IETF Logo Mail Archive

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

Dave Crocker <dcrocker@gmail.com> Fri, 11 August 2017 17:19 UTC

Return-Path: <dcrocker@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7E2E13232C for <dmarc@ietfa.amsl.com>; Fri, 11 Aug 2017 10:19:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PIZOVnzoQbBV for <dmarc@ietfa.amsl.com>; Fri, 11 Aug 2017 10:19:32 -0700 (PDT)
Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA2061321F5 for <dmarc@ietf.org>; Fri, 11 Aug 2017 10:19:31 -0700 (PDT)
Received: by mail-oi0-x230.google.com with SMTP id x3so39236815oia.1 for <dmarc@ietf.org>; Fri, 11 Aug 2017 10:19:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=0jk/igQVPM5D/CsX7Cek0kWxTrZrEtWOVyXt9m98U/0=; b=X/CFOrLtGGy2PMBBbCIVybaatnv4t5w+2irB9vLQk28YxAuCvoUTvsi8p9U1MYemdj 7Vqw749O2Q7QEaZ7N1HcXupHXgLjJDbNyiyJ/bNdJO0Iy+q9bJqr9nmdqhN0IOUW110Q 8XJ6GbawzKoeY9KeQhMX1UhJlKP0BRru0y8Die35Nu0dxtC5FGQpg1mzJ6186iUvZJU7 z4yvY6pS8Miqo3upNoSnJvPZ0rWJSf/c/nmXvH2YtkLYHZIi9w8FsPqHe1gqAhyIDQj8 KYtBvu1Wn6dS/CM+gQdNPvWVVJ6I2lMuYHdrZrIptIqnQxQjbPW4igIKL7wHZAMpMW90 g6xA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=0jk/igQVPM5D/CsX7Cek0kWxTrZrEtWOVyXt9m98U/0=; b=bTBUp4Ovatg4c3bg2yidTmlM7xlr/1K9KpRGfAaIjIS0j11/4hmNK0yIx9I4P89QWO bVGjx39hW1cG4J+BFBhRiVQ/1f+muaYWZ8vFYoJszEODscR73AFH3Ah4wwETOucpG6wN LHNYQ1etUvZo1vq1QpcHUzP2c1yrp4j0QuRl6SwFWykBc6/QIJlFYViG2pPaCi7ImIHM Hw4D0tSCyF+ud0kKqQAwOVPeFhoByJKNhMLIVi8cBCUdnTj334T5jgV17K0pGTskOXbK jAqWVKyBEqABAXSOz7RijEur5ovYtfSNNk+imN2qEzrUgMQcYHcrBThCss4dK9U0wuR1 PEiw==
X-Gm-Message-State: AHYfb5i++slLnTxqZUefbMBBPTtlY9TL95/P4nWM8a0UmDZt8ZV5kx4G GLU5+XyMS/Jy2CgJOCc=
X-Received: by 10.202.53.131 with SMTP id c125mr19505764oia.89.1502471970796; Fri, 11 Aug 2017 10:19:30 -0700 (PDT)
Received: from ?IPv6:2602:304:cda0:8800:d17e:7fe3:9cb7:7c98? ([2602:304:cda0:8800:d17e:7fe3:9cb7:7c98]) by smtp.gmail.com with ESMTPSA id 64sm1053298oif.42.2017.08.11.10.19.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Aug 2017 10:19:29 -0700 (PDT)
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
References: <1502083287.2191248.1065195288.7CDC7FF3@webmail.messagingengine.com> <CABuGu1oTMbuLd4yTwecu5sKFnsmH+HiwT1FG=JpySYHzpMTx_w@mail.gmail.com> <1502200759.3946686.1066841264.607B4D0B@webmail.messagingengine.com> <2720431.u3G7bbkkxK@kitterma-e6430> <1502317564.1935379.1068588344.040173AF@webmail.messagingengine.com> <89f1a978-0cc6-f7f3-5d3d-0ccd67341369@gmail.com> <CABuGu1paM6qjUF9sdHMR8iTJDrwp4TRPRXk4YMZ0vmKXjgHXjw@mail.gmail.com>
From: Dave Crocker <dcrocker@gmail.com>
Message-ID: <4a8d9564-ba0c-9c9b-7a23-ab6340fd2400@gmail.com>
Date: Fri, 11 Aug 2017 10:19:28 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <CABuGu1paM6qjUF9sdHMR8iTJDrwp4TRPRXk4YMZ0vmKXjgHXjw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ANrxeC7rhrTWALzVDYY2yJYQgNw>
Subject: Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Aug 2017 17:19:34 -0000

On 8/11/2017 9:34 AM, Kurt Andersen (b) wrote:
> I think that we have that sort of information scattered around in 
> various non-spec presentations that have happened regarding ARC. Do you 
> consider this to be something that should be tackled before or after the 
> "intent"-related notes in your earlier review notes from the end of July?


I think it's compatible with some of the concerns I raise and so should 
be pursued at the same time.  I'm hoping that the exercise will produce 
much better clarity and coherence and widespread understanding of what 
ARC will and will not do.

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email