Re: [dispatch] Proposal for scantxt; scanning opt-in/out, identification, verification, notification, and reporting

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 04 December 2022 03:53 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21C01C14CE30 for <dispatch@ietfa.amsl.com>; Sat, 3 Dec 2022 19:53:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i9-CNi4EQJ4O for <dispatch@ietfa.amsl.com>; Sat, 3 Dec 2022 19:53:53 -0800 (PST)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0702.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1f::702]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 613DAC14CE26 for <dispatch@ietf.org>; Sat, 3 Dec 2022 19:53:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oPuCm41Tdl+wpISr1S0ptqHn/wjwoSHeeepkqRiVWUZuraVkgL3JKLSZ6vnM2HaSojPtW1uV9Cg6mZIMTWsaRAsuHu8FFtjSsSba40aTVrJSDL8LRoLFfIcAiV9cXB5A4O52wUsgjS9UpFljSQSqhld1tuzGoK0RFEeOtM8llAanmD6LiUICGuOELGoY+D98e7z5HrZ8y02MA9a80FoTx2WNldLZIYK8Ce/aGPjeiL6WZrMFL+1cGMQLam2KNdDOWvrBhLb5zP/8YYkGzclHeZ+QZcGdvYQ84o0UfjA7TckRraxG8e64WwnXTF1tVOnwbc6vkf2orHQAU3WjIh/t7Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DszmTBjTVnpaCzX+mnnQAuMPPVugdk6QAJROEzTazq4=; b=OU7vQMBds9GM/mg5OlK+Z1Yl1d4BN7QpFpRKkoNZJoWPrgUeWOUsVlQCItvcajseppbC8J8OxW00kkar+DrHAw/37MI3tyxz4ycfod8SNako6sY8ThCTw6IjtrHzdKWQ/UbeECOVxrNr9UWKFqM7Tce+l5Di4EiVhuG+D+QDoF4cmDC+b8F9WMHguVEOvNkSQM1P9JmylbsD4pzFeP6Kers96puP20WFEOHnqsjuxlTx+pGEWFw9TAgxoqiph3+DnPVHwxml+HraOWCUCIeW4BENVOPU9ak1MtzF7X9PY5vH1pMYY3LCHDkV2YP1RyLh6O/WB9oOz7OFtrrEA6LOAQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DszmTBjTVnpaCzX+mnnQAuMPPVugdk6QAJROEzTazq4=; b=F98iesiwZFJtC/HChbbW8AQRqA2OCAuhYQ7OEGoF/yOb5TiFAhZeThcYU3L1SZGFS0UPsUAZldlCBy1VaaiKznc+sicszCrcIQXdf33m0C0vZXKN+iw9sfnFYRK/kUGFOnubgM3DPLjLl0z8KeWw7THBo7UC93J+y3CDLZCZ2L6Wc63Cd68oezATdhnFtK0ucFG/oj27c16gWm0aTsnxOeA+7smBk1xVDKTY989WMAQnctSdotoPJW/xywsWoy2Pp0Pxm17buvKWGjuZzxhJd91OIZU84crM+TN1C498//7U53lSZEryzxCMxkqA56/O7NVz813nNOuLaSBtpdy/Ag==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by AM0PR02MB5810.eurprd02.prod.outlook.com (2603:10a6:208:18a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.10; Sun, 4 Dec 2022 03:53:46 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::c025:1133:f726:aa9a]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::c025:1133:f726:aa9a%3]) with mapi id 15.20.5880.011; Sun, 4 Dec 2022 03:53:46 +0000
Message-ID: <4f7a0b7e-b51b-ac06-c099-68143cba057b@cs.tcd.ie>
Date: Sun, 04 Dec 2022 03:53:45 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2
Content-Language: en-US
To: Ollie IETF <ietf=40olliejc.uk@dmarc.ietf.org>, dispatch <dispatch@ietf.org>
References: <DpQ5uHELA0lH7BVEVwYLzRqEKkYJcW5Rgf9heoiLMD-qvhF-0x1xTsKQXCLf0M1umhYJqX8b-rvHlOt-cfnMPIUzcBFv1oFnnNEWbFy5GT8=@olliejc.uk> <Pz04VxP2fVxjR8KuzgdQMGsk7cFWlEmb9yHyM6_DVhtPs--WQVWJ1ZlFbhzNWWtXd5M_ipGJw1LmBAE4ulr8vCd7nKcL-t8tBaBtPGyWZzY=@olliejc.uk>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <Pz04VxP2fVxjR8KuzgdQMGsk7cFWlEmb9yHyM6_DVhtPs--WQVWJ1ZlFbhzNWWtXd5M_ipGJw1LmBAE4ulr8vCd7nKcL-t8tBaBtPGyWZzY=@olliejc.uk>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------qo8sUszIYXPwV2ktX0gSHDSD"
X-ClientProxiedBy: DB3PR08CA0018.eurprd08.prod.outlook.com (2603:10a6:8::31) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|AM0PR02MB5810:EE_
X-MS-Office365-Filtering-Correlation-Id: 03678c01-27ec-4ec9-116e-08dad5ab24df
