IETF Logo Mail Archive

Re: [dmarc-ietf] auth-res vs. dmarc

Michael Thomas <mike@mtcc.com> Wed, 30 December 2020 17:16 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 870EF3A0A22 for <dmarc@ietfa.amsl.com>; Wed, 30 Dec 2020 09:16:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEKQWfNuJ2w9 for <dmarc@ietfa.amsl.com>; Wed, 30 Dec 2020 09:16:11 -0800 (PST)
Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E18E13A0A1E for <dmarc@ietf.org>; Wed, 30 Dec 2020 09:16:11 -0800 (PST)
Received: by mail-pj1-x1034.google.com with SMTP id f14so3671490pju.4 for <dmarc@ietf.org>; Wed, 30 Dec 2020 09:16:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=HkP/tYvZenAKCwv4VepNUH12wKNk3BhNYKyAAHVL8SM=; b=MuZGSZZruiBWF3g8AwTMKrZ5VPOxwGYiDHLmt8Z6X8UpSESJpU2L6sii+whqHdVQdF U5WPVi1aLhVfp3YUvctsb2Pifyb+HC5Zw2PeV+aEET/D3MhIt563cb6oqXvKV3txR+9G ry+Lx3pZ/DkBs6fyoXhNsz7GxvESzd8gISH4tVGf5Z5tFw+8LItJR6TafIRGiS1oVkei 7ZER49ACECF55KWG3TyNMHwn3q7o2T/pgue1JycNeFuAP4SZOgvhALNqft0rzepkLK7f qsTmvIdRpGGhwyDvpW54lUbH7TJhwY+DrcITt8oAlFJtVUmbUTWKb4vz8j4FNYx72C6P PXiw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=HkP/tYvZenAKCwv4VepNUH12wKNk3BhNYKyAAHVL8SM=; b=tzztsFzbA07Nu2iKOV81pA5H72U9YeGYxJdlPctY45Z+g9wNEL2/Pxf6mZyonoLdWv VXlTr3usAKWSjtvpQOddUZS4A5Qwh/8vKSaYuryGT2/n7GLVlRF8+GTIMt2trcD45koi pDVxG2A1KW8bHB7z8cn7K8OtmaJPqdwEGZlgVuKoBj7jQ72IYbY4HhR9ZT/ofHl3mQrw FzpNAhYvbuDyE/9XNPDhF2EQgQLfzBqwDbJcUI/xcJgCaMI9SBQrJnJNt6wU3NxZBN95 OXnDaCO/xwtO0ko4KbvoVZ7QFdOFUPshlM6HWOvlt5nmhwWVTo/ZQdJSzL5kgaj1NBGY dosQ==
X-Gm-Message-State: AOAM533xj6x8ZyV8L0lLHm4PaeQEZOELDp+DURmKWa86OYdO91TKlzpY j8yr9ul7sTNxf9BmNn2vlHejzF9pYz6LtQ==
X-Google-Smtp-Source: ABdhPJyp6rLGVFq3ElwoelS2TXU7pOFvJiMn028rdKTASlJWZmVi3vtpLNQN4sbVM9Dbu0JpMYYaGA==
X-Received: by 2002:a17:902:a512:b029:db:cf4c:336b with SMTP id s18-20020a170902a512b02900dbcf4c336bmr53967142plq.17.1609348570872; Wed, 30 Dec 2020 09:16:10 -0800 (PST)
Received: from mike-mac.lan (107-182-45-95.volcanocom.com. [107.182.45.95]) by smtp.gmail.com with ESMTPSA id u25sm41531183pfn.101.2020.12.30.09.16.09 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 30 Dec 2020 09:16:10 -0800 (PST)
To: Seth Blank <seth@valimail.com>
Cc: Dotzero <dotzero@gmail.com>, IETF DMARC WG <dmarc@ietf.org>
References: <9f6782b1-e85b-1a9c-9151-98feff7e18ea@mtcc.com> <CAHej_8mApfoF2ORgL+DoYTanrdhMjvT9H27kORwLKCQc1C9sRw@mail.gmail.com> <5588dbbe-b876-ed80-c80f-792380e3718f@mtcc.com> <CAHej_8=kW_t_JkOxUud1Uz8+PrbMh5CfwfxZK=mhe0wjW8wQpw@mail.gmail.com> <54dd9978-bcd1-6757-ad27-dcef6db6e5f7@mtcc.com> <CAHej_8kCi=7oqojDH_rbjn7kRg-PTDJWLgcKTGK9z-baUnKeMw@mail.gmail.com> <ef32de1e-d47e-1d0f-3cec-5994c7fdb7ae@mtcc.com> <CAHej_8kjSsQK_XEbdjWzV5npa29YjGadzD06Fmx3QLB4p+n_Cg@mail.gmail.com> <937f1019-a028-308d-2a0f-1e720fd49dcd@mtcc.com> <d8014c2a-c1c9-9eac-e64a-5f285bab7fd3@tana.it> <CAHej_8mgYr9ERAxmup+keZT5u8L+qgCxcSLH7Z=BEuZLouttpg@mail.gmail.com> <72e20c17-e991-e82a-9120-a27097e3ac58@mtcc.com> <CAHej_8=6huc-N4ymDTOWZXHGjQQ-3RFDdomRzmGp4kOseHckMQ@mail.gmail.com> <7863d250-f56a-1fe1-44ee-fbc7486d48b4@mtcc.com> <CAJ4XoYdMdaE92UOrXvcAqm2iou+PCGg_uzHUsmBsYRe1PivBJw@mail.gmail.com> <ac7b7b32-c544-60f2-1a6a-a5a210ac72ed@mtcc.com> <CAOZAAfNRgxJaO-TJcnvqJTqOCsixzLJVK+vSH-Av+FezY=texw@mail.gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <0b0c0c7c-f374-6718-5071-b5e9b0d67db3@mtcc.com>
Date: Wed, 30 Dec 2020 09:16:08 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <CAOZAAfNRgxJaO-TJcnvqJTqOCsixzLJVK+vSH-Av+FezY=texw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ITPBzDbmQGC3h1UC4lp2lLGodYk>
Subject: Re: [dmarc-ietf] auth-res vs. dmarc
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Dec 2020 17:16:15 -0000

On 12/30/20 8:42 AM, Seth Blank wrote:
> At this point, this thread is deeply unproductive and preventing work 
> on open tickets.
>
> Mike, I hear that you believe better normative accounting for DMARC 
> results in auth-res is needed. If this is correct, please open a 
> ticket, and the working group will address it later as we've committed 
> to discussing all open tickets.
>
Later? How much later? Looking at the open tickets it looks you have 
about 5 more years of "later". And I would say the chairs teeing up 
tickets would be a far more efficient means of driving the process than 
shutting down discussions that will become tickets. That other thread on 
privacy should have been closed out weeks ago.

I believe there are several separate issues:

1) There is a scaling issue for DMARC if it is required to be used 
beyond the boundary of an administrative domain, and especially if MUA's 
start running them; there is nothing that says that they can't or shouldn't.

2) Auth-res process-wise is an orphan with no means of discussing it in 
any working group even though it's standards track and has issues 
requiring coordination with this working group

3) The fundamental question that Ned brought up which is whether 
Auth-res is a protocol at all. If it's really just a debugging tool to 
be use by humans, it should definitely just be informational, and 
probably historic. Either Auth-res is useful and supported or not and 
should be killed

4) Should DMARC require a normative Authentication-Results Requirements 
section? This process-wise would solve the problem of auth-res in (2) 
and shift the specification of that normative text back to the document 
that is affected by it, letting Auth-res just be a transport vehicle so 
that it doesn't require yet another working group-less update. That is 
what we should have done from the start, but auth-res is an accident of 
history.

Mike

v2.23.0 | Report a Bug | By Email