IETF Logo Mail Archive

Re: [dmarc-ietf] Which DKIM(s) should be reported? (Ticket #38)

"Brotman, Alex" <Alex_Brotman@comcast.com> Mon, 25 January 2021 18:05 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADE743A16CB for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 10:05:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dz0qi0jSDV2d for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 10:05:50 -0800 (PST)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A73663A163F for <dmarc@ietf.org>; Mon, 25 Jan 2021 10:05:37 -0800 (PST)
Received: from pps.filterd (m0156892.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 10PHvBUM008286; Mon, 25 Jan 2021 13:05:36 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=20190412; bh=GQSzZXcUZ6bEEjYz6bZb7HK1TREHoYf3q1BApL4kPwA=; b=M4shMf5wpx9Jx9xD/B39h0oVLl1eaphmBRaAHqh25L6/hKH/Z0UABnlHBLgMa69A8fgf K3Uph9IWjSLPZ48ayLlAnr0p5JytOzP6v/LMBPv0KNyWZq1exczrtVRTwMwQml5t/dgX Nvok8py0DwsaQ1dbwZ0ejh2ypho9NgdUGKZHF3UzjRL5cws+ZMa7s1eUCqpuITPjHKx2 MYgkHiEJt8f8uT1ZfyfvmoJUqjMdQTl3cCcVep0HBbJ+gjXoLFF2KXgLTMI0Jd4Fk6oS 38IgLD+HINyDh2/d3CSzl4y7QHVrS/cj8Pme7DIEh5EbSxoUR9RQzUA36uCzo0cMWLFt Qw==
Received: from copdcexc36.cable.comcast.com (dlppfpt-po-1p.slb.comcast.com [96.99.226.137]) by mx0a-00143702.pphosted.com with ESMTP id 368g0qc344-6 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 25 Jan 2021 13:05:36 -0500
Received: from copdcexc33.cable.comcast.com (147.191.125.132) by COPDCEXC36.cable.comcast.com (147.191.125.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Mon, 25 Jan 2021 11:05:34 -0700
Received: from COPDCEXEDGE01.cable.comcast.com (96.114.158.213) by copdcexc33.cable.comcast.com (147.191.125.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Mon, 25 Jan 2021 11:05:34 -0700
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (104.47.44.51) by webmail.comcast.com (96.114.158.213) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 25 Jan 2021 13:05:40 -0500
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by MN2PR11MB4175.namprd11.prod.outlook.com (2603:10b6:208:153::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.9; Mon, 25 Jan 2021 18:05:21 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::7ca6:b482:a6b0:4d42]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::7ca6:b482:a6b0:4d42%7]) with mapi id 15.20.3784.017; Mon, 25 Jan 2021 18:05:20 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
CC: "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Which DKIM(s) should be reported? (Ticket #38)
Thread-Index: AdbysIxA8zFO9cEQSfqEK/Gf/4kCJwAjb00AAAFjs5A=
Date: Mon, 25 Jan 2021 18:05:20 +0000
Message-ID: <MN2PR11MB4351CF66E49EE202C9F1EB3FF7BD9@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <MN2PR11MB4351BD7203D41DB25771D3B3F7BD9@MN2PR11MB4351.namprd11.prod.outlook.com> <CAL0qLwYHsZuOAi+ewvaXc_upXAMQ_eGwpw3VgxsnUsrqCYTNdw@mail.gmail.com>
In-Reply-To: <CAL0qLwYHsZuOAi+ewvaXc_upXAMQ_eGwpw3VgxsnUsrqCYTNdw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=comcast.com;
x-originating-ip: [2601:43:101:380:a15b:1edf:6851:816e]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 71f11586-86e5-4cef-6ab4-08d8c15bc7b6
x-ms-traffictypediagnostic: MN2PR11MB4175:
x-microsoft-antispam-prvs: <MN2PR11MB4175F03BBA852576FBF71D65F7BD0@MN2PR11MB4175.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: EdI4zge5HWx0lwq+5q7luPvlINuKfeFNl/9RSVRsSrFaD0IVxPs8fulyRTOLDam1oT4SmSKbfr2QtYROw/FOAWA3T4z0ToOtTkOnRcxM8fkqW9nPJwTZnIBbV+8W7RutbmqqQ0kJcY7Y42LxyzUzs6caLQ77aU4kN1U94/61Bq2cxGpElvaaN8s84kuq+wdxByWSNxkKDH83dIghFfH0BeAKn0luw28dpqWw89oOeolXVcbTvQgttbSWyBusyOEEPRPQwcOKiiwSVH6m0Q4uiMjJTU39rXqz30esFaYic6RKZ+HxPyyPLpHZk4/AvhWyC1MuGaNJ+DCWBj1hIJEIPNZATAv3rSd4+Ll4mLZtNY8eB9svUsHt469UScNNHOfl9iiqMVVWCRFIZmOzRX477A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(39860400002)(396003)(346002)(136003)(84050400001)(7696005)(478600001)(6916009)(52536014)(186003)(71200400001)(4326008)(33656002)(5660300002)(86362001)(2906002)(66946007)(66446008)(55016002)(66556008)(64756008)(83380400001)(66476007)(316002)(8936002)(8676002)(6506007)(9686003)(53546011)(76116006); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: Nit4vG+hFQocRJSQJBgKu3YJ2tbTLb1ro4rtqJgnTR/ChljhdBQgIod1k6HSmg8A01RHvc1an7hg933k/4bgW70u4oGubwIsiVAFhHBwUKrYW0HRJ7SRy9I/obkvTii3xWf6R80cc/vDHpROPv0i0Zfdb/XCQq5PAwN8WX4uFsb0bucxgNrEwozPwINzki/XlMNX63ZdpX1rx3z+yF3j4vDFke+OgrV1MCziOtqS2MjP+amJbH3ZzxE3yK8WGQN0l7szGj+YXxswdJ2T6y6JcBQvhwP+4p0HZhqLW3CIxGWXnpDDSahQZth+B35xGf1JZ4ChR7I7gcXJ4ONRkNMXjrvyy3Jr1qGKn98q8itV2UEbXyGTGBnYldertxVriYhbM8FZfb7OTRQM39rmUXxxJR6gYi9Ex8NIDIdAmp6ozQxnR/lHyZBs1YM0eXvzpwPTNxMN6jKWiRzau4Fagq3gvXNjbe8Uj15SQu258MkU9v0YYkhu0JzgThN4qgfs1MJQeR4h/B2ogCvwzQmV/DrkLtWBdZ3xcA8QTiW77gBtIxz6+eSQSHY2E4r/pSUbDIQVTot/mo/cdAII2j00T7Y/qRSGiZrkG2XTcxLUYBfDBJdigfsGB+yFTASm2G5ahjoPUSgBLSRMPNlq6OKeWkG1mpMy4gk9JNCcwtWwcFx9ZagpWYpLhpYpft3MrnmtGPaRSL89Q9dEi7EdlJ3GxC53xB9lEZJ6xebXYopjkdheQhdlR0yh2rzS6+FPc2ECOym6HGzeePRCv8Q4PjNXivw+vNw2wOS//WtuolZFH2et8Cg=
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CcXwEkAklDauyghXrciMwNpyH0tfB5TRlss8v7e8HWP+8Heyzmy/be0t0OJmCpPYjVlT5/QhD/FoqeCQZnKsCp779BTXf6jAedRam7U7ceebDgccUFCnByRWWhIw8ihBlkNlfuZCY54W9BIE2mq/KRFRJ7bIqJrXg1V3yLXZpB3h4L6Bwgnf8uzyHXJTZm48cnsZgl9AGxhFMZJoUxT1nbximQL6SlKpp/QjxXJkN6bKZzO70XOe3oNUrF521jdNTK3qge1fuR7LtiIhoTaT60c8k2KFnC5SBhuw97EjoFZ9+jtBE89qACu89fQe0CooZ6FpQrWP7we7pDs7q0y3Jg==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1zUYzvZRjPsDzqnxFcVmkf6vdZ63zNekMdi6dtvMN5Q=; b=TJ2c98bZbH9FO53BHib9tu+eo/uIBnfGCl/MRkcLT2Xc2RklkTmNTlWhu85nzuiKOX4acMaiJpbhv8UudV2spfJy/Ft5UhZ9ZJLioyEfQA08AVsZhvqYsOSsLTx8W6sN9ZM88G1iAZ4nAPQf2t73SvH28GTTxR0cLsk8quxVfdtdKIxqIKHuRFLdOQlETEgik3nSzy0AfFEj++GrtGKhemcpQzaSZpUqfM0Otiwz6OHoSGzoKoPm5eLpB7ExxKvJEb0NaWzR6KfUJQbvv7NaRP9AmjdvOeOcEC2EBRHzCLJ5aHthkH75k11XNOEtshz418HSw3XVxR9FCYcKWmjXPw==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 71f11586-86e5-4cef-6ab4-08d8c15bc7b6
x-ms-exchange-crosstenant-originalarrivaltime: 25 Jan 2021 18:05:20.9430 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: xGWf+qYhFyeIl+kCnfetdyfVOhxAFRBtHfGBhU8dOjRrt9hCyEtmcHtCXDIf7sj0B4OPY26bOEU6x9MyBCuAFe4b+obPL7hcpPcivUWAD7M=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4175
x-originatororg: comcast.com
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB4351CF66E49EE202C9F1EB3FF7BD9MN2PR11MB4351namp_"
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWA
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343, 18.0.737 definitions=2021-01-25_07:2021-01-25, 2021-01-25 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/-Vi4W29ZDgROEIVrN8BeLN4DFmA>
Subject: Re: [dmarc-ietf] Which DKIM(s) should be reported? (Ticket #38)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2021 18:05:53 -0000

Murray,

Personally, as a report reporter & report receiver, I would prefer to not try to figure that all out during generation/ingestion.  I’m sure there some use case to be stated for storing/reporting unnecessary data elements that have “no bearing” on the outcome for DMARC.  Or perhaps it could be perceived as a data leak to show where messages have passed on the way to their final destination.  But point made, and if we go that route, we’ll be sure to include pros/cons.  Thank you

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

From: Murray S. Kucherawy <superuser@gmail.com>
Sent: Monday, January 25, 2021 12:20 PM
To: Brotman, Alex <Alex_Brotman@comcast.com>
Cc: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Which DKIM(s) should be reported? (Ticket #38)

On Sun, Jan 24, 2021 at 4:25 PM Brotman, Alex <Alex_Brotman=40comcast.com@dmarc.ietf.org<mailto:40comcast.com@dmarc.ietf.org>> wrote:
Some time ago, an issue[1] was brought to the list where which DKIM(s) being reported is not clear in RFC7489 [2].  There was a short discussion, though no clear resolution before conversation trailed off.  It seems like there were points that may need to be discussed.  One was whether the reporting SHOULD report all signatures, regardless of alignment or validity, or perhaps just the one that aligns (if there is one).  There was also another question if there should be a limit to the number of signatures reported so that it remains sane.

A warning about use of "SHOULD" (or "RECOMMENDED") with respect to protocols: Text saying "implementers SHOULD do foobar" presents the implementer with a choice.  If you're going to say that, you need to explain the choice; in particular, an implementer should have some idea of the circumstances under which she might legitimately not do what it says and what the implications of doing so are with respect to interoperability.

A bare SHOULD, meant to be hand-wavy like "you really ought to do this, but you don't actually have to if you don't want to" is likely to draw attention.  I've been kind of picky about this lately during IESG Evaluation.

In this case, "reporting SHOULD report all signatures" -- why would you not?

-MSK

v2.23.0 | Report a Bug | By Email