Re: [dmarc-ietf] Reversing modifications from mailing lists
Wei Chuang <weihaw@google.com> Tue, 30 November 2021 16:59 UTC
Return-Path: <weihaw@google.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 756503A1410 for <dmarc@ietfa.amsl.com>; Tue, 30 Nov 2021 08:59:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.6
X-Spam-Level:
X-Spam-Status: No, score=-17.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UsJC9nbE9aMp for <dmarc@ietfa.amsl.com>; Tue, 30 Nov 2021 08:59:34 -0800 (PST)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29FEA3A0BF8 for <dmarc@ietf.org>; Tue, 30 Nov 2021 08:59:34 -0800 (PST)
Received: by mail-io1-xd2a.google.com with SMTP id w22so27032624ioa.1 for <dmarc@ietf.org>; Tue, 30 Nov 2021 08:59:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cinwDHaxm/mzkzrkzP0+nk5YnfeN2wx+hkaYHYgYelQ=; b=EAXK0YzD4xd9kM9a/roSb2zq796PCFDCBmreMj+HiGnOOLHM82ezZoCgRsHvrHwvxG DIvYUCaupiYxHl+qOWqCv2FP8mSK+ZrZ4/v9o+C3A2PDdbHdX/CzucInaN51OE961NBY Wltdf6Dh7Ot2dSlLOHvclf7kTQxha1OTrXOXFMY1jO68peAVcAgR0Bpq0D23f0+EOznY TfIM4uIi/WwxdqkDY7OMwEzCFUN1jRH3RQKnc1lCwYVqyslbSNjK1xwoBcRAGZHtol4S z1fsZZRwXb+LaCON9FJvEcq7SlI3dxiRRAoa/jE0iocWqVOkNvlrqP4TFU6TcQHXsCko gUKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cinwDHaxm/mzkzrkzP0+nk5YnfeN2wx+hkaYHYgYelQ=; b=JEalABkCEJzvx+U2ABrosGSR2MQOEarpgH5YKZllaVxd8O7z0pZxYKHTGv3NkZUUZV zM07BmYaGkTFmxhdUKdstBisF78jNLH+yf89w3H2ixg5uTlqOZ2TMFLJlyGfYUZxdJot RPRm9pXsJnz7vcaCva7FqxpatiO9itA3vU8RFjDShATHUj4wgRZcRPsbPlEdsbYBVR1b IGO7ofxjRqjHBsyouFZxdb7KNFZzMme5qnzQ/CN9N0CxunCu7Lk/Aubh6lTml+Ebsz+D 6hyo4DS+wmc42lf4pIsYxkMMKjSOCDUwkmJRKkwAbl2TUBg5/ZAQxEsX36yJp45iG8GQ MMKA==
X-Gm-Message-State: AOAM533CKWZMle/5JTbTS5EZiN3F2pRJ0+1C9ea2NijJoGBRPTrtJgO/ J38xuu1FTCHgx4nAKdA4SgyeR47KFulMJZZWWxCi6w==
X-Google-Smtp-Source: ABdhPJxAUyVDVZsI7x4vpr/PiSgGbiCXUVNBOnIFlRFsmPs3hSX/cvLTXG7pW4DXHArwYfuhxsSwAvEKyHoBhRITI0g=
X-Received: by 2002:a02:a816:: with SMTP id f22mr636646jaj.81.1638291571165; Tue, 30 Nov 2021 08:59:31 -0800 (PST)
MIME-Version: 1.0
References: <CAAFsWK3qshdYDeeTOLPJEnk=gHFrRp==QJLvoG6RAYHau6Fy8g@mail.gmail.com> <6aad0642-f73c-ba6f-d26c-1c1fd90e2c9a@tana.it> <CAAFsWK23GGfe+uSyPqa2wxFgRn3mk7G9ajtjfz6cKw-FaoFM_A@mail.gmail.com> <CAL0qLwa-bMyOKnQxJ0bzPAVAt41TQxTGU-qriiHZHswUMbgZxg@mail.gmail.com>
In-Reply-To: <CAL0qLwa-bMyOKnQxJ0bzPAVAt41TQxTGU-qriiHZHswUMbgZxg@mail.gmail.com>
From: Wei Chuang <weihaw@google.com>
Date: Tue, 30 Nov 2021 08:59:18 -0800
Message-ID: <CAAFsWK35Qk=trLUWVmtZmytLa5UwED+dZsE_-rK-n7qZAVbZcQ@mail.gmail.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: Alessandro Vesely <vesely@tana.it>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000023c0f905d2047bc6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/2WQJAVX_MfMZgE04wn8NKtlFJUs>
Subject: Re: [dmarc-ietf] Reversing modifications from mailing lists
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Nov 2021 16:59:37 -0000
On Mon, Nov 29, 2021 at 11:27 PM Murray S. Kucherawy <superuser@gmail.com> wrote: > On Thu, Nov 25, 2021 at 12:07 AM Wei Chuang <weihaw@google.com> wrote: > >> Sorry I wasn't too clear here. It's largely the same idea as the DKIM >> body length "l=" field above except for reformulated for the Subject header >> and its mailing list mutations. The original sender would encode a length >> of the original subject say "s.l=<value>". A receiver would only hash the >> right most "s.l=<value>" length string when validating a Subject hash from >> the original sender. This assumes that mailing lists may prepend a string >> typically for identification. > > > Seems to me that means I could insert anything I want before the last N > octets of Subject -- say, a URI pointing you to an ad or other unsavory > content -- and the original signature will verify. > > -MSK > Agreed the original signature will verify. We could also encourage resigning by forwarders as done in your list-cannon draft in section 5 and with a new "s.l=" field value, in which case we can determine who added the URI to the subject in the above example. Partially signed messages i.e. signed by the original sender but not the forwarder might be treated with more suspicion, than messages with full coverage. -Wei
- [dmarc-ietf] Reversing modifications from mailing… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… John Levine
- Re: [dmarc-ietf] UNCOL and Reversing modification… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Douglas Foster
- Re: [dmarc-ietf] UNCOL and Reversing modification… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] UNCOL and Reversing modification… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] UNCOL and Reversing modification… Baptiste Carvello
- Re: [dmarc-ietf] UNCOL and Reversing modification… Douglas Foster
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… ned+dmarc
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Dave Crocker
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Scott Kitterman
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Benny Pedersen
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely