Re: [dmarc-ietf] Versioning and XML namespaces in aggregate reports (#33, #70)

"Brotman, Alex" <Alex_Brotman@comcast.com> Fri, 14 May 2021 18:22 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E41443A3BB2 for <dmarc@ietfa.amsl.com>; Fri, 14 May 2021 11:22:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gPXWVKVv-fFO for <dmarc@ietfa.amsl.com>; Fri, 14 May 2021 11:22:07 -0700 (PDT)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42E443A3BB1 for <dmarc@ietf.org>; Fri, 14 May 2021 11:22:07 -0700 (PDT)
Received: from pps.filterd (m0156894.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14EIBTbR032031; Fri, 14 May 2021 14:22:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=hE/l7HrSljcYbCMXkA5+cfEosBStdiuF92fkcvlHQhM=; b=LZWqh4viBSYLt5qGAgZsD0fuOYDzOj0a0LCV+zOCLoXKprzaxC8aD/Xlxtg0s13/7bb0 ytNmKzjyh3uwvGrGEuaROsyQ7AuU8Ex2nkiqRvBlo+hAfudCoLkIrq1eNI7zAPjutn2i +mgNFZZS9W8dyYzoXQeWgr64l5a0AphAN1Lx4WF4etFyR5aiZgYJliAfSSgS3SKurVtD l2R5bhDYS4LJ3kiatAP0qEigQXTbAzPKTwO71CjjaoY60jin/cDaCj2UjRLIWAd1KueY cvmqY6xcD471GwCMC0wwAH8SvYQII74PtLJ/OPvg1oIp9j08mcLcDxPu1p/fP9z8b1QZ 9A==
Received: from pacdcex56.cable.comcast.com (dlppfpt-wc-1p.slb.comcast.com [96.99.226.136]) by mx0b-00143702.pphosted.com with ESMTP id 38hmtfm5p3-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 14 May 2021 14:22:05 -0400
Received: from PACDCEX49.cable.comcast.com (24.40.2.148) by PACDCEX56.cable.comcast.com (24.40.2.155) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 14 May 2021 14:22:01 -0400
Received: from pacdcexedge02.cable.comcast.com (68.87.38.198) by PACDCEX49.cable.comcast.com (24.40.2.148) with Microsoft SMTP Server (TLS) id 15.0.1497.18 via Frontend Transport; Fri, 14 May 2021 14:22:01 -0400
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.173) by webmail.comcast.com (68.87.38.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Fri, 14 May 2021 14:22:01 -0400
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by MN2PR11MB4680.namprd11.prod.outlook.com (2603:10b6:208:26d::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4129.25; Fri, 14 May 2021 18:22:00 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::1dc0:e771:def5:fde8]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::1dc0:e771:def5:fde8%3]) with mapi id 15.20.4129.028; Fri, 14 May 2021 18:21:59 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: Alessandro Vesely <vesely@tana.it>, "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Versioning and XML namespaces in aggregate reports (#33, #70)
Thread-Index: AQHXRaZZwVZRdVVDC0apP9O/3nrKB6rc1ukAgAARIICABQqlgIABDqUggABM1gCAAAJZAA==
Date: Fri, 14 May 2021 18:21:59 +0000
Message-ID: <MN2PR11MB43511989C81C7185CA254CFFF7509@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <bc3c25c0-2ec9-2e39-1dd6-1cc08521d03b@wander.science> <2bfed96b-9247-2af1-809c-4f8065ebf64c@gmail.com> <c49bc771-a95e-b78b-dc11-db0cb06ad688@tana.it> <44bdbe41-a43a-f6a4-9788-faaf67db6636@wander.science> <MN2PR11MB4351F2DDE26E28B76AF18AE4F7509@MN2PR11MB4351.namprd11.prod.outlook.com> <0689dcb4-07e3-4f04-b5ef-04eede9cbc57@tana.it>
In-Reply-To: <0689dcb4-07e3-4f04-b5ef-04eede9cbc57@tana.it>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: tana.it; dkim=none (message not signed) header.d=none;tana.it; dmarc=none action=none header.from=comcast.com;
x-originating-ip: [2601:43:103:e60:6d93:f123:ddcc:8839]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 17fe5b93-f08d-43b5-3cc0-08d9170529e6
x-ms-traffictypediagnostic: MN2PR11MB4680:
x-microsoft-antispam-prvs: <MN2PR11MB4680F0FAD80951DE8A386004F7509@MN2PR11MB4680.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 2Pespe+ivdBI4cMxOSsQ1yd7ZIDXn1JkiRkjFXrUBdIGqLwwU8WWpGOYu9AJ9u/6lYklXD857WzuB7GRVyz0W9BhZ0mPpGzts/M7UvkKAk6pLkabkUTM5Ajx5vhI0uDD8oXQYVdNFmpWo5gzpQtuoCs9p9WiOMgp0TV5F3CYA+txtOYjgDaa39BpxGFPg6xyWb8YtVntu2JbF08q79RX1NDxVCJWSo8paQDhKSlC+XbCRLbgiM3JASn6fvxgOrz6QjXeGNT3aS82jERGmBzR2cpg8wr0xeA/yBI1m0Vi99u2RJB3xEV3PXrzIya1+KZCg884xxJNTcjTutbyzcuVDx3+7EumILHb2gdq/Aksn2VuAh1LLpdOjoo1bJOjnpl3KZipbLssbzC36rhOXqUw1GFBVfoccsDnhmpb2wojq/W68Lp3rFHYoL+cJ5zaSe122t2uL+++RkpXr7s809qnVqLLAG/nZsw4CpqpNT8+Bbt7u7HbmIoh8PzS3Odv98TGymYUh8MknzbeM2tt+O7VtnW9mufRji8ZnRJHipDMzrtXlHTIKaXkiLDjw/AN4Gm1/uUpHmRuRRqDnjm2qYDe4OPr8JuixAZc8iceZPWAeYkEoeLVbNLlsovM6Nvll77m127tAtO/QpAUVQVRebIw0tvJeRzlotrZGy0qsqu9BIs38N3rExX4kcAkM5gxKLtq
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(39860400002)(366004)(396003)(83380400001)(71200400001)(7696005)(8676002)(122000001)(53546011)(6506007)(38100700002)(52536014)(8936002)(966005)(66946007)(66556008)(76116006)(110136005)(66476007)(66446008)(64756008)(86362001)(316002)(478600001)(2906002)(9686003)(55016002)(186003)(33656002)(5660300002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?bHNQam5MWDBURWdXU2dZSVY5ZnBPdVYzUys0UGM0YUI4OVFCcFZEVEt4MVhw?= =?utf-8?B?dnNwTlhKNEhEU0lsbDk0SE56ZDVYeTMxYi9BYW1CWGhHNEdmM2VTdU1yblVE?= =?utf-8?B?OWJva01UV1NoQWFJanRhTlJUMEN0Tjh4Z3lNeHFFTWc5TUhobVA1RDhLT1NM?= =?utf-8?B?UitmU2tQNXNrZHh4QzhITWVCNW5Heis4VzBpNDhzM29zYzhnaUEvVkFGbW5v?= =?utf-8?B?cFRGa1JpSUNLUjM0Ulp6eDg4aklWc1lWb05VNFVCZ2kwaGhnU3BIMHl0Q1FO?= =?utf-8?B?bWhYdnBvaWJ6QWdWbXJiRC9YTCs3bnROWitvK3ZUb1daL1k2NDlCNGdlTzJG?= =?utf-8?B?ZmNyd0ZzalIxa3VnU2FIbFlnZlgxM0dNdkFmV3ZMSEtMYmZOTFFDeUZ5N3Zp?= =?utf-8?B?d3B6bFdmQ2E2V1l4MitzTVIxNUFYTnhtZ2NuQzRoTUI2bjNBM083RGIvdHVt?= =?utf-8?B?bUNvbmgwZEtoNW9NVFhTYXF0YnVUcm1VK3BqWUZkRktmZmc2b0xuMnlab25l?= =?utf-8?B?MjFVbTJnKzVtYkM2aW9XaGRYQU02ZjgxV2JMdmtpbGFXUjdJdFdzRldMZHNi?= =?utf-8?B?eEZQZGJPdERqSU1sbS82SkZQY3dMWmdtdWw1M1RJalZRZTBhRkp4N1JZS1lo?= =?utf-8?B?YVp6dEc1eWVNTVM5UmllbjFDOG1yQlhxNmNjTVhmellpaUxEdllWemxpRFYr?= =?utf-8?B?MkxsUS9ubmhHUDdKbE53V0J0dlIyN0ZZT1E3LzJ4UVp3RFRIMG9TNUlmdkNS?= =?utf-8?B?MHdDUld2bk1iL3dLNnNyUWVSbXI4TmZMcmh4TEorbExkdk5zT1lFWWg2RERz?= =?utf-8?B?VUY5d1FiKzBaWVpzNkZVVkRRWEs2cUFpMGg4SXloeE5mNGMvUkVrcUVGUVMz?= =?utf-8?B?NTBmUTlPZVNrOWJSRDlaNkdmRmZHRTJabU11THltUGFrMnNmK1I0RUw1U1A5?