Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily
"Brotman, Alexander" <Alexander_Brotman@comcast.com> Fri, 17 August 2018 19:47 UTC
Return-Path: <Alexander_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 436A7130E6A for <dmarc@ietfa.amsl.com>; Fri, 17 Aug 2018 12:47:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YKU3adpV-HOC for <dmarc@ietfa.amsl.com>; Fri, 17 Aug 2018 12:47:40 -0700 (PDT)
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36FB9130E06 for <dmarc@ietf.org>; Fri, 17 Aug 2018 12:47:40 -0700 (PDT)
X-AuditID: 60729ed4-428c89e000006f94-81-5b77265fb84c
Received: from COPDCEX17.cable.comcast.com (copdcmhoutvip.cable.comcast.com [96.114.156.147]) (using TLS with cipher AES256-SHA256 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id AE.E9.28564.F56277B5; Fri, 17 Aug 2018 13:47:43 -0600 (MDT)
Received: from COPDCEX19.cable.comcast.com (147.191.124.150) by COPDCEX17.cable.comcast.com (147.191.124.148) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Fri, 17 Aug 2018 13:43:19 -0600
Received: from COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380]) by COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380%19]) with mapi id 15.00.1365.000; Fri, 17 Aug 2018 13:43:19 -0600
From: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
To: John R Levine <johnl@taugh.com>, Dave Crocker <dcrocker@gmail.com>
CC: "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily
Thread-Index: AQHUJF9Ldn72CSr8lEOjExnNeb0DeaSjl8WAgAAC4YCAAB2VAIAAAlYAgACZmoCAAXoUgIABbUuAgAFBbACAACwMgIAAGQSAgAAiTYCAAAYRAIAFzxSAgAAISoCAAAHBAIAAV5aAgATQz4CAAPkpgIAGqO2AgAADSACABTwxAIAAh44AgABS3YCAAAUdgIAAAUCAgAACaYCAAA6ygIACunHg
Date: Fri, 17 Aug 2018 19:43:18 +0000
Message-ID: <a14464deaad64e14982740852c56fe81@COPDCEX19.cable.comcast.com>
References: <20180815183022.09ED420038205D@ary.qy> <5a48a9af-1dc7-92dd-eaa8-c1df09ae26cf@gmail.com> <alpine.OSX.2.21.1808151449300.17305@ary.qy> <bd537a2a-5396-9d11-bef4-2363382d8954@gmail.com> <alpine.OSX.2.21.1808151550370.18082@ary.qy>
In-Reply-To: <alpine.OSX.2.21.1808151550370.18082@ary.qy>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [96.114.156.7]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprLKsWRmVeSWpSXmKPExsWSUDRnsm68Wnm0wZ/lQhadv3cwWiw5tJbR 4nTPGiYHZo+ds+6yeyxZ8pPJ496W0ADmqAZGm5KMotTEEpfUtNS84lQ7LgUMYJOUmpZflOqa WJRTGZSak5qIXRlIZUpqTmZZapE+VmP0sZqT0MWU0f/9BmvBeZ6KVTtOsjQwTubqYuTkkBAw kTi9dTEriC0ksJNJ4tCE+C5GLiD7EKPEz437GSGck4wSHevegFWxCVhJvP3fzgxiiwi4SfS+ v8ECYjMLqErcv3AfLC4sEC/x/toFqJoEiaOf7rCDDBIReMYo8WPVTCaQBAtQw9rWCWDNvAJe Et8vT2KG2PaNUeLzlatgRZwClhKzuk6xg9iMAmIS30+tYYLYJi5x68l8JogfBCSW7DnPDGGL Srx8/I8VwjaQ2Lp0HwuErSDRM2E6M0SvjsSC3Z/YIGxtiWULXzNDHCEocXLmE6h6cYnDR3aw TmCUmIVk3Swk7bOQtM9C0r6AkWUVI5+lmZ6hoYmeoamFnpGh0SZGcKKZd2UH4+XpHocYBTgY lXh4S5XLo4VYE8uKK3OBoc3BrCTCG7m8LFqINyWxsiq1KD++qDQntfgQozQHi5I47+OJpdFC AumJJanZqakFqUUwWSYOTqkGxvDHv2r+pRYHXuJRcrZ1s5j2m8fg6KXA1imbHs6Q+v2c8+SV xHSB+03ffePdPTkV9Dc06LUL+bNPvJk4NTdVJv+t5AwJ6cWRV9q0is8UCuRsdNr9+MsxCb84 0/3NIa+23Nwo++mOtOHc5u65jW12pf195uoXwzgUDs+0a+K6UXWvam6Pq5C1EktxRqKhFnNR cSIAfhiPSTADAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/815Rep_u70Yes1eB9371ZsgoJBo>
Subject: Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Aug 2018 19:47:42 -0000
I'd say that I agree with John (and Seth) on this one. I'm not sure if a consensus was reached, though it doesn't appear so. I think the idea that being able to have trust in the broken chain information potentially sent back to us as a report has value. It's hard to be sure that the value will override the cost of the signature, but as John suggested below, I can't imagine the cost to be very high. -- Alex Brotman Sr. Engineer, Anti-Abuse Comcast -----Original Message----- From: dmarc [mailto:dmarc-bounces@ietf.org] On Behalf Of John R Levine Sent: Wednesday, August 15, 2018 3:54 PM To: Dave Crocker <dcrocker@gmail.com> Cc: dmarc@ietf.org Subject: Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily On Wed, 15 Aug 2018, Dave Crocker wrote: > This is a very different kind and degree of vague (and without > precedent, I believe (unless someone can point to operational > experience on the net that is similar?) I believe there are lots of trace fields that don't have a concrete use. I am not familiar with any standardized use of the values in the ID field in Received headers, although they're often handy in practice to track down the details of what happened to a message. Can you explain in words the damage that cv=fail signatures will cause, and a rough idea of the cost to ARC signers and verifiers? To me the answers are none, and trivial. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
- [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Luis =?utf-8?q?Mu=C3=B1oz?=
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Bron Gondwana
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Bron Gondwana
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John R Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Brandon Long
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John R Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Brandon Long
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Brandon Long
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Kurt Andersen (b)
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Dave Crocker
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Kurt Andersen (b)
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Dotzero
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Dave Crocker
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Seth Blank
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Dave Crocker
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John R Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Dave Crocker
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John R Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Dave Crocker
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Brotman, Alexander
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Kurt Andersen (b)
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John R Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Hector Santos
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Kurt Andersen (b)
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John Levine
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… Kurt Andersen (b)
- Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5… John R Levine