Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
Hector Santos <hsantos@isdg.net> Sat, 19 August 2017 06:33 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3DEC132328 for <dmarc@ietfa.amsl.com>; Fri, 18 Aug 2017 23:33:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b=jldzxrlE; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b=JdafulA8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uqTwYCFlKGOD for <dmarc@ietfa.amsl.com>; Fri, 18 Aug 2017 23:33:08 -0700 (PDT)
Received: from winserver.com (secure.winserver.com [76.245.57.69]) by ietfa.amsl.com (Postfix) with ESMTP id BB8831200C5 for <dmarc@ietf.org>; Fri, 18 Aug 2017 23:33:07 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=3059; t=1503124386; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:Message-ID:Date:From: Organization:To:Subject:List-ID; bh=FD83sqtcBRm5GebOLYlK9Zti0VM=; b=jldzxrlE+csh1KX9wEgBaxOodlEYs1jdlHb3upkrsQZxr2RA9b70maJO7BKqQi /SAtp8T2Au4T5UqpIbfTxAAtyI8p0AdXb58qKgWazHeSM/0RXcSWJQC/DhrTBVKB 1XF2bS/J1KyrZlop+Ism8ghngv7Cou4ryC/Rx3rqEETHA=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.6) for dmarc@ietf.org; Sat, 19 Aug 2017 02:33:06 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from beta.winserver.com ([76.245.57.74]) by winserver.com (Wildcat! SMTP v7.0.454.6) with ESMTP id 3188239303.1.4196; Sat, 19 Aug 2017 02:33:05 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3059; t=1503124345; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=0qsvWJt MhQeHK9j6BNhGFh/Q0zeuQaOwI1hkmJ5KQtI=; b=JdafulA8BWrREvRtzIo/8zQ E9hJX7meWj098IX6XqnT0ma1AnA32RQBQc4bmOiYGQ18Tou0gt3TmDGwQ848yLA6 G2GrZ21mMRHdnfq2HWYfNm49g+4IX3mg3PSxEguJxE8RUq/geV59iV/AipvUjDYf jkZ8bw8IvgEe3B4ZPG3M=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.6) for dmarc@ietf.org; Sat, 19 Aug 2017 02:32:25 -0400
Received: from [192.168.1.68] ([99.121.5.8]) by beta.winserver.com (Wildcat! SMTP v7.0.454.6) with ESMTP id 72224546.9.3900; Sat, 19 Aug 2017 02:32:23 -0400
Message-ID: <5997DBA6.3080701@isdg.net>
Date: Sat, 19 Aug 2017 02:33:10 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: dmarc@ietf.org
References: <1502083287.2191248.1065195288.7CDC7FF3@webmail.messagingengine.com> <CABuGu1oTMbuLd4yTwecu5sKFnsmH+HiwT1FG=JpySYHzpMTx_w@mail.gmail.com> <1502200759.3946686.1066841264.607B4D0B@webmail.messagingengine.com> <2720431.u3G7bbkkxK@kitterma-e6430> <1502317564.1935379.1068588344.040173AF@webmail.messagingengine.com> <a08c7590-ded3-1642-4ffc-07848b3c6cd2@gmail.com> <e14f2130-6f00-4ef1-485b-850a4cc1c48c@gmail.com> <1502495646.4099176.1070896040.2B09B1F8@webmail.messagingengine.com> <166070f0-4ba1-70da-1f73-885b4a7f7640@gmail.com> <1502497178.4103451.1070917304.23DD466D@webmail.messagingengine.com> <598F9484.7020700@isdg.net> <CABuGu1p=oLfLRkuoaDHoz3Cv3_FrURdsFPzkac7jNzBpqBmiSg@mail.gmail.com> <599484FB.9050908@isdg.net> <1502929303.4038704.1075868960.5D80A788@webmail.messagingengine.com>
In-Reply-To: <1502929303.4038704.1075868960.5D80A788@webmail.messagingengine.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/8LxDTprTo0T7_VOJdPfSnBO05hE>
Subject: Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Aug 2017 06:33:10 -0000
On 8/16/2017 8:21 PM, Bron Gondwana wrote: > On Thu, 17 Aug 2017, at 03:46, Hector Santos wrote: >> On 8/13/2017 10:28 AM, Kurt Andersen (b) wrote: >> >> On Sat, Aug 12, 2017 at 4:51 PM, Hector Santos wrote: >> >> If we even have a DMARC ARC Policy concept, than that may be >> enough to begin pursuing the high cost of experimentation and >> development here. >> >> >> Beyond the protocol and usage specs, what are you looking for? >> >> >> A practical purpose for supporting (implementing) this work. It >> appears ARC wants the network to stamp mail "blindly" as the mail >> travels from point to point. I am trying to grasp how it helps >> resolve the main issue with "unauthorized" indirect 3rd party >> signatures, in particular when dealing with strong, exclusive DKIM >> signature policy models such as DMARC p=reject. > > We spent a while thinking about this (Neil and myself from FastMail) > at IETF99 after learning how ARC works, and came to the conclusion > that ARC as specified can't help with DMARC p=reject. > > The only way you could even hope (as a mailing list) to avoid > rewriting the sender is for every site that currently has DMARC > p=reject to change that to a new policy which explicitly means "only > reject if no ARC chain" - otherwise you can't stop rewriting sender > until you know that every receiver on your list is ARC-aware. The MLS (Mail List Server) cam also reject submissions from restrictive (p=reject) domains because that MAY be the intent of the originating author domain. The MLS can so prohibit new subscriptions by verifying the user's domain is not restrictive. We need more protocol information from what extracted from DMARC. As I see it, these are some of the boundary conditions: DMARC p=reject; arc=none; ignore ARC, same as no arc= tag DMARC p=reject; arc=all; reject if any arc seals is invalid DMARC p=reject; arc=first; don't reject if first arc seal is valid DMARC p=reject; arc=last; don't reject if last arc seal is valid DMARC p=reject; arc=first,last; don't reject if first and last arc seals are valid arc=none (or no arc= tag) means the domain has no interest whatsoever in ARC. It is a highly exclusive restricted domain and it expects that complaint DMARC readers will honor the policy. No interference. This is the highest payout with the highest security value. It gets more relax with the others; first or last or first and last, but with arc=all it is a tougher condition that requires all seals to be valid. If any fails, reject. I would also try to get more bang for the buck with a tag that could informs MLS to honor the DMARC p=reject policy by restricting users from a) subscribing and b) submitting list mail from restricted p=reject domains, although I think such a tag is needed to tell the MLS this. It should be a requirement, imo, cross all the teas, dot all the eyes. If the MLS knows its going to be problematic, it should restrict the subscription and submission to relax policies only. -- HLS
- [dmarc-ietf] ARC-Seal is meaningless security the… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Tim Draegen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… John Levine
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Scott Kitterman
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… MH Michael Hammer (5304)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… mhammer@americangreetings.com
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos