[dmarc-ietf] Re: Discussion Thread for Issue 155
Alessandro Vesely <vesely@tana.it> Thu, 24 October 2024 16:12 UTC
Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F9F1C14F712 for <dmarc@ietfa.amsl.com>; Thu, 24 Oct 2024 09:12:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bl73dXe-u7IW for <dmarc@ietfa.amsl.com>; Thu, 24 Oct 2024 09:12:16 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [94.198.96.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05700C14F61C for <dmarc@ietf.org>; Thu, 24 Oct 2024 09:12:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1729786327; bh=ecgVkfYeZhEOOPhshxyefR8GbhMS+43ywtzY5pS1Llw=; h=Date:Subject:To:References:From:In-Reply-To; b=BY9Mn/RUnRbAiyOJxl0VRdslGq1VA2jT3CH09UYrW5YKbImXqW24qV7cOwEAAIUhQ nJe7cUNoytYZFKGlCK7uvsAWa9Q4I2rbK2nBOsJRfH1bySky4YgfLfugKvwaAp8Cx3 I77C3GfxcTy2r11nteXvXGhYpmCBy1vPI1h0iVRyhDITHoFCrjV37w7o4HUKU
Original-Subject: Re: [dmarc-ietf] Re: Discussion Thread for Issue 155
Author: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.120] (pcale.tana [::ffff:172.25.197.120]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3,128bits,ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC042.00000000671A71D7.00007FCC; Thu, 24 Oct 2024 18:12:07 +0200
Message-ID: <13707ca8-8731-4bce-885b-fb81a7eaa38d@tana.it>
Date: Thu, 24 Oct 2024 18:12:09 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: dmarc@ietf.org
References: <CAHej_8=Gs0XURT4UVrKxxfc45BtVDmPRgGT9rvxDHBbzbd-0bw@mail.gmail.com> <CAL0qLwY0PjxkTAkSEwB_s6KgAODFAB8z665wKY-pLJ16UT8oXA@mail.gmail.com> <21B7963C-1CBC-4017-98D7-77749FDA6B3E@bluepopcorn.net> <CAL0qLwYqrf=G2ws1e05EUS2JSaU=KyhcXF8OUJ5aXV4nvKXVFA@mail.gmail.com>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
Content-Language: en-US, it-IT
In-Reply-To: <CAL0qLwYqrf=G2ws1e05EUS2JSaU=KyhcXF8OUJ5aXV4nvKXVFA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: IGXNSM5CGRA4HL5HAXQWT3X6XSQYUEK5
X-Message-ID-Hash: IGXNSM5CGRA4HL5HAXQWT3X6XSQYUEK5
X-MailFrom: vesely@tana.it
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dmarc.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [dmarc-ietf] Re: Discussion Thread for Issue 155
List-Id: "Domain-based Message Authentication, Reporting, and Compliance (DMARC)" <dmarc.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/8qWMW4USZMtkRyxq2_kySt8ZlvM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Owner: <mailto:dmarc-owner@ietf.org>
List-Post: <mailto:dmarc@ietf.org>
List-Subscribe: <mailto:dmarc-join@ietf.org>
List-Unsubscribe: <mailto:dmarc-leave@ietf.org>
On Thu 24/Oct/2024 01:35:17 +0200 Murray S. Kucherawy wrote:
>
> The charter is explicit (twice, by my count) that addressing the problems with
> indirect mail flows is in scope for the working group. What it doesn't make
> clear (hence "tacit") is the understanding, at least at the time of chartering,
> that it's not only in scope, it's required.
>
> DMARCbis appears to address this via the text of Section 7.4, which in essence
> tells senders to be careful about using "p=reject" if their users might use
> lists, and tells receivers not to honor "p=reject" without doing a lot of other
> analysis first and folding that into an acceptance calculus of some kind;
> absent such analysis, downgrade the handling to match
> "p=quarantine". The completion of WGLC with no further discussion suggests
> that the WG believes that this is satisfactory. That's fine if so, but I claim
> it falls short of what I imagine was anticipated, that being a protocol
> solution, and I'm suggesting we should say something in the document that
> reconciles or explains this.
What we don't say is the vision we have (assuming we have it). At the end of
7.4 we just say:
OLD:
However, as of
this writing, use of ARC is nascent, as is industry experience with
it in connection with DMARC.
I hold that if we had a protocol to manage forwarding recipes so that both ends
are aware of them, then ARC could be trusted by receivers (on a per-user basis)
and override DMARC with 100% reliability.
There is also a DKIM2 idea which incorporates diffs for any change that could
break the signature, so that reversal of MLM transformation can always be
applied and original signatures verified.
Either of those solves the indirect mail flows problem. However, neither of
those can be achieved under your Area Director guidance, if it is going to end
around the middle of the March 2025. And I don't think this is satisfactory.
NEW:
However, as of
this writing, use of ARC is nascent, as is industry experience with
it in connection with DMARC. Pinpointing ARC's trust problem and/or
introducing methods to reliably reverse MLM transformations can bring
to an environment where the limitations highlighted in this section
fade away. Yet we publish this document with those limitations as a
first step in that direction.
Best
Ale
--
- [dmarc-ietf] Discussion Thread for Issue 155 Todd Herr
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Barry Leiba
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Todd Herr
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Barry Leiba
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Barry Leiba
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Jim Fenton
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Jim Fenton
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Steven M Jones
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John R Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John R Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John R Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Tero Kivinen
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Steven M Jones
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Richard Clayton
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Richard Clayton
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Tero Kivinen
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… John R. Levine
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Tero Kivinen
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… John R Levine
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Tero Kivinen
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Tero Kivinen
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… John R. Levine
- [dmarc-ietf] Re: What do do with ARC, Re: Discuss… Alessandro Vesely
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Tero Kivinen
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John R Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Murray S. Kucherawy
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Douglas Foster
- [dmarc-ietf] Re: Discussion Thread for Issue 155 John Levine
- [dmarc-ietf] Re: Discussion Thread for Issue 155 Alessandro Vesely