Re: [dmarc-ietf] Ticket #42 - Expand DMARC reporting URI functionality

John R Levine <johnl@taugh.com> Tue, 26 January 2021 17:16 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC8F43A0B8F for <dmarc@ietfa.amsl.com>; Tue, 26 Jan 2021 09:16:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=PV/XMWJF; dkim=pass (2048-bit key) header.d=taugh.com header.b=M1kxiUa6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yKNTYStkVJ3l for <dmarc@ietfa.amsl.com>; Tue, 26 Jan 2021 09:16:41 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F16913A0B59 for <dmarc@ietf.org>; Tue, 26 Jan 2021 09:16:40 -0800 (PST)
Received: (qmail 68267 invoked from network); 26 Jan 2021 17:16:38 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=10aa9.60104e76.k2101; bh=FVTtN9V3WzHugwX7QGmguxfAVH/u1eFfR/za1sfdWic=; b=PV/XMWJFlvNX5BcR7Kg1Vb05FFYegVYSTtGPfq/eW3BP4zd5rriRomh7tCLtR3QeIfyTJxMfxVtBPMU7TsPnOhSpBj6xbkLZEGWMnekPGcNyVub/v95WdR6NLO89bYwdVy7apFbyEAue7j0QDhLE3BpDOzC7bRpZhi+ujbPGJVq5ZDOI5m/fVgHMNiw3Pe0Eux+bNtGfwFm2JqSSaNSeCkRk8TgQLzrh6b/wRQOUzyuqwvM/ws6ACXPldl9inDbkvjrxt/C1v8mCxNo8N+VQSPEP0DMHAyRF52RuRdg+qXy56C8m4iL3Hfyo/gqh8fcGs77RjhGCvC6SRdrn/G5WRQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=10aa9.60104e76.k2101; bh=FVTtN9V3WzHugwX7QGmguxfAVH/u1eFfR/za1sfdWic=; b=M1kxiUa6gV/GSKM8LrnK4SniMyDOvYtJG26PN0UnthL3xLM2jZNo8B4Io9+VC4mFA0jzHDdvT75LFphbHnN05trCWQW/1+w1L6B8TnlaxpfJyNHYvFUNP21NLZ5UMgf5jx8QyXZ/rTauKLlxacqDJEZ1XvKd2s1B3f83P71BY4LCpx1v3LjehbIGoOAe3YgqeY9Ba2VIYKmCz4EkuA57EvwE0lhk7GZwqL0y34CBJptpcOP2Jc0RX4NTSf9xkLY8s9rUv7mNaqZ0pf5kcV3fhGD7N+HZk7q7x912ArD7nyHRgACrXWyPQfRL+JGbGfODD8ib8B01uyABnCcg2QtQRg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 26 Jan 2021 17:16:38 -0000
Received: by ary.qy (Postfix, from userid 501) id B32896C1D8F8; Tue, 26 Jan 2021 12:16:37 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 2548A6C1D8DA; Tue, 26 Jan 2021 12:16:37 -0500 (EST)
Date: Tue, 26 Jan 2021 12:16:37 -0500
Message-ID: <bbff75e7-9580-cd37-da2-e797a53859f3@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Alessandro Vesely <vesely@tana.it>, dmarc@ietf.org
In-Reply-To: <5749790e-c305-b77d-a2f7-94c30579aa4e@tana.it>
References: <20210125212225.9045B6C14E41@ary.qy> <5749790e-c305-b77d-a2f7-94c30579aa4e@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/16cRB5LQeJErAdoYAVoiIrIdKNM>
Subject: Re: [dmarc-ietf] Ticket #42 - Expand DMARC reporting URI functionality
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jan 2021 17:16:43 -0000

On Tue, 26 Jan 2021, Alessandro Vesely wrote:
>>>>> Won't we put a DKIM-Signature: in the http: header?

>> Sheesh.  That isn't mission creep, it's mission gallop.
> The spec can be commissioned to a narrowly focused WG (like dcrup).

Really, no.  It's something we might think about on its own merits some 
other time, but its absurd to try to do it as a detour from DMARC.

>> If you want a domain identity (even though in this case it provides
>> nothing useful), what's wrong with a client cert? They exist, they
>> work, they have software support everywhere.
>
> Even if you can deduce a From: email address after the Subject Alt Name, you 
> cannot reliably associate it to an organizational domain.

Sorry, that makes no sense at all.  The cert has a domain name, or a bunch 
of domain names.  You can do exactly as much or as little with those 
domain names as you can with the domain in an e-mail From: header.  Keep 
in mind, of course, that none of those domains have any connection at all 
with the contents of an aggregate report, no matter how it is delivered.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly