[dmarc-ietf] ***SPAM*** 11.422 (5) Re: Draft DMARC working group charter
Barry Leiba <barryleiba@computer.org> Mon, 23 June 2014 05:44 UTC
Return-Path: <barryleiba@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB5AC1B29AB for <dmarc@ietfa.amsl.com>; Sun, 22 Jun 2014 22:44:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: YES
X-Spam-Score: 11.422
X-Spam-Level: ***********
X-Spam-Status: Yes, score=11.422 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001, URIBL_WS_SURBL=10] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bull9G6rFpqt for <dmarc@ietfa.amsl.com>; Sun, 22 Jun 2014 22:44:52 -0700 (PDT)
Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5476E1B29A9 for <dmarc@ietf.org>; Sun, 22 Jun 2014 22:44:52 -0700 (PDT)
Received: by mail-lb0-f182.google.com with SMTP id c11so3829292lbj.13 for <dmarc@ietf.org>; Sun, 22 Jun 2014 22:44:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=hYVjz0zMQw1tEf0b+tz2b8rcy2Gt0n3WAC1rFepsGfQ=; b=tTcQfhQXUNX3gqf6h82JPL+l4kTGIPHJyCIWoJFnkJxapfcdSCh9bQQqjU0/sF4j4y K9i0HIV+VszU5WBU5dAQ1BPxye+3waXdEp6jRYzt82FKbVm2aTrZ6UlQBzBWPkig8hOJ 31pd3PqeEBof5b83L6IN7EgJOgR69SXRmvXEFiTl7QsKAS8yaDRYdf0huOo9gwZda0rv MjLD/aINlrhTuQajaIl38ROSOQDIwFP2ixMG137HirrzjsO0iamIHDbQjjkTlK42mvRp kWqyDS/b/becR1R19shfLC+WSkbxicHRegeOfHPI0l0GnZQHYcdZ5daT2m0VtkTzvYA8 X0gQ==
MIME-Version: 1.0
X-Received: by 10.112.13.35 with SMTP id e3mr14910427lbc.44.1403502290321; Sun, 22 Jun 2014 22:44:50 -0700 (PDT)
Sender: barryleiba@gmail.com
Received: by 10.152.104.80 with HTTP; Sun, 22 Jun 2014 22:44:50 -0700 (PDT)
In-Reply-To: <53A48DB1.9080706@gmail.com>
References: <539AE0FB.1090909@bbiw.net> <CAL0qLwa03uEVxoS5oeHctAyTChLyQPQC7KL-pSYUQnLvFMMWMQ@mail.gmail.com> <53A098DB.4090801@bbiw.net> <1EFCC6B6-83CD-4D14-9E8E-B72769764E2B@eudev.net> <alpine.BSF.2.00.1406181126570.78397@medusa.blackops.org> <alpine.BSF.2.00.1406181135010.78397@medusa.blackops.org> <f74dd22a-9b7a-4f90-8031-3060b79092db.maildroid@localhost> <6DA6615A-B1B4-495D-BE7A-C5BA0770A6C8@eudev.net> <53A48DB1.9080706@gmail.com>
Date: Mon, 23 Jun 2014 01:44:50 -0400
X-Google-Sender-Auth: -VwSLJcZNB4IlkV1_GBx68dfo8M
Message-ID: <CALaySJKjaRPgeJJ5Aofsfo0LtGgHj4KhL_C1PVHdE3T7jk_hNg@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/dmarc/EawicsyUtGJDJ3xSMTVbgTgybbc
Subject: [dmarc-ietf] ***SPAM*** 11.422 (5) Re: Draft DMARC working group charter
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jun 2014 05:44:55 -0000
I'd like to steer the discussion on this list for now: Dave posted the following message to the list on Friday. Unfortunately, the list seems to have marked it as spam, and it's not in the archive. I hope this copy will get into the archive, and to everyone's mailbox. And so: Let's please stop all the other discussions for now, and say that the purpose of the <dmarc@ietf.org> mailing list is, for now, to discuss the charter proposal and converge on a charter for a working group. Please have at it. (And please remove me from the CC list when you reply to this; I subscribe to the list from another email address, and don't want a separate copy.) Barry, Applications AD On Fri, Jun 20, 2014 at 3:38 PM, Dave Crocker <dcrocker@gmail.com> wrote: Folks, Here is some draft text to consider for a DMARC working group charter: Working group name: dmarc Chair(s): Area and Area Director(s): Responsible Area Director: Mailing list: https://www.ietf.org/mailman/listinfo/dmarc Description of working group ---------------------------- Domain-based Message Authentication, Reporting & Conformance (DMARC) extends stable, domain-level validation to the RFC5322.From field. DMARC builds upon existing mail authentication technologies (SPF and DKIM), using DNS records to add policy-related requests for receivers and defining a feedback mechanism from receivers back to domain owners. This can allow a domain owner to advertise that mail, which does not authenticate use of the domain name in the From field, can safely receive differential handling, such as rejection. Existing deployment of DMARC has demonstrated utility at internet scale, in dealing with significant email abuse, and has permitted simplifying some mail handling processes. However, DMARC is problematic for mail that does not flow from operators having a relationship with the domain owner, directly to receivers operating the destination mailbox. Examples of such "indirect" flows are mailing lists, publish-to-friend functionality, mailbox forwarding (".forward"), and third-party services that send on behalf of clients. The working group will explore possible updates and extensions to the specifications in order to address limitations and/or add capabilities. It will also provide technical implementation guidance and review possible enhancements elsewhere in the mail handling sequence that could improve could DMARC compatibility. The existing base specification is being submitted as an Independent Submission to become an Informational RFC. Specifications produced by the working group will ensure preservation of DMARC utility for detecting unauthorized use of domain names, while improving the identification of legitimate sources that do not currently conform to DMARC requirements. Issues based on operational experience and/or data aggregated from multiple sources will be given priority. The working group will seek to preserve interoperability with the installed base of DMARC systems, and will provide careful justification for any non-interoperability. The working group will seek to maintain the viability of stable domain-level identifiers in mail, and will document existing mail streams that do not conform to the DMARC model. Working group activities will pursue three tracks: 1. Inter-Specification -- Organize and document "DMARC interoperability issues", developing suggestions for improvements The working group will document the effects of DMARC on indirect mail flows, including deployed behaviors of many different intermediaries, such as mailing list managers, automated mailbox forwarding services, and MTAs that perform enhanced message handling that results in message modification. The working group will consider mechanisms for reducing or eliminating the DMARC's effects on indirect mail flows. Among the choices are: - A form of DKIM signature that is better able to survive transit through intermediaries. - Collaborative or passive transitive mechanisms that enable an intermediary to participate in the trust sequence, propagating authentication directly or reporting its results. - Message modification by an intermediary, to avoid authentication failures, such as by using specified conventions for changing the aligned identity. Consideration also will be given to survivable authentication through sequences of multiple intermediaries. 