Re: [dmarc-ietf] New authentication method, DNSWL

"Murray S. Kucherawy" <superuser@gmail.com> Wed, 26 June 2019 20:28 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B1CB12036C for <dmarc@ietfa.amsl.com>; Wed, 26 Jun 2019 13:28:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_UOwOXs-x7b for <dmarc@ietfa.amsl.com>; Wed, 26 Jun 2019 13:28:01 -0700 (PDT)
Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6C2212008B for <dmarc@ietf.org>; Wed, 26 Jun 2019 13:28:00 -0700 (PDT)
Received: by mail-lf1-x12b.google.com with SMTP id u10so2458751lfm.12 for <dmarc@ietf.org>; Wed, 26 Jun 2019 13:28:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=I+2RJKY75hAEFCu7fkQi2vsVz7Ef4VniWjX1SvzyWog=; b=HY8bRx4aX+WXPGj2tptCOonks35n5EW+czm1yA0d+36mOj7n3qA4hnpRo/CFEb+dFG cXVl2tlML8fVvPp2UV+ZONnLqRe8IJBv7EXcWRBJfzk6x47knmG41YHj/88r+MvlNJC9 5LDPN8tMy9EyD3grGtpoAXkQYPQq5QQfIs+U1RAzduaXqbejkpd7sXvC7B3mTru4EGoR ZVBFkdPN7tixPgh+F2w/VtxCESS+gZMKbdPGVIfJ7Vky4ZEgbWMhCFOZBtVqTQWM6+KU VT7cRRjLgoBgGxcHoVwdY18DcvIAGMlfx11AXS+Az6+ILXLuMVxHRUA7qmS+OdGym4/I +spw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=I+2RJKY75hAEFCu7fkQi2vsVz7Ef4VniWjX1SvzyWog=; b=SkLPDrKww5aJkQrFeaXEib2Sor4Yz07FtjfUqJ8fie2XaD9S3zI4TDMcxvg2vlQwse DfDk12/im7l6Ev3js1mo090Pwq0CQZPf5WcxqbtXcC1cXg5ia5MxHy4LyNzpBJ2/Ck0v jD1TLuDjlfW62xUVoXZTXmnsa+4VYiLjxLSQcJYGyzCdcZkCmwUUxvn2KnxPzkn7ZgF5 1zF2zuWN4N5z5/7EYitbqVpE7Vu2o2TBHlWhTqT+UnT7aD3CYRk8+uiY8/eB9mZxqAeN ZDRbuVoZs+0MdAnG2N9D7h5fPo2ucLo5mF+xdg0RCLkkfXO45cYS4OqN9NhypgnpRU6e KAqw==
X-Gm-Message-State: APjAAAXcgT8cnjGmss5Rm0W7uCirzxYzBiGmY4aZjjhWGb5pK8hK2zRQ SCSD882eupQCbv0wyjgTJC2aIOwFXTZ56HsFCHU=
X-Google-Smtp-Source: APXvYqx0JGxh00AjmCSXixv49aiTKUf+s89SozwnrQXbnZhXZM62PYRggkjTmYBbPO5QVeQ/ITmWsoftFcAKyhYsRhI=
X-Received: by 2002:a19:4c05:: with SMTP id z5mr31310lfa.5.1561580878612; Wed, 26 Jun 2019 13:27:58 -0700 (PDT)
MIME-Version: 1.0
References: <e580ada3-d9b5-0e5b-9ac3-eade41ac92d2@tana.it>
In-Reply-To: <e580ada3-d9b5-0e5b-9ac3-eade41ac92d2@tana.it>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Wed, 26 Jun 2019 13:27:46 -0700
Message-ID: <CAL0qLwa5yR5dVzkDSD48MDgpUa11+ri=KOwrNSqOxi8fB2i6PA@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008ecdea058c3fe16c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/IGEYtEqomhhXyBK-cUAD_zPB1Bs>
Subject: Re: [dmarc-ietf] New authentication method, DNSWL
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 20:28:03 -0000

On Tue, Jun 4, 2019 at 4:01 AM Alessandro Vesely <vesely@tana.it>; wrote:

> Appendix D1 of rfc7208 mentions DNSWL as a way to mitigate SPF's
> reject-on-fail.  The score attributed to the sender by a trusted DNSWL is
> also
> useful after DATA, thence the need to store that value for downstream
> filters.
>
> However, as an authentication method, a DNSWL TXT response can provide a
> domain
> name, which is possibly aligned with From:.  In that sense, this method
> might
> be of interest for this WG.  Probably not, but I felt compelled to make
> sure
> before trying independent submission.  (Already tried ART.)  The I-D is
> here:
> https://tools.ietf.org/html/draft-vesely-authmethod-dnswl
>

With my Designated Expert hat on and co-chair hat off, a procedural point
here:

The IANA registry for these is Expert Review, which means you don't have to
publish an RFC to get it registered.  You can, but it's not necessary if
your registration request can sufficiently describe what you're doing.  See
RFC8601 Section 6.2, fourth paragraph.

-MSK