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: PnsvFkUO5Ykv0JrVAXomiSRp0XABDgIGYfSOcYVOD+hM8Vs6ns07JEJqgp+biRw3DuO9+nIfwyrCNVq04TYJavnltJ1+C+pbInJ6G3qNKk+bL2Bg8X3IvxPMc/9WjCmy5TXAY/27p64KGqYHuhXtH3g1+YAuRgZgFJz4YGAJvTg00k/z+YY9a1nXmtOKLnRcpFojnD8Kgsxxs/STNZpTBf63vN45kLU7GrclIVGq6cItVcyvjc41dUhJuYCwcMB5dVrd48WFzI4S/gIdHU8FuVwZt5sCSa4NJ1EZnsstiAmfA7L6rSlC/qh7cqznd2Lu6IVO989NFYOSyJYRg+E3aLfmhuCo384ZzdhQ+jlufFtRmbB/MFxGbPLgT+DRlFqt8QKd0d9keGUyviJqpq5c/J/UE6O6jVxkYlS5fVKg8jZ8ad0T2Gi4Huy69FNxaMitMW4T90Hy7td0P2SV9OO88ZtAmMgnN987QPDLx5EHm15SJW8+hm4MaTWAnEjAGkxN3XzQQiOc+sF+WM9vGW4L2qsXaxfGF//3YMTyEWopn7RW6Q4UrkVUCjYeWn38KpCkc0Wi6MM+z3MSmABlZ7Z2I/9sqKtLSe76MtrE8w0TNjgU17dvdQKNghH2j/EYKyiU4JvLHOqYDliQpwYw0vYEiU9fTMOGzyFkEAHInL9C7WirFGsqV9PMfgx3thtfY0xjoGgfZRfA9MLCljtNhgqp9WzqJuShdfiSPqBHgWraTC1lAeJyN9KgmQuHB7Lb01+e9dpOYnDuV1zXv6uJ/zyKog==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(376002)(39860400002)(136003)(346002)(366004)(451199015)(2906002)(86362001)(31696002)(83380400001)(21480400003)(316002)(786003)(110136005)(53546011)(33964004)(6512007)(6506007)(6486002)(186003)(966005)(2616005)(478600001)(5660300002)(235185007)(44832011)(15650500001)(8936002)(41300700001)(38100700002)(66946007)(66556008)(66476007)(8676002)(31686004)(41320700001)(83080400003)(36756003)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: PbaYglQQWsT/eWfE8OWuEwy0K9EdQIX8X07SMwdZX5ljDRFvaqVV0pmTkg+JAbuNcZYxNZbN9oDFdBaI6QeaJVSdToHHx8tRvUBl+ZfqZR34TYb/6/14LlCe/WQ2bvTsAbvdzbFLcuv88v9N9eeLQrY4+vMiiZspVDEIOT/tqRs3v2ZXHhUyosOq2erpyexS/2WR2mFMkokBO6hkZ/UG5VrnjInPVYRIHdcCLRl3gApX7eAN3UNMhnAdCHQrFXGTUY+abphBrrUQ+umYlmfHVlf2oy1Ouw0f1BIGAFOh5KoOD1+N48Az767O2dsShozknWRYpAmcJ6ar6pUX7pV/+MswUckm1AAxstpgzOWFGZUBVv6CLSRchaqw2OBIz85d9SC+VY6XufFF5P40FPYQZ9mQQKt4lxaGcN5/1tFFORcE5FRutkWZsH6U/MnvqrDEICtEZ5WWyGOotuH4laZQHPYlyu8pR+MQzm/iYgz5Qel+WbuzeIciyTo8Eca/xl/jx2CIKiFYkBNrDHkIdl5ugi9K2luEzsm2NunLVxOIS+gyBoOGj/ct6V0zgzg30K3U9pduutFyK2hSvYYdN/L43ob9KHsN521OM7tGl4/LA9tKmSWmPOsSXvx+BPeHq9+bKmMeaE+p4EwrW3JBqtXpN1Ktc0iShiyYaCaO7dhUQS9GznmjbkBf0yF8CY3zl+Q3MjH+xWTZQv6Eo6it0VNAPK5Odbmr7w6sA/rJLMjGJmVmtKxS4Wv50imZzJtuRvLbkBxKpbS0zV8ThefwA21y//ldYgGpCPLGCsMvQ07HlswDnYy+55wkbqKBcRcIkzB6OsPThEFOJWXx/ra1a2Moybv9vsUYOJOwCe1Mwh5s3v84f1/Oi+UkBhv9okP6SdQQUmjo3XqnseKbMrBruIKznCD36cTShPjjrz4B+qZ3Ep46+agcsuJ23IjxC6e1YG9tEffC64NUgzXi/uJZ1UksngDv66R+S2ZQpCirbFEOlFPqEXpy9+gc+XYaQbsaX15o+vZrxgB6DyzD839qIl8KDezE7ROBlnGw210MDOazjVmmD+fEv8LExNudu1QeiKL49bPU8nv3ABaPSSAdfTXt7slkvZ3WdIxcBIvZqbmU4OxuyPPu8HCxk1CHElymYgzOWcrscz9klgFGVQrWWmdUTIqMNNJNMFTGcgpnPoYPjXo6fGJi62dOpyOBUE4ihqRtsru9LxSWD/56ojIxIJ7FyyiDaxorN95p8wae8gluC3DPNmekTNWuQPv4H0J3vlkGnwbbnnLB9RvO91zyD4eMmchFRQfX3YULc/CSdc4rtxqI0KTVcaeWMMGPHV0oauLQuJr/PrF5yCxRJ5Vtb0QyOdOdQKRLz1Czb4tb0OR4FNlDL4fCUlIKXQL0d6PRhUkYQwkn2R+kTdZWitavdhPXBgotQ4RSJw/BuCP5jXIPgdcXzlJPPYxglbYwxx25bX1lO82W77NFtqZ8ttzS4nMFlEIBVVESw1z2f2hryOqGUMJnmacjO+eCAbc9t7XIyY/zXidQ0ttPEJbND40jfNCso23o7et9yb6+0c0YhRdntzOtqwvxE5dpz6P4H8BrYbRfxESls4iDcnYZsLudK4oPn6P3a7amTHf9CARKujLeuXoruAl8gHwLcHNEO4oloD0P
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 03678c01-27ec-4ec9-116e-08dad5ab24df
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Dec 2022 03:53:46.4975 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: BjdIKmvMtAcoIcwomHTnEOfEF25CamfRe6fu2qrZ6iF2KEjkjcErguSNohY9MWW2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR02MB5810
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/DJMr5rRFz9eEchDL48D78yTe9JE>
Subject: Re: [dispatch] Proposal for scantxt; scanning opt-in/out, identification, verification, notification, and reporting
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Dec 2022 03:53:59 -0000