= =?utf-8?B?UFVtT1Rkc25nd1BQK3ArV2ZPWHEzWmdzSUMwYjZGSVMxdnNsMHZYb2dVVTVN?= =?utf-8?B?R0hpWVI1S3hRS0JFVEo4Z2pobTRldlN5SFduWHorM2hNMEwvSExUR1pEaXZQ?= =?utf-8?B?TTRLQXE1OWlqVDZMNU5jZytsWnhzTVF2WTBSQS9zL2gvR3N4MEpobmlBMjJY?= =?utf-8?B?ZGR0SlFNQkYvdEMzTFdCRElFc25zcCtYb1J1ZlRlQkdsbTRLMG03ckg1bXJj?= =?utf-8?B?Q3pIbmUvRlNGSUp5cXdrRzg1TEVjOVRPdlBmQVMxcVA0ajEzMWxobHZ5T0hx?= =?utf-8?B?UDhBYnM1L1ptdUtWOUxKb0twYk53WEZXZGtGbmhkdTlTRmpZWGZUdWlTNlZw?= =?utf-8?B?U1RiVzJaa0FpdDVUeE1NVUZ1VVVadU9ENzE0blY5TEdTck5NeFMrWllydUR6?= =?utf-8?B?aWphQWY1eEVncVdLVEd2SXBDUlFJQ2ZqbGlWeU1WQTBQNEJKSDdoTjZmaCsv?= =?utf-8?B?RS9SWTMwTUs2NVNqNVE1YkRGSzc4bDZyU24xbzNkcUprRmx0WDlJQW5PdUx0?= =?utf-8?B?Ry9aVDFGeHdqd2FUd0k0UERiOGFUcExMaHpva3hDaDgvNGRZNGVVVS9UTEhn?= =?utf-8?B?MXowWnJWRVZlNTE1aUJQWStYSUVMZ2IvZk93OHNLYjRpV28rSHRyT1FTbGYy?= =?utf-8?B?eEx0SHNaTmlUbE45LzFjZDJIbDhCVEdCWHpyOEN6dTBNYVRlQVR0ZkFWNUhu?= =?utf-8?B?aTF2Q1QzdzBpV2J2b242b01jUWNPbGVoSkZJZTlkUWNrczI3WnpFUnN6SW14?= =?utf-8?B?bEthSk5hSVZZS0R4cnZ5bzRjZ0ZYejZEc2JtdE5tNWFlaWtCbkhCSTRFT1Jl?= =?utf-8?Q?v78YWA9sp86V+3a/iW4pu6aJzOyIu3WLnbZAk=3D?=
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GCLLUkn18I6a/D2ZPlyIQ9uD7doT05F2D8kQ8x4p6L1dOzH5VZfFe5BnGLpz8wSOCXVmHDOMxHR8aqV/a8deMWnBE9BLecAQtfQZgil4D+JFFh2WZ/XWUsGdFqIAn8HEqemiyuKYfo05Z6/PnGEEkYUyXXVlJ2k1GQKrSXFwuYBPptgkeb6rYGVJqK6T6In4/RpMLtW7ZyRiPtDjLTdJ6q/tLvuKv/Y1nyl6GL/F7Y+My5J61Hz6/fl5L8CBPaYVhZQeimrPDo8VY8F1YSQ42gIGopaHYd05yAhurGIJICHAnBA49Xw6vMNkfG0jdAYRiWRUPaRHskHknxUwezGpHw==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Jfa5hSgZsWKdQmEQTyrAm7Imsm8irHmIv40mJd3E0G4=; b=EvnwLGzHrC76MtfhxcaFH73z8JVkCSAX5CT30KClaNKWagf4ROYrbM46/cbFxIhpSDZFvw0KrXzb8Wg6NmQC3867BQA2TGLhENR7MxtBCDtL0Y8SAgqD17+rAe6Xd1EB4Ct1CUnAL5m917lBzWfzEprQ5Dc60CZ70jyjrBTyKmz1z46ltepRfe+w9BwRa31xEDsKJRQJebLx/knYOdTamGNWauuG5w6mns0GUc0ffLaZfzERAFJPAldKeaU5FN6B9/6G9P5nV5yht0rWbyBZMgIK8SY+eirdb+prGykAhQn2QRECa7Bmh1vjKV9k6BASd6WyKIIirbnkelE1F2P+JQ==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 17fe5b93-f08d-43b5-3cc0-08d9170529e6
x-ms-exchange-crosstenant-originalarrivaltime: 14 May 2021 18:21:59.3196 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: LlnFz6IfFKfxrualI0ukgodDvrnvlykfqb1dhAiQNK2XIgLAHAilvZKt/AJAiUXEisf3pFC7l2ywxIX7FNYNBeHfZh1KPZOleNDBdt0F1Wg=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4680
x-originatororg: comcast.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWZ
X-Proofpoint-ORIG-GUID: G2GguLDWgcE3165rLLbLwj55mLTpdjus
X-Proofpoint-GUID: G2GguLDWgcE3165rLLbLwj55mLTpdjus
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-05-14_08:2021-05-12, 2021-05-14 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/7VHHjSlwQEURelRptLLs43W-Px8>
Subject: Re: [dmarc-ietf] Versioning and XML namespaces in aggregate reports (#33, #70)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 May 2021 18:22:12 -0000

We "can avoid", but *must* we?  There are a number of tickets this impacts.

