Re: [dmarc-ietf] Composition Kills: A Case Study of Email Sender Authentication

John Levine <johnl@taugh.com> Tue, 21 April 2020 18:23 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 982D13A0988 for <dmarc@ietfa.amsl.com>; Tue, 21 Apr 2020 11:23:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=PjcQTJvb; dkim=pass (1536-bit key) header.d=taugh.com header.b=ZbaXuEjT
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqkOzBQ4VVfQ for <dmarc@ietfa.amsl.com>; Tue, 21 Apr 2020 11:23:44 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F27A3A0C19 for <dmarc@ietf.org>; Tue, 21 Apr 2020 11:22:44 -0700 (PDT)
Received: (qmail 50436 invoked from network); 21 Apr 2020 18:22:42 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=c502.5e9f39f2.k2004; bh=Ki6kFOZU1oTr9qc9AwW8Lb/vvNxVsZCB+o0/+/kd2A8=; b=PjcQTJvbkPk15ivokqV1bjV0WunyERWnzPXsmfHRRqowE6Ntxi91Fvj9GyXRPXljmUOkZkBIpo32w6krmXQhrt2qQh18tgjLCXfNxgdLqmDtHLofNOFeMuVf71Z4u97zcYLIGccDyAaYnLdPRkWyakD8Tlk71R78YIL/sroN/DseL7/BGiRNPHTUoywk7c8EzVQxQDgbWZSY7fApchmOyggS5aBt93w/pZLuM7W7I8AJkWXIWj1RjdCCm5Rfv/g7
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=c502.5e9f39f2.k2004; bh=Ki6kFOZU1oTr9qc9AwW8Lb/vvNxVsZCB+o0/+/kd2A8=; b=ZbaXuEjTNGZnhbNUnk5dY94kpuVczbEQ6ksNb0RVR0QlMmjSBxQP2fjcTC7ztpvjEYuD5N7o6tK0DaGA+vIIqsDHg4I+EPIyX9CQ/6HFrI/VaBqb0Peksc1uAlPVmHehdchRT3pBSNWFX9LX3vTaCU3GrqAw0fV8lyruPaqj21IgC2/Ag+kO8qWZcZCn1BrgnnodK7Z7J1MLQYj2DoJ1Rt+3lgBxymCWwW8PBsTphGLSiPZrJdCz8brlr8G+lk5b
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 21 Apr 2020 18:22:42 -0000
Received: by ary.qy (Postfix, from userid 501) id 15AEB181144D; Tue, 21 Apr 2020 14:22:41 -0400 (EDT)
Date: Tue, 21 Apr 2020 14:22:41 -0400
Message-Id: <20200421182242.15AEB181144D@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: scott@kitterman.com
In-Reply-To: <2656238.kvSPeydUtl@sk-desktop>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/4BgirbCChQafXdc8ACQ9X_-U6d8>
Subject: Re: [dmarc-ietf] Composition Kills: A Case Study of Email Sender Authentication
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2020 18:23:47 -0000

In article <2656238.kvSPeydUtl@sk-desktop> you write:
>There is probably protocol improvement work that should be done based on:
>
>https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf

I didn't see any protocol issues other than the well known DKIM
multiple From: headers (the Doug Otis feature) and l=.  They certainly
did find a lot of implementation bugs, some of which I found pretty
surprising, like Gmail allowing and misinterpreting NUL characters in
DKIM signature headers.

This sounds like we need more test suites and perhaps more reminders
that when you're writing security software, being forgiving of other
people's bugs will backfire on you.

R's,
John