IETF Logo Mail Archive

Re: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate Reporting Draft

"John R. Levine" <johnl@iecc.com> Sun, 05 February 2023 03:09 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4459DC1522AA for <dmarc@ietfa.amsl.com>; Sat, 4 Feb 2023 19:09:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bIsjGbwDXKis for <dmarc@ietfa.amsl.com>; Sat, 4 Feb 2023 19:09:45 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0BC2C1522A4 for <dmarc@ietf.org>; Sat, 4 Feb 2023 19:09:44 -0800 (PST)
Received: (qmail 27766 invoked from network); 5 Feb 2023 03:09:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=6c72.63df1df5.k2302; bh=TG8yqSJL/40PBsoN3mida42D+u0hLMTHpiN9rcANx0U=; b=dHV4AonE8l/BpGZFK3U2kmZQBL42ggBQgOlS34ZF6XRZm2zG+h5Jeux2jRst8F2A2xa/ipJL87GLsiZUV88GMKiN5gJ56WxlRkvkgTRyaqbNFzAeUttIS1pXCDVhwVzghC94FI/I5rQGHZSHsNoVT7oauAimToP+MWGKS1gwji+yAjZI9+Q0SKUS66Ar7whYYqhYyNk23NJi0+d2wfEY3HeoPaTG1tQCIa3JAz2p5RZHMW5yOQ9K2TecNHhsAyxCQaJ28E6ZdMXTyUXbtLCvQRPRl7UGgNXHLt/hC6pL/6LwgCHUenZrBBLY68OuYaQqWp7y+Y2LMIQkroIcdx2PGA==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 05 Feb 2023 03:09:41 -0000
Received: by ary.qy (Postfix, from userid 501) id 5DB3A8C6D122; Sat, 4 Feb 2023 22:09:39 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id E36C08C6D103; Sat, 4 Feb 2023 22:09:39 -0500 (EST)
Date: Sat, 04 Feb 2023 22:09:39 -0500
Message-ID: <0e6e47b0-eba0-f5f9-87d6-73dad2be1b52@iecc.com>
From: "John R. Levine" <johnl@iecc.com>
To: Scott Kitterman <sklist@kitterman.com>, dmarc@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <727BD3F7-A855-43D1-A7AD-7284224C3574@kitterman.com>
References: <20230201210711.B2ACF86BE8D9@ary.qy> <727BD3F7-A855-43D1-A7AD-7284224C3574@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/699VYV-uH8RX08sgpTCin2ZxQZQ>
Subject: Re: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate Reporting Draft
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2023 03:09:50 -0000

> Sounds good.  Please @ me on the PR.  If it's a significant change, we should bring it back here for discussion.

Because I find git baffling, made some changes to the aggregate reporting 
draft and then accidentally checked them into the main branch.  Oh, well.

It says PSDs only get nonexistent domain reports, and has some new 
security considerations:

https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-aggregate-reporting/commit/a6609ae6ab6d413aae77c171375f81e2b62ba4e5

Take a look, tell me what seems wrong.

Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email