IETF Logo Mail Archive

Re: [dmarc-ietf] indeterminisim of ARC-Seal b= value

ned+dmarc@mrochek.com Thu, 30 March 2017 17:25 UTC

Return-Path: <ned+dmarc@mrochek.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87E8F1299E3 for <dmarc@ietfa.amsl.com>; Thu, 30 Mar 2017 10:25:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id piDs1us4Sb6z for <dmarc@ietfa.amsl.com>; Thu, 30 Mar 2017 10:25:31 -0700 (PDT)
Received: from mauve.mrochek.com (mauve.mrochek.com [68.183.62.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B8FD126DFB for <dmarc@ietf.org>; Thu, 30 Mar 2017 10:25:30 -0700 (PDT)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01QCKXWEQQV400VUEQ@mauve.mrochek.com> for dmarc@ietf.org; Thu, 30 Mar 2017 10:20:25 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: TEXT/PLAIN; CHARSET="us-ascii"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01QCKVA263Z40003XB@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for dmarc@ietf.org; Thu, 30 Mar 2017 10:20:18 -0700 (PDT)
From: ned+dmarc@mrochek.com
Cc: ned+dmarc@mrochek.com, Scott Kitterman <sklist@kitterman.com>, "dmarc@ietf.org" <dmarc@ietf.org>, "Murray S. Kucherawy" <superuser@gmail.com>
Message-id: <01QCKXW9MZ4Q0003XB@mauve.mrochek.com>
Date: Thu, 30 Mar 2017 10:13:54 -0700
In-reply-to: "Your message dated Thu, 30 Mar 2017 10:01:05 -0700" <CAOj=BA3p-XQT=AeR4PHC-udWsn7rOmtR+UQHV0vbVofDKYOH_Q@mail.gmail.com>
References: <CANtLugO_D1Mz_v_341pc5O1mZ7RhOTrFA3+Ob5-onp72+5uRfA@mail.gmail.com> <alpine.OSX.2.20.1703272118210.2533@ary.local> <CAOj=BA0YKHYrkseR=wwgZn0_GNBKfdL7jmHehgBRzxqGKV6C1g@mail.gmail.com> <2978391.eJVbVTHBlo@kitterma-e6430> <CAL0qLwbP4c+09=TNSOsDqKwcp6iw++aGW8jDhARoVwvsghSLvA@mail.gmail.com> <01QCKR5S5OXK0003XB@mauve.mrochek.com> <CAOj=BA3p-XQT=AeR4PHC-udWsn7rOmtR+UQHV0vbVofDKYOH_Q@mail.gmail.com>
To: Peter Goldstein <peter@valimail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/J0-y6ykpp0hPtDEYHWyBGr3h8bs>
Subject: Re: [dmarc-ietf] indeterminisim of ARC-Seal b= value
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 17:25:34 -0000

> >
> > > I think Peter's proposal (and he can correct me if I'm wrong) is only to
> > > constrain signers.  Verifiers are still expected to handle everything
> > weird
> > > that the infrastructure might do.
> > This proposal creates a situation where verifiers are required to support
> > something that no compliant signer will generate. The result will be that a
> > test suite with reasonable coverage cannot be generated using compliant
> > software.
> > And since most people are not going to bother to create an incompliant
> > signer
> > specifically for purposes of testing, if anything this will create, rather
> > than
> > elimnate, interoperability problems.
> >

> Just to be clear, this is not what I was proposing.  Specifically, I don't
> think the Robustness Principle
> <https://en.wikipedia.org/wiki/Robustness_principle> applies in this case.
> Verification should check the RFC defined spacing, ordering, etc. of the
> tag/value pairs and reject non-compliant values

> As this is a new protocol, and these headers are all new and used
> exclusively for ARC, and for the reasons mentioned by Ned, there's no
> reason to be lenient in what is accepted.

On the contrary, there are very good reasons. People aren't going to magic
up implementations of ARC out of nothing; they will undoubtedly use
existing DKIM code as a starting point. Implementing an ordering
requirement on top of such code could get interesting depending on how
it works.

And given the relationship with DKIM people are going to expect ARC
to work in the same general way, maing such a change a least astonishment
principle violation.

> > That sort of organic validation of implementations seemed to work for
> > > DKIM.  The unknown here is whether ARC will be as successful with that
> > > model.

> > Exactly. And given the success of the approach with DKIM, the burden is
> > on those proposing to use a different model for ARC to explain why it will
> > work better.


> A few quick comments on this.

> As per my earlier email, I have a lot less confidence in how well this
> 'seemed to work' than some of the other participants in this thread.  One
> of the benefits of DMARC re:DKIM is it has exposed some issues with DKIM
> implementations that were not obvious prior to DMARC evaluation.  Without
> DMARC reporting some of the problems with certain DKIM implementations were
> simply not very visible.  So I don't actually think the DKIM model worked
> as well as is being asserted.

Which of these problems had anything to do with field ordering? Which of
these problems would have been exposed by requiring a specific
order?

> Second, the existence of such a test suite would have had material benefits
> just within the last ~18 months over which ARC implementations have been
> developed.  We know this because of the immediate benefits the current test
> suite (which does impose a canonical ordering, spacing, etc.) yielded
> almost immediately.

> The suite exposed a few minor but significant issues with the Python
> implementation that was submitted to dkimpy.  Similarly, it exposed that
> the current OpenARC signing functionality is in a much less mature state
> than was generally understood.  In terms of RFC definition, it exposed the
> fact that the current RFC as written required support for insecure 512 bit
> keys - and triggered a discussion on this very list.  In our internal
> development it's forced us to look hard at some of the corner cases and
> raise them on this list or at interops.  Note that most of these issues had
> escaped detection through multiple interops.

> None of the above is meant to insult the associated developers or spec
> authors.  Their contributions have been essential, and the skill and
> dedication they've brought to their tasks is greatly appreciated.  It is
> simply meant to demonstrate the material benefit that this kind of testing
> has already brought.  This is what automated tests do - bring problems to
> light quickly.

> So yes, I think this approach works better.  Much better.

Simply put, I don't. I'm strongly opposed to this, to the point where I'm
likely to significantly deprioritize implementation of this proposal because of
it.

I have better things to do that waste my time watching the sorts of bugs this
is going to cause get shaken out.

				Ned

v2.23.0 | Report a Bug | By Email