IETF Logo Mail Archive

Re: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate Reporting Draft

Emil Gustafsson <emgu@google.com> Tue, 31 January 2023 16:36 UTC

Return-Path: <emgu@google.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4656C151527 for <dmarc@ietfa.amsl.com>; Tue, 31 Jan 2023 08:36:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.597
X-Spam-Level:
X-Spam-Status: No, score=-17.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YarNAheem6Kw for <dmarc@ietfa.amsl.com>; Tue, 31 Jan 2023 08:35:58 -0800 (PST)
Received: from mail-yw1-x1129.google.com (mail-yw1-x1129.google.com [IPv6:2607:f8b0:4864:20::1129]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CCE4C14F720 for <dmarc@ietf.org>; Tue, 31 Jan 2023 08:35:58 -0800 (PST)
Received: by mail-yw1-x1129.google.com with SMTP id 00721157ae682-50aa54cc7c0so183263847b3.8 for <dmarc@ietf.org>; Tue, 31 Jan 2023 08:35:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/SG3GdjrRurEeuy8JyiBJPjtuQFApUy00el1rq6HE5g=; b=ateAvAanDwQ+3/Jk6582ltXRYXSOxJH0qbZrx09xel/rWg03SKNEKUoL2Rc3OEp/6W vELwGgJm9BDOc0IS5wWjT59SlftZOTaUUxrSvSTwHUrUhjJ+HPBpm5joz31G9tMecr3b Vnccp/4+q41xXe2NB5kUDsupVhp/+xPTSOtKgzbKILn/mRVCzR5HaSSjB2JTrT/FZMfh w3NEUPI5UTJOxa6A3644cU/DPVMNJVZhRnszHUOWdDOanWP+4Hn0oJVMm/fMK3dFfCTp uBcHYfZ5f5VvZyUfVlS/Ox4Ru+jm3DT7nau21BTLclkylrv0e4wE/Q1Jolt/HYBttgZj IyDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/SG3GdjrRurEeuy8JyiBJPjtuQFApUy00el1rq6HE5g=; b=cFvnsL53TNfKFKG1n1CE42M05S5WfT7aLKu5aoRCyFUUjYsEH9HpXfjFCvd/sMgKD4 z1sfNKB6ore+ggUVQEfGOY00hnozWGAAGBaI8Nxc2GWmvzyipeNpSeavBnBjm/YNdkc9 YRpgdd1t7pcq0CPgVGlj3WCoseC1AiBP0bSVIr4ppUGoP2glK8oYMAgwn9u3NDy2Wm5m OfAGgwMHWOCpDZ95DFNvTjUVrVqyQmdDHmNJD3664DTBeUO/nyPZ2RiFYZ6ISBZLyZ+9 osyHGA5WurYW/Fcz5VV3HuEAwPSf0A7MABt8heSz/QY5ktlgwBQJTwNbk7O+f2vKUdar GwhA==
X-Gm-Message-State: AO0yUKXjlMRiYu/DoNzYs0aVOwr4GlguBi+0hlJMkBPjFUn5rxBra5s5 S33/IkXTZR2FbPX65kaHSzmuvvpfnviAHjKAouobGA==
X-Google-Smtp-Source: AK7set/sEu7WK5VLC+YMHZOFj57BAIDvo5iu7J7b2wllW+23wwULoJRXYDsoE1Atvn9Smr6AYDiVLqAwhWcNcuKW2oQ=
X-Received: by 2002:a81:60d7:0:b0:51b:1df9:ebac with SMTP id u206-20020a8160d7000000b0051b1df9ebacmr574520ywb.138.1675182957098; Tue, 31 Jan 2023 08:35:57 -0800 (PST)
MIME-Version: 1.0
References: <11529029.Y877iPkkNG@zini-1880> <MN2PR11MB43510C0C3C2B94846144F102F7EA9@MN2PR11MB4351.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB43510C0C3C2B94846144F102F7EA9@MN2PR11MB4351.namprd11.prod.outlook.com>
From: Emil Gustafsson <emgu@google.com>
Date: Tue, 31 Jan 2023 09:35:43 -0700
Message-ID: <CABZJ8k=Rkh9+AoDA+N2tawU+GkizNRS-MG14sRayYHWBmFP62A@mail.gmail.com>
To: "Brotman, Alex" <Alex_Brotman=40comcast.com@dmarc.ietf.org>
Cc: Scott Kitterman <sklist@kitterman.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000018106105f391ed81"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/A0eMlwlLuqRELWR3ivEnYScn2Ig>
Subject: Re: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate Reporting Draft
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2023 16:36:02 -0000

Since the concept of non-existing domains is important from this privacy
perspective, should we call out how we suggest that is determined?
On top of my head, using the example from the dmarcbis, would the DNS
lookups actually become 6 in this case (plus one WHOIS lookup)?

   1. _dmarc.a.b.c.d.e.mail.example.com *[does not exist]*
   2. _dmarc.e.mail.example.com *[does not exist]*
   3. _dmarc.mail.example.com *[does not exist]*
   4. _dmarc.example.com *[does not exist]*
   5. _dmarc.com *[do exist]*
   6. example.com
   - If this succeeds; we know the domain exists
      - If this does not exist - should we recommend making a WHOIS lookup
      for example.com?

Or should we just leave it to the mailbox providers to decide for
themselves how to do this?
/E

On Mon, Dec 19, 2022 at 6:49 PM Brotman, Alex <Alex_Brotman=
40comcast.com@dmarc.ietf.org> wrote:

> Thanks Scott.  I'll try to get this merged in the next few days. I have
> two other merges from Ale that I need to sort out.  I'll get a new rev done
> after they're both merged.
>
>
>
> --
>
> Alex Brotman
> Sr. Engineer, Anti-Abuse & Messaging Policy
> Comcast
>
> ________________________________________
> From: dmarc <dmarc-bounces@ietf.org> on behalf of Scott Kitterman <
> sklist@kitterman.com>
> Sent: Monday, December 19, 2022 10:43 AM
> To: IETF DMARC WG
> Subject: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate
> Reporting Draft
>
> The RFC 9091 privacy considerations, with minor updates need to be
> incorporated into the DMARCbis effort.  Given the constraints on PSDs
> requesting failure reports, they belong in the aggregate draft.  I've
> opened a
> PR to, with some light editing, pull them in:
>
>
> https://urldefense.com/v3/__https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-aggregate-reporting/pull/15__;!!CQl3mcHX2A!E1ob9b6zOndeoRR8Tg7UMGAjqaq9Oo_z3eoYEByvsS-ttdsgNKpMMLcme9a-O1864chySx8TnYuf_EiF96H_$
>
> I don't think it should be particularly controversial, since it's almost
> exactly what the WG already agreed for RFC 9091, but people should review
> it.
>
> Scott K
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
>
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmarc__;!!CQl3mcHX2A!E1ob9b6zOndeoRR8Tg7UMGAjqaq9Oo_z3eoYEByvsS-ttdsgNKpMMLcme9a-O1864chySx8TnYuf_IbBOtPw$
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email