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

> -----Original Message-----
> From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Alessandro Vesely
> Sent: Friday, May 14, 2021 2:13 PM
> To: dmarc@ietf.org
> Subject: Re: [dmarc-ietf] Versioning and XML namespaces in aggregate
> reports (#33, #70)
>
> On Fri 14/May/2021 15:42:56 +0200 Brotman, Alex wrote:
> > There are a few tickets that may break report ingestion systems due to
> structure and/or value changes.  Should we decide that's an implementation
> issue, or that we truly can't change the format of the reports?  I'm sure most
> ingestion systems are rather flexible given the number of reports that
> appear to not match what 7489 states/suggests.
>
>
> Report consumers use XML libraries to recover the value of named fields.
> We can safely add fields.  Renaming fields or change existing semantics
> would break backward compatibility, which I think we can avoid.
>
>
> > If we are going to allow changes to the structure, and there is some
> concern about which version the receiver supports (or prefers?), should we
> put a flag into the DMARC record?  And of course, that may dependent on
> the receiver, if multiple are listed, so that would have to belong to each
> individual receiving address.
>
>
> Overkill IMHO.
>
>
> >> From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Matthäus Wander
> >>
> >> Regarding the existing top-level <version> below <feedback>: Even if
> >> parsers don't require the version to function, it remains useful for
> >> measuring the adoption of the different DMARC specifications (as
> >> requested in #70). In fact, one implementation I looked at
> >> (parsedmarc) uses it for only this purpose. A missing <version> is logged
> as "draft"
> >> schema version.
>
> In my tiny MX I have a cache of 631 aggregate reports received recently.  121
> reports from 31 unique org_names have a /feedback/version element, 510
> from 37 organizations don't.  The latter group includes google.com, Yahoo!
> Inc., Verizon Media, Mail.Ru, ...
>
> Perhaps, someone with larger mail flows can bring better statistics.
>
>
> >> Regarding the XML namespace declaration:
> >> The XML schema serves not only as specification for developers, but
> >> can be also used for automatic syntax checks of reports -- provided
> >> that the namespace declaration is fixed. XSD validation is an
> >> immensely useful tool for testing the output of report generators. It
> >> helped me to discover two nasty bugs in an implementation, which
> >> appeared in 2 out of ~10k reports and would have gone unnoticed
> otherwise.
>
>
> Very much agreed.  Validating the report before sending is very safe.  Also
> building online aggregate report checking utilities would benefit from this
> possibility.
>
> Does the IETF provide URLs for hosting XSDs?
>
>
> >> A version number within the schema is not necessary for this use case.
>
>
> Or we can stick to a static <version>1.0</version>, similar to v=DMARC1,
> MIME-Version, and the like, if useful.
>
>
> >> A different matter is whether automatic XSD validation on the report
> >> consumer side is a supported use case. There is some value in it: two lines
> of
> >> code suffice to perform input validation. However, the validation is strict
> and
> >> does not allow for being liberal in what you accept (might be handy for
> >> protocol police, though). Achieving upward compatibility is not trivial,
> >> because there is no general "ignore all unknown elements" statement in
> >> XSD. It is possible to define a <xs:any> placeholder in the schema, but this
> >> element must be inserted explicitly into each place where extensibility is
> >> desired. This would require careful foresight in the schema design.
>
>
> Designing an abstract extension for ARC is going to be particularly challenging.
>
>
> Best
> Ale
> --
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmarc
> __;!!CQl3mcHX2A!Q3kGuVczKJh6EQuYf24QFyvWnwvaeUkyjnyhIGu9DMQQ-
> 6Xb_w-hV7tSxFRmor-OwwfRXbxMrg$