Re: [dmarc-ietf] WGLC contentious topics (I'm in the rough and I know it) in draft-ietf-dmarc-dmarcbis-30
"Murray S. Kucherawy" <superuser@gmail.com> Mon, 01 April 2024 14:53 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD3E2C14CF12 for <dmarc@ietfa.amsl.com>; Mon, 1 Apr 2024 07:53:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mfFWR7BPTezE for <dmarc@ietfa.amsl.com>; Mon, 1 Apr 2024 07:53:02 -0700 (PDT)
Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33165C14CEFD for <dmarc@ietf.org>; Mon, 1 Apr 2024 07:53:02 -0700 (PDT)
Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-a469dffbdfeso161392666b.0 for <dmarc@ietf.org>; Mon, 01 Apr 2024 07:53:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711983180; x=1712587980; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=QGonRWtvt7Ai1NOBXwWO4TgzVeOhF8gRhbkdbZl+zoE=; b=l8PT+6bDdTLpalvQUzvI83v1MnjXxEigUtie7MVaS5Maly0f9tmqtiZPq5a/UGNShp +HU/tQI+DC4rVMmov93uV0cFMPbeYzephnlwK1t5SPIQodFyPShQJHwaeQEaV9MV1aRQ FmWt/HS/VEmQLSDkznsCcQKlPzDSSlhMOkBt7TMjnmNUUyaH2syDa5oXr+0+aEldn/ho x/VEIF/4G48lT4TSinGbrRh7MoFwZc6Pv2LGuvri7aosUEpNK3bPSDGBAreEXC2uN67T NpDSEnneVYohTyPFIDUGrEf10pD6gDh1z4GlnbaLRap7qim5TQ2VYTRMRVqnRPAVzyz0 AjYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711983180; x=1712587980; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=QGonRWtvt7Ai1NOBXwWO4TgzVeOhF8gRhbkdbZl+zoE=; b=cjJQazOMlBlsf1TYXjZqPaVV0QGfiqdX16eiPDGHIxR04llhIRY/Dw7TKk8XyF/b8z 8czGrjj0NdvPWOhlPIIW+0rY/FX76g0BznJpCc23XIufEXpTS7p4iqkMiMjoPjWR46ev PHKqEwSDXj/84yZJOQnTiLQwvE8VOKamlwmW4Li5n/0/QmvjwEG9OuYE+QuPlmxvSw2H zXGbxGx9GtuKSklxC3tuK3DJjmuIulG/I3U5K7bl01QpG1MQLE4S2+ZQIYXzWJDB65Wg L7xemGGbedvHJoY59AEZJPsimIFM8n5h5QFOqmjy2baEOCMAFR4JkUj787BzFlvHWMRt WbFg==
X-Gm-Message-State: AOJu0Yyy5cLNVtfe/j6kPpMfWB/4hS4ffH7CH9n31q98ApO4wHHhIsny t+svjfW3eNGjSeVylOsHErIs8jS78H2StevUs4Z2JvlnnZGD8heDmmWnKSSM8beTKBCs+vHtp6t cdXX6TT28XtQDyH4ZL83OBtl3kOFN/gi2pcU=
X-Google-Smtp-Source: AGHT+IHDHttO1qbu3w8wQgjfYUK4TUVZ2tI0FAfzro4B9X8OzlO5XeJ6wx/cT7hyb17IP1k90Td1A56oxnXBi79pWhQ=
X-Received: by 2002:a17:906:6dd2:b0:a46:485a:3163 with SMTP id j18-20020a1709066dd200b00a46485a3163mr5333064ejt.6.1711983179640; Mon, 01 Apr 2024 07:52:59 -0700 (PDT)
MIME-Version: 1.0
References: <CAOZAAfPmjD--xBzLbwtD5uzr_gubKDYz7sHiPufML1JbYU8=4Q@mail.gmail.com>
In-Reply-To: <CAOZAAfPmjD--xBzLbwtD5uzr_gubKDYz7sHiPufML1JbYU8=4Q@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Mon, 01 Apr 2024 07:52:47 -0700
Message-ID: <CAL0qLwaXZYNMg6rXDg6=0u0dBoLssffp4h6EBF6W+MiCb30iow@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000048b6ab06150a25fb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/3DySrqxRmK4gO92_x8rGfQi-e7I>
Subject: Re: [dmarc-ietf] WGLC contentious topics (I'm in the rough and I know it) in draft-ietf-dmarc-dmarcbis-30
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2024 14:53:04 -0000
On Sun, Mar 31, 2024 at 6:37 PM Seth Blank <seth= 40valimail.com@dmarc.ietf.org> wrote: > "It is therefore critical that domains that host users who might post > messages to mailing lists SHOULD NOT publish p=reject." > > [...] > > More accurate language that alleviates the concern would be "It is > therefore critical that domains that host users who wish for their messages > to be modified and spoofed by downstream intermediaries, such as alumni > forwarders or mailing lists, SHOULD NOT publish p=reject. Such spoofed > messages may still be rejected, regardless of a domain owner's published > DMARC policy." > I must be missing something as this to me reads as a difference without a distinction. That's probably because I assume that the set of mailing lists that modify messages is a very large subset of all mailing lists, but they are a priori indistinguishable. Put another way: As a domain owner with users that may or may not choose to participate in mailing lists, I don't know what I would do with the added text. It seems to be telling me to get to know the configurations of the lists to which my users might want to subscribe. If I have only a handful of users, that's possibly manageable. If I'm Gmail-sized, not so much. When it comes to the Charter, the document is supposed to articulate how to > address indirect mail flow, and this would be the place. Therefore, I > believe it is also worthwhile in this section to reference both ARC, as > well as other mechanisms that such breaking intermediaries that create new > messages (and therefore spoof the sender) could undertake, such as From > rewriting to properly claim ownership of the message, or not making changes > to the message that invalidate DKIM. > If ARC is intended to be part or all of the answer to how the list problem is solved, and evidence exists that it does mitigate the damage, then I think that's a strong argument for saying so in the document. Do we have such interoperability experience, especially with respect to lists? -MSK, p11g
- [dmarc-ietf] WGLC contentious topics (I'm in the … Seth Blank
- [dmarc-ietf] WGLC contentious topics (I'm in the … Tero Kivinen
- Re: [dmarc-ietf] WGLC contentious topics (I'm in … Baptiste Carvello
- Re: [dmarc-ietf] WGLC contentious topics (I'm in … Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC contentious topics (I'm in … John Levine