IETF Logo Mail Archive

Re: [apps-discuss] Alissa Cooper's Discuss on draft-ietf-appsawg-sieve-duplicate-07: (with DISCUSS and COMMENT)

Ned Freed <ned.freed@mrochek.com> Thu, 26 June 2014 01:39 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 647B21B2ED0; Wed, 25 Jun 2014 18:39:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.653
X-Spam-Level:
X-Spam-Status: No, score=-2.653 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EYFgPgA69_hk; Wed, 25 Jun 2014 18:39:00 -0700 (PDT)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.159.242.17]) by ietfa.amsl.com (Postfix) with ESMTP id BAC8A1B2ECE; Wed, 25 Jun 2014 18:38:59 -0700 (PDT)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P9FV3N6MW00052KW@mauve.mrochek.com>; Wed, 25 Jun 2014 18:33:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mrochek.com; s=mauve; t=1403746427; bh=MWMBM7xIb2/rUbeH95Nk8EeyWClFnMXdlLAXQGR7tDI=; h=Cc:Date:From:Subject:In-reply-to:References:To; b=YBaRISuSKRFzalhTH1uVyUBx8VkG7KpNn1xTjXGudTDpuDZBYGroHGkt2tjr79N0S AFirDu8VWQ+D8Blqp+IH0EaIPRj2AQxTdz1d6no3+kQA8KGluoLP4UtQhUuzJosUhZ 61Hyqxs3wqnH8MV2TjhycwDBZD2X/VbCXsn+W3DM=
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: TEXT/PLAIN; CHARSET="us-ascii"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P8UD4AOU8W0049PU@mauve.mrochek.com>; Wed, 25 Jun 2014 18:33:44 -0700 (PDT)
Message-id: <01P9FV3KN7620049PU@mauve.mrochek.com>
Date: Wed, 25 Jun 2014 18:24:05 -0700
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Wed, 25 Jun 2014 10:18:01 -0400" <CALaySJLXvPTZZqQmAHX2GCRyvYD=khV4fXukJ9082FibysxKxA@mail.gmail.com>
References: <20140620004041.5801.22430.idtracker@ietfa.amsl.com> <53A3E7EB.1030604@rename-it.nl> <CFCDF85C.42C1C%alissa@cooperw.in> <53A9E736.9080709@rename-it.nl> <01P9EFAYDH680049PU@mauve.mrochek.com> <53AA7206.7040905@rename-it.nl> <01P9EV40R78G0049PU@mauve.mrochek.com> <CFD06967.43175%alissa@cooperw.in> <CALaySJLWXMiGRW4EiyKbYJjzofgmGdudOyvq+7k_SEvgAVDpHw@mail.gmail.com> <CFD09102.43228%alissa@cooperw.in> <CALaySJLXvPTZZqQmAHX2GCRyvYD=khV4fXukJ9082FibysxKxA@mail.gmail.com>
To: Barry Leiba <barryleiba@computer.org>
Archived-At: http://mailarchive.ietf.org/arch/msg/apps-discuss/YBVe6UUanTdtZu3J1D3ty8HyEqc
Cc: Ned Freed <ned.freed@mrochek.com>, Apps Discuss <apps-discuss@ietf.org>, Stephan Bosch <stephan@rename-it.nl>, "draft-ietf-appsawg-sieve-duplicate@tools.ietf.org" <draft-ietf-appsawg-sieve-duplicate@tools.ietf.org>, "appsawg-chairs@tools.ietf.org" <appsawg-chairs@tools.ietf.org>, The IESG <iesg@ietf.org>, "ned+ietf@mrochek.com" <ned+ietf@mrochek.com>
Subject: Re: [apps-discuss] Alissa Cooper's Discuss on draft-ietf-appsawg-sieve-duplicate-07: (with DISCUSS and COMMENT)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jun 2014 01:39:02 -0000

> > I would still be interested in discussing this bit of my DISCUSS:
> >
> > o Section 6:
> > Sieve scripts that include duplicate tests contain potentially sensitive
> > information (e.g., subject or body strings).

> Actually, no more so than any Sieve script.  Filtering on patterns is
> reasonably common, and I don't think duplicate detection will increase
> that.

Probably less so. Consider:

# Banking rule autogenerated based on user preference settings
if address :domain "from" "bankofamerica.com" {
  fileinto "Banking";
}

provides a much bigger set of clues for spear phishing than any previous
examples given in this thread.

if address "from" "myboss@mycompany.com" {
  fileinto "stupidstuff";
}

is not something you want your boss to see.

if address :detail "pager" {
  redirect "XXXXXXXXXX@att.com";
}

creates a subaddress you probably don't want just anyone to use.

And on and on and on.

> > So it seems like the scripts
> > should be confidentiality protected in transit. I checked with Barry and he
> > said that there is no RFC that specifies if/when scripts should be
> > protected in
> > transit, and I understand that this document is probably not the right
> > place to
> > specify required behavior there, but I'd like to discuss (more with the ADs
> > than the authors) if there is some plan for specifying that behavior
> > somewhere.

> As I said when you checked with me, this is entirely out of scope for
> this document.  If someone should want to do an update to ManageSieve
> or some such, that'd be fine, but it's got nothing to do with this
> extension.

Indeed. It may even be out of scope of the core Sieve specifications, since
user preferences and addressbooks are even more likely to provide a basis
for unwelcome privacy intrusions. If this is going to be addressed in
an IETF specification it probably needs to be done in as general a way
as possible.

Address books in particular have been widely exploited; there's nothing
at all theoretical about the attack surface they present.

				Ned

v2.23.0 | Report a Bug | By Email