Re: [dmarc-ietf] Fwd: I-D Action: draft-ietf-dmarc-psd-01.txt

Scott Kitterman <sklist@kitterman.com> Sun, 24 March 2019 04:31 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62E61130F08 for <dmarc@ietfa.amsl.com>; Sat, 23 Mar 2019 21:31:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.486
X-Spam-Level:
X-Spam-Status: No, score=-0.486 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_RHS_DOB=1.514] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=1NhnXCS/; dkim=pass (2048-bit key) header.d=kitterman.com header.b=NXFBJix8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h2feqRDPRTNs for <dmarc@ietfa.amsl.com>; Sat, 23 Mar 2019 21:31:18 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7293130E98 for <dmarc@ietf.org>; Sat, 23 Mar 2019 21:31:18 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 324B2F80736 for <dmarc@ietf.org>; Sun, 24 Mar 2019 00:31:17 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1553401877; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=AcYFq9OaV/jC3v0hWe4nbzUJ4kyh2+vO7reR306VJSc=; b=1NhnXCS/8jbJzyfktCyhT16bpbh0wrAn3FsqBIOj6KjOGLf7mjQXpEku OalWd5xD8e6hMw3KiX9+xW4ANvm4AQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1553401877; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=AcYFq9OaV/jC3v0hWe4nbzUJ4kyh2+vO7reR306VJSc=; b=NXFBJix8KJ3O2uSQ7KWzMsAj/dQeqos9lg1yAoZdFyFZxYFt79jHegsO bPyezMTfWPqIK8m1QjOEd0YopunUq8DF/IIg+/tJs48RQNBQ7V0IvFncMf P92zD4ZbXoDkXfiewbI5LJCL8vTMN1LSrH/6qNvFcnyJrQmVwznsupijAh SO+fj5O93bnnul1TbptfWZp/JzcdI/GnI1tcaukPh8iUJiiyGhNul2exYX y0mbwwJ144vXg+Tvk8qVx847IA46HYBTK4lkOxE3hJvyzRkUOxdUDWAk+5 D5E5bHTP5o91F/j063Mvf9vx7cmNR2mFGo+SqFdFw+32SZd/z00epA==
Received: from kitterma-e6430.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id F0E39F804C8 for <dmarc@ietf.org>; Sun, 24 Mar 2019 00:31:16 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Sun, 24 Mar 2019 00:31:16 -0400
Message-ID: <1984236.HAtKmyD7dV@kitterma-e6430>
User-Agent: KMail/4.13.3 (Linux/3.13.0-164-generic; KDE/4.13.3; x86_64; ; )
In-Reply-To: <20190206015918.05BBA200DD44EF@ary.qy>
References: <20190206015918.05BBA200DD44EF@ary.qy>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/0Nz-JfbImWjhxCEZVpJ68blr90k>
Subject: Re: [dmarc-ietf] Fwd: I-D Action: draft-ietf-dmarc-psd-01.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2019 04:31:20 -0000

On Tuesday, February 05, 2019 08:59:17 PM John Levine wrote:
> In article <6596039.Rh8MxG5e5K@kitterma-e6430> you write:
> >The current PSL is over 12K lines long.  What we're talking about here is
> >probably .1% to 1% that size.
> 
> Indeed, but since everyone has the PSL anyway to find organizational
> domains, who cares about the size?  The point of asking the PSL people
> to do it is to find a credible third party to evaluate "all your
> domains belong to us" assertions.

So my understanding is that the answer was no, they didn't think the PSL was 
appropriate.  Personally, I agree they would be great, but I guess not.  If we 
come to a strong conclusion that this is the right way to go, then I guess I 
could make another run at it.

In the mean time, in order to at least have something, we now have 
psddmarc.org with a way to query for PSD DMARC participants.  My plan is to 
take some of the text from the (now removed) IANA section of -00 and make a 
non-normative appendix that describes why we want some kind of external 
mechanism to constrain which PSDs we use this for in order to mitigate the 
associate privacy considerations.
 
> >  Leaving aside for a moment the mechanism, would
> >
> >people review the latest draft and see if they think the privacy issues are
> >adequately described and if they require some kind of mitigation?
> 
> I think it's fine.  At the end where you talk about failure reports,
> you might note that since they contain actual messages, any domain
> where the admistrator does not normally read its users' mail already
> has the same issues.

I'll add something about that as well as some off list comments I've gotten.

I know this isn't the ideal time for people to be reviewing stuff, so I'll 
work on the draft and publish something during the week for discussion after 
people get back from the meeting.

Scott K