IETF Logo Mail Archive

Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations

"Douglas E. Foster" <fosterd@bayviewphysicians.com> Mon, 20 July 2020 01:51 UTC

Return-Path: <btv1==4700ea4663c==fosterd@bayviewphysicians.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB4E13A0CFF for <dmarc@ietfa.amsl.com>; Sun, 19 Jul 2020 18:51:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTML_TAG_BALANCE_BODY=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bayviewphysicians.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FgA2fMyISyM3 for <dmarc@ietfa.amsl.com>; Sun, 19 Jul 2020 18:51:51 -0700 (PDT)
Received: from mail.bayviewphysicians.com (mail.bayviewphysicians.com [216.54.111.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21C783A0CFC for <dmarc@ietf.org>; Sun, 19 Jul 2020 18:51:51 -0700 (PDT)
X-ASG-Debug-ID: 1595209906-11fa3107a814040001-K2EkT1
Received: from webmail.bayviewphysicians.com (webmail.bayviewphysicians.com [192.168.1.49]) by mail.bayviewphysicians.com with ESMTP id VDjrAQycc3SqrgFL (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO) for <dmarc@ietf.org>; Sun, 19 Jul 2020 21:51:46 -0400 (EDT)
X-Barracuda-Envelope-From: fosterd@bayviewphysicians.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.1.49
X-SmarterMail-Authenticated-As: fosterd@bayviewphysicians.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bayviewphysicians.com; s=s1025; h=from:message-id:subject:to; bh=JZdAldERpFz7KExDtHgaPWVUnUzltkQ6zeY7O/n+Sr0=; b=pO0k75sQpuY4WAlTUWERrZmO4tjVTjje4hkZCOLLvO6BV8RIBvDWgeDenhzxFGIIt aMH1ZAAeYEEKDoc1aiVC+zx29JoR+rjuWqkkTgprmFd45OwV8XyGvwm1oJL1HucZa knUzHybK5KDpGAvxLDTtjan6txcdaRhq+R5Fgn9ko=
Received: by webmail.bayviewphysicians.com via HTTP; Sun, 19 Jul 2020 21:51:38 -0400
To: IETF DMARC WG <dmarc@ietf.org>
Cc: IETF DMARC WG <dmarc@ietf.org>
Date: Sun, 19 Jul 2020 21:51:36 -0400
X-ASG-Orig-Subj: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
Message-ID: <bf5b68c74a3c487ca8a07a0a27061e47@com>
MIME-Version: 1.0
Content-Type: multipart/multipart; boundary="59e1dca42f234869ad762804fd58113d"
Importance: normal
From: "Douglas E. Foster" <fosterd@bayviewphysicians.com>
X-Exim-Id: bf5b68c74a3c487ca8a07a0a27061e47
X-Barracuda-Connect: webmail.bayviewphysicians.com[192.168.1.49]
X-Barracuda-Start-Time: 1595209906
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Barracuda-URL: https://mail.bayviewphysicians.com:443/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at bayviewphysicians.com
X-Barracuda-Scan-Msg-Size: 6516
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.81
X-Barracuda-Spam-Status: No, SCORE=0.81 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=HTML_MESSAGE, HTML_TAG_BALANCE_BODY
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.83321 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 HTML_MESSAGE BODY: HTML included in message 0.81 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/214Kw3lo8OFWowvnCcxY7Oe9jWY>
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2020 01:51:53 -0000

Ultimately,  this becomes a question of power.   Do domain owners have the right, with the help of their correspondents, to prohibit spoofing (unauthorized use) of their digital identity?Or since they are technically leaseholders, not owners, are their rights conditional?  Specificslly, do Internet insiders have the right to declare their spoofing control efforts to be based on foolish premises, both unnecessary and inconvenient, and therefore not allowed?<div>
</div><div>
</div><!-- originalMessage --><div>-------- Original message --------</div><div>From: Dave Crocker <dcrocker@gmail.com> </div><div>Date: 7/19/20  8:53 PM  (GMT-05:00) </div><div>To: "Murray S. Kucherawy" <superuser@gmail.com> </div><div>Cc: IETF DMARC WG <dmarc@ietf.org> </div><div>Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations </div><div>
</div>On 7/19/2020 5:04 PM, Murray S. Kucherawy wrote:
> On Sun, Jul 19, 2020 at 11:33 AM Dave Crocker <dcrocker@gmail.com 
> <mailto:dcrocker@gmail.com>> wrote:
>
>     The track record is that people are unreliable at this.
>
>     There is quite a bit of distance between 'unreliable' and 'blindly
>     open and read absolutely everything'.
>
> Is there?

Yes.


> If there's no part of the From field that can be considered reliable, 
> then by opening even this email am I not exhibiting nearly-blind faith 
> that the indicators I can see (in this case the string "Dave Crocker 
> (gmail.com <http://gmail.com>)") have not been falsely generated?  How 
> is this message, in terms of its trustworthiness, different from any 
> other?

It's an act of curiosity, not faith.  You know that mail can be 
spoofed.  You might even suspect that I'm capable of lying. (Silly, I 
know, but...) Or that I might be wrong. (Truly a foolish thought.)  So 
the process of deciding on the validity and worth of my message is 
incremental and heuristic.

Human evaluation processes vary, but mostly are pretty complex. Except 
when they aren't, though then it's often problematic.

Mostly, your line of comments is trying to apply logical reasoning, 
which is rarely helpful in assessing human behavior.

All of which is why this is a really terrible forum for making 
assertions or, worse, decisions, about end-user behavior.

Whereas talking in terms of receiving filtering engines is both simpler 
and more useful.

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

v2.23.0 | Report a Bug | By Email