IETF Logo Mail Archive

Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily

"John R Levine" <johnl@taugh.com> Wed, 15 August 2018 18:53 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE0F6130E31 for <dmarc@ietfa.amsl.com>; Wed, 15 Aug 2018 11:53:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9GWpZvNSNt2K for <dmarc@ietfa.amsl.com>; Wed, 15 Aug 2018 11:53:09 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9CB9130E1F for <dmarc@ietf.org>; Wed, 15 Aug 2018 11:53:08 -0700 (PDT)
Received: (qmail 80895 invoked from network); 15 Aug 2018 18:53:07 -0000
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 15 Aug 2018 18:53:07 -0000
Date: Wed, 15 Aug 2018 14:53:07 -0400
Message-ID: <alpine.OSX.2.21.1808151449300.17305@ary.qy>
From: John R Levine <johnl@taugh.com>
To: Dave Crocker <dcrocker@gmail.com>
Cc: dmarc@ietf.org
In-Reply-To: <5a48a9af-1dc7-92dd-eaa8-c1df09ae26cf@gmail.com>
References: <20180815183022.09ED420038205D@ary.qy> <5a48a9af-1dc7-92dd-eaa8-c1df09ae26cf@gmail.com>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/F-noC0bKQxQxxuhY32PbhZXuas4>
Subject: Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Aug 2018 18:53:11 -0000

On Wed, 15 Aug 2018, Dave Crocker wrote:
> Modest, indeed.  Also unknown.
>
> This is building in a permanent behavior, for a use that is, at best, vague conjecture.

Well, sure, but we could say that about all of ARC.  As far as I know 
nobody has any rules yet for evaluating ARC chains beyond "if it was 
originally from us and the chain is good, it's probably OK."

The cost of adding the cv=fail signature is pretty low, and I don't see 
any way that it would make things worse.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email