Hiya,

On 03/12/2022 15:23, Ollie IETF wrote:
> The scantxt project (https://www.scantxt.org /
> https://github.com/scantxt) I'm pulling together aims to develop a
> set of mechanisms for both scan recipients (website/infrastructure
> operators) to indicate their preferences and verify scans, and
> scanning tools to identify themselves and report findings in a
> consistent way.

Disagreeing with John, I think this seems like a useful
thing to consider. I'm not sure if standardising something
would be that effective, but afaik bona-fide researchers do
mostly try do something like this, so there could well be
value in a standard location that can be found from a source
IP address at which some pointers/hints can be found.

The current proposal seems a little over-complicated fwiw;
when I've done this kind of thing, I just put a bit of human
readable text and a URL in a TXT record at the reverse IP of
the source of scans, and only ever had one contact resulting
despite having scanned quite a few IPs. (That one contact did
of course object strenuously to being scanned:-) But I've not
done that much scanning, so others may have more experience.

It could be worth also getting opinions on this from folk
involved in the IRTF's maprg [1] (that'd not be a venue
for standardising anything, being part of the IRTF, but the
people on that list will be more familiar with scanning).
And just in case, the IMC conference [2] is probably an
academic venue with a pile of people who might also care,
but you probably know that already.

Cheers,
S.

[1] https://datatracker.ietf.org/rg/maprg/about/
[2] https://www.sigcomm.org/events/imc-conference