Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd

"Kurt Andersen (b)" <kboth@drkurt.com> Wed, 11 December 2019 15:46 UTC

Return-Path: <kurta@drkurt.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4D61120B56 for <dmarc@ietfa.amsl.com>; Wed, 11 Dec 2019 07:46:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mnXLIZgVn8Bv for <dmarc@ietfa.amsl.com>; Wed, 11 Dec 2019 07:45:58 -0800 (PST)
Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C286A120AF0 for <dmarc@ietf.org>; Wed, 11 Dec 2019 07:45:58 -0800 (PST)
Received: by mail-io1-xd2f.google.com with SMTP id w3so3645218iot.11 for <dmarc@ietf.org>; Wed, 11 Dec 2019 07:45:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ukblskYV7wPflNWDOxbUqgIq+N6CkC+BdTbOqPIouFM=; b=X+d6HhWfq10CIiyjTXV0ry/xepnFGJd6rA/m3d+qUD/eItz2wfHvNXzQkHlMY0/riS 2sM5zNvurTI0T6Ck1nwoUXZblX+ixCtP7ntizDkOlNzjm653vcQBe4laDZyfG3ATUQr9 PabyHCj5+EmG8Y8JA1MQrB1+Zl52NzJ5tKQyg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ukblskYV7wPflNWDOxbUqgIq+N6CkC+BdTbOqPIouFM=; b=C5U4wmqcyv9RBTDr8IKnnP5XUusZ9MClTzlhdy4dR85ZKuhYDckChJwEd1LwWgPHU0 yQHu45+40fKlCZQD/gI7bwOs7rRvmWpD/arH+WR1dgfezvCNGk+6+rQKtFBqqgW2+EQL i3JRIyH8wXikX4DBdgzd+v20xqs4uCXh+ioddg8Ig+u5I8L+mEs8RmA44/pS03ovpvMj sRztwMcmRfzcq78hEdneApSBZ77Iv6bG8LfaK+53Q7le7NF9YFSi7x4CYjpEsRA1Un6U MnwpV8cHzIY1/1OE+j+hL3fDlp2kmrjJaZdP0QhWd2I9UbaBfmiJlz8f4Rm5fCT9fvTc nOlA==
X-Gm-Message-State: APjAAAVHASUtTZg+g2Ka9e3LlxvScxBdDOGCSYFhpcgvHWkYa74JON4E yCHN0CjZ/man2Udz8ewyY/kWCVSN1mm+opdFW+GuWg==
X-Google-Smtp-Source: APXvYqzqSLkHFaxagasAROHQfcF2cSU4NGxlrDwH2TWCr1bOd7PgWqjxjZteY9RVhmyfY8FiPX+bf7myA7n71MaVTdM=
X-Received: by 2002:a5d:8c8c:: with SMTP id g12mr1777519ion.23.1576079157687; Wed, 11 Dec 2019 07:45:57 -0800 (PST)
MIME-Version: 1.0
References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> <CABa8R6vV3=mONXUehda_6C616CyEXPRjceSN8T+DcPmLQwcXOA@mail.gmail.com> <92703458.QmNNAb80T6@l5580> <CABuGu1ob6CYTt7_X1pMfGpajMOoytN3wuX_i+9MQf9nUYkzk0g@mail.gmail.com> <CABa8R6vSYGWxR5SOEQq0GZ+++L=jhEpOThzaTeyPUd4gUT85SA@mail.gmail.com>
In-Reply-To: <CABa8R6vSYGWxR5SOEQq0GZ+++L=jhEpOThzaTeyPUd4gUT85SA@mail.gmail.com>
From: "Kurt Andersen (b)" <kboth@drkurt.com>
Date: Wed, 11 Dec 2019 07:45:32 -0800
Message-ID: <CABuGu1q9ExpWGk38BZszBMeoKuZe0p77ng5EE43omhu6mU4kCg@mail.gmail.com>
To: Brandon Long <blong@google.com>
Cc: Scott Kitterman <sklist@kitterman.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000550c6f05996f86d3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/CJET22PwxYSvSCg2h3WIigsEafo>
Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2019 15:46:01 -0000

On Tue, Dec 10, 2019 at 2:13 PM Brandon Long <blong@google.com> wrote:

>
> On Mon, Dec 9, 2019 at 6:27 PM Kurt Andersen (b) <kboth@drkurt.com> wrote:
>
>> On Mon, Dec 9, 2019 at 4:54 PM Scott Kitterman <sklist@kitterman.com>
>> wrote:
>>
>>> On Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote:
>>>
>>> > I'm sure I probably missed this, but couldn't we avoid this question
>>> by just mandating no reporting for non-existing organizational domains?  Is
>>> that a non-starter?
>>>
>>> It's one of the use cases we are trying to cover.  I don't know if that
>>> makes it a non-starter.
>>>
>>
>> Unless I'm misunderstanding Brandon's suggestion, it seems like you
>> (Brandon) are asking if doing no reporting on missing org domains solves
>> the scalability problem. *Getting* reports for missing org domains is the
>> main purpose of the PSD proposal so it would render the purpose moot.
>>
>
> Hmm, I guess I don't see it that way.
>
> Preventing phishing attacks from nonexistent.gov.uk, insomuch as DMARC
> can be used for such, seems way more important than the reporting.
> Obviously, getting to p=reject without reporting is more challenging.  You
> can certainly have policy without reporting.
>

While it is very true that receivers may implement validation and possibly
enforcement without reporting, we could solve the use case of phishing from
missing org-level domains by the same approach that we can solve it from
any missing domain - just don't accept mail from such bogus sources. That
does not help the overseers of a domain realm (org-1, aka LPSD) to tackle
takedowns or public awareness campaigns against such abuse though.

--Kurt