Re: [dmarc-ietf] Third party signatures
Wei Chuang <weihaw@google.com> Mon, 15 May 2023 09:03 UTC
Return-Path: <weihaw@google.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51DA2C1519A2 for <dmarc@ietfa.amsl.com>; Mon, 15 May 2023 02:03:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.587
X-Spam-Level:
X-Spam-Status: No, score=-17.587 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LKTIqPTun9cA for <dmarc@ietfa.amsl.com>; Mon, 15 May 2023 02:02:56 -0700 (PDT)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2F42C1519A1 for <dmarc@ietf.org>; Mon, 15 May 2023 02:02:55 -0700 (PDT)
Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-3f426da5bb1so25e9.1 for <dmarc@ietf.org>; Mon, 15 May 2023 02:02:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1684141374; x=1686733374; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=il7ZnvmAmazovyqMN3lrraGt3qvjdQsApI/OcYVjfL0=; b=uBORXiu7Rxy+tcqu7FCHFFyA/z9BwsFCoviwBff5KsGZyuV/xR0PDmw8xb9nM+wCpJ GU+BWmYPlh51ID8YrI0F9wQzN9C0TnKuVOKWAMxNT1yeTxoq9uZzgtxAU8eJIhphw8X4 HUeayk5DXSluMUcrHHp7ipru2uRhS/o4/ewKxaziiwqhw+YWz3ssRRKGnaaNXgfkHUbq q2uRe8PVpaIgUFzb6QDdN0oidU2qCwVrQ7wKqFEdRgXQHhneQ0pm1Q9xYhXXE3FtoTqP rQ2cjO9AnxBb7ccFKJdTP30Xbw6V8wX+eWEK9PLcTe9VdI5ezgc2pBP4aA5WtevHbCxg uH9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684141374; x=1686733374; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=il7ZnvmAmazovyqMN3lrraGt3qvjdQsApI/OcYVjfL0=; b=S0oZuNSoimzPorfZVHKInA6q4hCd8TQy0crB77WNJsSJ0AJ6ly4J1u/N9RHL7gXFUz a5lkEQlfDVpZCzxQnQjojEcnRGSHbKDP5pUSeK4hCEk9ZonAlMUwFkXWQJWZ1nJEn0eW urS8bEekuG81jIHYx85vzOdeRyyKvBFOqutj9DdbVXo0R90QnTc6SowCkAKqEP6v4GCN A0LX572PeeY7J4BIvwEbcOfHeZGoUSg9WWvgZREmvEIGDgOQrzi5hoRwaXc9SES7+iAU kCsEdLbBijzI9QTQUNluxWZ2PaMQdvZoocmWIS2DkvLw+OhKHI6IHowauLelac+9bkeL v0TQ==
X-Gm-Message-State: AC+VfDwf1qMS/bFs6InMCYcu/a0IJw5LtvrD+wmhY7zaNP8pd6jaMzQk qelBkdU3NCTfA89ljs51IHKctLqoA1YBFdqsX+BcKhoirOwIhKC7zMCHvQ==
X-Google-Smtp-Source: ACHHUZ4CS5aS4vzhnY1diXFA60qOOptHk+fnuqiCvwU1/2FI/9DYBsQKtVfT6yr1oLCjfofVykfABHWTrhC0/yZVJMA=
X-Received: by 2002:a05:600c:3b9f:b0:3f4:f36e:7047 with SMTP id n31-20020a05600c3b9f00b003f4f36e7047mr13238wms.1.1684141372576; Mon, 15 May 2023 02:02:52 -0700 (PDT)
MIME-Version: 1.0
References: <CAL0qLwa9DoTCVCOOgrB1NySd2-aE-5wVSGsLNh=8k7xwDLgrTw@mail.gmail.com> <20230502170640.E2095CAA204B@ary.qy> <CAL0qLwYQLmJiG9wjyim42xPiQvXZxNxoV0j2HtxZeAV1bAWz=g@mail.gmail.com> <CAAFsWK1fcsdse9EVKaeEerV14Zx0imuM2yAZLxGPzZUEZRvvjQ@mail.gmail.com> <710950a7-3d6b-cc12-0529-89f17dd640bc@taugh.com>
In-Reply-To: <710950a7-3d6b-cc12-0529-89f17dd640bc@taugh.com>
From: Wei Chuang <weihaw@google.com>
Date: Mon, 15 May 2023 02:02:33 -0700
Message-ID: <CAAFsWK21NSoPhmmiX_aKzYWsfdEYVSVY1QiX8p9r8rXUGdHzQg@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Cc: dmarc@ietf.org
Content-Type: multipart/mixed; boundary="000000000000441e9c05fbb7b8f0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Ayz5pUSolvlguHYv773EuWuY7MM>
Subject: Re: [dmarc-ietf] Third party signatures
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 May 2023 09:03:00 -0000
That's a good point around ARC as that's what it was meant to do. And that got me thinking that it might be helpful to systematically compare the different proposed approaches and their pros and cons. The next approach would be to consider the general approach of the reversible transform idea that several folks have proposed, and how that would look. And that got me rethinking the "DARA" work that we're already prototyping for DKIM replay mitigation, if it can relate to mailing-list and forwarder modifications and I now think DARA can help here too. The three different approaches have distinct pros and cons. The following is a summary of the comparison. Attached is a more detailed comparison as PDF that tries to work through what the algorithms would likely do. ARC Use ARC to override the SPF and DKIM results at Receiver by those found at the Forwarder. Pros: - Uses existing SPF, DKIM and ARC standards. - Tolerates header and body modifications Cons: - Receiver must trust the ARC headers generated by the forwarder. - Receiver must trust the modifications the forwarder made. - Receiver must trust that no ARC replay occurred Transform Proposed in draft-kucherawy-dkim-transform <https://datatracker.ietf.org/doc/draft-kucherawy-dkim-transform/02/> where the forwarder can specify a "tf=" tag that specifies addition of Subject header prefix, text footer to a mime-part, mimify plaintext, and adding a mime-part representing a footer to an existing mime-tree to the DKIM-Signature. These all may be reversed to recover the original signature. DKIM-Signature: d=...; tf=subject,mime-wrap, The ideas in draft-vesely-dmarc-mlm-transform-07 <https://datatracker.ietf.org/doc/html/draft-vesely-dmarc-mlm-transform-07> are conceptually similar though add support for ARC. Pros: - Tolerates header and body modifications - Identifies the modifications - Does not require particular trust of the forwarder to be non-malicious Cons: - Receiver must trust that no DKIM replay occurred - Might not compose across multiple modifying forwarders - Might not support all possible modifications by forwarder - Reversing all possible draft transformations is potentially complicated DARAThis clarifies the DARA ideas in draft-chuang-replay-resistant-arc <https://datatracker.ietf.org/doc/draft-chuang-replay-resistant-arc/> which calls for authenticating a path from the Originator through the Forwarder to the Receiver that's tolerant of modifications. Some ideas of a validated path are explored in draft-levine-dkim-conditional <https://datatracker.ietf.org/doc/html/draft-levine-dkim-conditional-04>. Pros: - Tolerates header and body modifications - Does not require particular trust of the forwarder to be non-malicious - Supports arbitrary many forwarders that may modify the message - Supports protocol unaware participants Cons: - Requires DNS policy lookup on outbound delivery - Requires additional messages DKIM signing to support Bcc/Mailing-list recipients (each get their own signed copy) - Builds upon ARC which is considered complicated -Wei On Sat, May 6, 2023 at 7:42 AM John R Levine <johnl@taugh.com> wrote: > > It is not a commitment at this time. That said, we are interested in > > solving this problem and welcome collaboratively figuring out the right > way > > to do this. > > It seems to me that ARC provides the useful parts of third party > signatures and, while rather complicated, has the benefit of actually > existing. The chain of authority runs from the relay host back to the > original rather than the other way around, but that's a lot easier to do > mechanically. > > Regards, > John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY > "I dropped the toothpaste", said Tom, crestfallenly. >
- [dmarc-ietf] Third party signatures Murray S. Kucherawy
- Re: [dmarc-ietf] Third party signatures Wei Chuang
- Re: [dmarc-ietf] Third party signatures John Levine
- Re: [dmarc-ietf] Third party signatures Murray S. Kucherawy
- Re: [dmarc-ietf] Third party signatures Alessandro Vesely
- Re: [dmarc-ietf] Third party signatures Wei Chuang
- Re: [dmarc-ietf] Third party signatures John R Levine
- Re: [dmarc-ietf] Third party signatures Wei Chuang
- Re: [dmarc-ietf] Third party signatures Hector Santos
- Re: [dmarc-ietf] Third party signatures Alessandro Vesely
- Re: [dmarc-ietf] Third party signatures Douglas Foster