Re: [apps-discuss] Kathleen Moriarty's Discuss on draft-ietf-appsawg-sieve-duplicate-07: (with DISCUSS and COMMENT)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 24 June 2014 15:30 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10A721B2D67; Tue, 24 Jun 2014 08:30:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e0asQlXJ6Vov; Tue, 24 Jun 2014 08:30:00 -0700 (PDT)
Received: from mail-lb0-x22c.google.com (mail-lb0-x22c.google.com [IPv6:2a00:1450:4010:c04::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AD711B2D72; Tue, 24 Jun 2014 08:27:04 -0700 (PDT)
Received: by mail-lb0-f172.google.com with SMTP id c11so688075lbj.17 for <multiple recipients>; Tue, 24 Jun 2014 08:27:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=QCL9khtnanDAh68JJn2sHWrqgUn7iBH9IqkurXS90Zg=; b=bRvi1RLgC4XEodlkOB8ugN3FjW8sYh/0WO3SdlDu/tQVgd7Rctt6cXpE9aT5P1E0pK NPqUtjVsD91AVBVhzb2fwZNVibKypjT+l6VQQOvoIeTpD9O0PPUqZfeK5qrBeShUV3Tz nNbp2+PCXKrpvDHe10gprajF5iWBYLYM04B7/DGUkrJ1kR6yfpLGZIGwYu36UePLZ4xD DR2Pg/jZagZ16x1TvGiWZQvMybdLVb9PU6mcQ+xaZTqamH3qQ2/vxQ154qwU6a3nX3Dc p9Tpb0uXCJDkFxPF/NXTRWrD6ChF4g6xRDgEfH7RUIJd8FQ0ql5e6bTfGixB/Zof9+1y hsNA==
MIME-Version: 1.0
X-Received: by 10.152.1.99 with SMTP id 3mr1090311lal.43.1403623622091; Tue, 24 Jun 2014 08:27:02 -0700 (PDT)
Received: by 10.112.253.198 with HTTP; Tue, 24 Jun 2014 08:27:02 -0700 (PDT)
In-Reply-To: <53A98428.106@qti.qualcomm.com>
References: <20140623184900.17262.22283.idtracker@ietfa.amsl.com> <53A88421.60701@rename-it.nl> <CAHbuEH458e6eLZvF6OZUirVsrSaAbPGPj7GvsgX9tXdaU2X5_w@mail.gmail.com> <CALaySJLUePy5aRnm-fcrpuxdq6j61sNpc-zKtT73C7ZTyeF3WQ@mail.gmail.com> <53A8A7C5.80102@qti.qualcomm.com> <CALaySJ+Pa76JzPWZpstrDodVt1JzUZnNrwbBuZJqkMc8rknqcw@mail.gmail.com> <300281C7-B2DE-4419-984E-02F08EE32191@gmail.com> <CALaySJJcfDurV5DSRB+D2ag-UFMWQECWoYm6_FYVarSVDZm9FQ@mail.gmail.com> <8D7155B0-BC65-43A3-BE35-CB0CA702A358@gmail.com> <53A98428.106@qti.qualcomm.com>
Date: Tue, 24 Jun 2014 11:27:02 -0400
Message-ID: <CAHbuEH72Faro02y7Yy+mm=hjKrEmmhDcO5fkmY7o8_47SdH7cg@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: Pete Resnick <presnick@qti.qualcomm.com>
Content-Type: multipart/alternative; boundary="089e013c6ae264aaa704fc9697ba"
Archived-At: http://mailarchive.ietf.org/arch/msg/apps-discuss/klx9DD9UrAvmDYZeAkGxhTIB3YU
X-Mailman-Approved-At: Tue, 24 Jun 2014 10:32:01 -0700
Cc: Apps Discuss <apps-discuss@ietf.org>, Stephan Bosch <stephan@rename-it.nl>, "draft-ietf-appsawg-sieve-duplicate@tools.ietf.org" <draft-ietf-appsawg-sieve-duplicate@tools.ietf.org>, "appsawg-chairs@tools.ietf.org" <appsawg-chairs@tools.ietf.org>, The IESG <iesg@ietf.org>, Barry Leiba <barryleiba@computer.org>, "ned+ietf@mrochek.com" <ned+ietf@mrochek.com>
Subject: Re: [apps-discuss] Kathleen Moriarty's Discuss on draft-ietf-appsawg-sieve-duplicate-07: (with DISCUSS and COMMENT)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jun 2014 15:30:04 -0000
Thank you all for the discussion on this! It's helped to clear up some points, at least for me. Proposed text to be altered if needed is included in-line. On Tue, Jun 24, 2014 at 9:59 AM, Pete Resnick <presnick@qti.qualcomm.com> wrote: > On 6/24/14 5:03 AM, Kathleen Moriarty wrote: > > In any case, I did read it wrong and would like some explicit text that >>>> says what is deleted. >>>> >>>> >>> Nothing is deleted, as such. The document is quite clear that if a >>> message comes in, and its unique ID is already in the list, then a >>> "duplicate" test returns "true". I don't see that anything more needs >>> to be said about that. The duplicates are only deleted if the script >>> says to do that ("if duplicate then discard;"). The script can use >>> other actions in addition or instead. >>> >>> >> Deleting is one of the options in the intro. Can you read through the >> draft again as it does not clearly state what is getting moved to a folder >> or deleted (if they choose to) - original message or messages in the queue. >> I kinda think that's important and led to my misread of a key point. >> >> > > So let's be clear: The document itself doesn't define *anything* to do > once you've determined that you have a duplicate by using this test; > Barry's right on this point. You could delete the message, or store it in > some folder, or delete the original and keep the duplicate, or delete all > of your mailboxes, or spam the entire world. After all, it's a test in a > script. And we certainly don't want to say, "Security consideration: Using > this test could delete all of your mailboxes or spam the entire world". > That would be silly. > Sure, agreed. I wasn't debating that point and think it is clear that the script takes the action, not the duplicate feature. In Section 3, how about adding a sentence to the end of this paragraph (paragraph, then proposed sentence): In its basic form, the "duplicate" test keeps track of which messages were seen before by this test during an earlier Sieve execution. Messages are by default identified by their message ID as contained in the Message-ID header. The "duplicate" test evaluates to "true" when the message was seen before and it evaluates to "false" when it was not. Proposed sentence: Any possible actions to subsequently received duplicate messages would be determined by a script in the Sieve filter. > What I'm ambivalent about is whether this document should strengthen the > last paragraph of section 3 (whether there or in the Sec. Cons. section) to > be clear that Message-IDs are not necessarily unique, either through the > fault of benign generators who just don't do such a good job, or through > some attacker trying to do something obnoxious, and therefore script > writers should be conservative in taking action based solely on the > Message-ID indicating a duplicate. (And to be sure, this is only a warning > to script writers about what is or is not reasonable; it's not a particular > vulnerability in this new mechanism. A script writer could delete all of > its mailboxes or spam the entire world based on all sorts of things > available in sieve.) > > So, your call. Maybe worth adding something. But there needn't be any > grand warnings of impending horror. I agree here and thanks for the clear write up. A warning is all I was looking to see added to cover our bases on pointing out security considerations with using this added feature. Script writers using the duplicate test evaluation should be aware that Message-IDs are not necessarily unique either through the fault of benign generators or attackers at some point prior to the Sieve filter injecting a message with the properties used by the duplicate Sieve filter. As such, script writers may opt to be conservative when considering actions taken on duplicate messages. Edit away! Thanks! Kathleen > pr > > -- > Pete Resnick<http://www.qualcomm.com/~presnick/> > Qualcomm Technologies, Inc. - +1 (858)651-4478 > > -- Best regards, Kathleen
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Stephan Bosch
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Pete Resnick
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Pete Resnick
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Dave Crocker
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Lyndon Nerenberg
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Pete Resnick
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Arnt Gulbrandsen
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Dave Crocker
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Ned Freed
- [apps-discuss] Kathleen Moriarty's Discuss on dra… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Ned Freed
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Dave Cridland
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Stephan Bosch
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Ned Freed
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Barry Leiba
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Stephan Bosch
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Stephan Bosch
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Stephan Bosch
- Re: [apps-discuss] Kathleen Moriarty's Discuss on… Kathleen Moriarty