2. Intra-Specification -- Audit each part of the DMARC specification (reporting, policy, auth), making improvements as appropriate. The working group will not develop additional mail authentication technologies, but may document authentication requirements that are desirable. The base specification relies on the ability of an email receiver to determine the organizational domain responsible for sending mail. An organizational domain is the basic domain name obtained through a public registry, such as example.com or example.co.uk. While the common practice is to use a "public suffix" list to determine organizational domain, it is widely recognized that this solution will not scale, and that the current list often is inaccurate. The task of defining a standard mechanism for identifying organizational domain is out of scope for this working group. However the working group can consider extending the base DMARC specification to accommodate such a standard, should it be developed during the life of this working group. Improvements in DMARC features (identifier alignment, reporting, policy preferences) will be considered, such as: - Enumeration of data elements required in "Failure" reports (specifically to address privacy issues) - Handling potential reporting abuse - Aggregate reporting to support additional reporting scenarios - Alternate reporting channels - Utility of arbitrary identifier alignment - Utility of a formalized policy exception mechanism 3. DMARC Usage The working group will deliver an implementation and deployment guide. The guide will catalog best current operational practices in terms of configuration, installation, monitoring, diagnosis and reporting. It will also develop advice on practices that are not yet well-established but which are believed to be appropriate. The group will consider separating configuration and other deployment information that needs to be in the base spec, from information that should be in a separate guide. Among the topics anticipated to be included in the document are: - Identifier alignment configuration options - Implementation decisions regarding "pct" - Determining effective RUA sending frequency - Leveraging policy caching - Various options for integrating within an existing flow - Defining a useful, common set of options for the addresses to which feedback reports are to be sent - When and how to use local policy override options Goals and milestones -------------------- Phase I: Draft description of interoperability issues and plausible methods for eliminating or reducing them. This will not include final choices. Draft Guide on DMARC Usage Phase II: Specification of DMARC improvements to support better interoperability Review and refinement of the DMARC specification Phase III: Completion of Guide on DMARC Usage References ---------- DMARC - http://dmarc.org SPF - RFC7208 DKIM - RFC6376 Internet Message Format - RFC5322 OAR / Original Authentication Results - draft-kucherawy-original-authres Using DMARC - draft-crocker-dmarc-bcp-03 -- Dave Crocker Brandenburg InternetWorking bbiw.net
- [dmarc-ietf] ***SPAM*** 8 (5) Draft DMARC working… Dave Crocker
- [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- [dmarc-ietf] ***SPAM*** 11.422 (5) Re: Draft DMAR… Barry Leiba
- Re: [dmarc-ietf] Draft DMARC working group charter Alessandro Vesely
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] ***SPAM*** 11.422 (5) Re: Draft … Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Draft D… Jim Fenton
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- [dmarc-ietf] ***SPAM*** 8.001 (5) Re: ***SPAM*** … Murray S. Kucherawy
- [dmarc-ietf] ***SPAM*** 8 (5) Re: Draft DMARC wor… Dave Crocker
- Re: [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Dra… Barry Leiba
- Re: [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Dra… Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter Jim Fenton
- Re: [dmarc-ietf] Draft DMARC working group charter John R Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter J. Trent Adams
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- [dmarc-ietf] Draft DMARC working group charter Tim Draegen
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Tim Draegen
- Re: [dmarc-ietf] Draft DMARC working group charter Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter Mike Jones
- Re: [dmarc-ietf] Draft DMARC working group charter Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Terry Zink
- Re: [dmarc-ietf] Draft DMARC working group charter Brandon Long
- Re: [dmarc-ietf] Draft DMARC working group charter Steven M Jones
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Alessandro Vesely
- Re: [dmarc-ietf] Draft DMARC working group charter Steven M Jones
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Barry Leiba
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Alessandro Vesely
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Andrew Sullivan
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Andrew Sullivan
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter John R Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Andreas Schulze