I plan to use it for its intended purpose in the notmuch test suite.
>>
>> It was copied from this Internet Draft:
>>
>> https://www.ietf.org/id/draft-dkg-lamps-samples-01.html#name-certificate-authority-certi
>
> This page is not found for me.

hm, it has been superceded by
https://www.ietf.org/id/draft-dkg-lamps-samples-02.html#name-certificate-authority-certi
(which has the same content for the relevant section).

the IETF tools interface also has a non-expiring version of the drafts:

 https://tools.ietf.org/id/draft-dkg-lamps-samples-02.html#name-certificate-authority-certi


feel free to amend the commit message if that would help.

     --dkg

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQQsv6x2UaqQJzY+dXHEDyVUMvKBDwUCXqsCHQAKCRDEDyVUMvKB
D0IEAQCd2C9+b9OkczsYk8TjRrRWYvnZDcLFCRQqyLsqQH3NSQD/QL8mtSRmDdU6
WhKlMer6l0YX/HcECHhimvZJQOvfFgc=
=eJyr
-----END PGP SIGNATURE-----
--=-=-=--

--===============8196731918123985558==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


--===============8196731918123985558==--