Re: [dmarc-ietf] Ticket #42 - Expand DMARC reporting URI functionality

John R Levine <johnl@taugh.com> Thu, 03 December 2020 19:54 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D2E13A09AD for <dmarc@ietfa.amsl.com>; Thu, 3 Dec 2020 11:54:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=e1lV57Vj; dkim=pass (2048-bit key) header.d=taugh.com header.b=kUHUtEQY
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9iKmQ_W9bXdy for <dmarc@ietfa.amsl.com>; Thu, 3 Dec 2020 11:54:06 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEA583A0983 for <dmarc@ietf.org>; Thu, 3 Dec 2020 11:54:05 -0800 (PST)
Received: (qmail 68489 invoked from network); 3 Dec 2020 19:54:03 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=10b87.5fc9425b.k2012; i=johnl-iecc.com@submit.iecc.com; bh=n4q9uWJvq1TcHX9m/ToI9ohaPu9eGZUS01Y3QwZswcI=; b=e1lV57VjlGQG+MWEefcilSd4Pwo5O+B2V920iNHlXBW0g6ct+5Q/Ehi3/AlK+yrWj7vXtYfP3m5WKiPWbJ+zYYrkTgys3pvz8OzEGYmLaX6mTqWX7i+XZ5Hq2SULTiXPKzL8SNNH9kWULdUv8jlX8ChRy2Fa5Q/IF1ptYJ0DHau0flEwhg9L3jqORIroZab9nhLt430hpGQ3FKDrLob0cEnEhoJIofEq/icgHKtr2i77SSsmS0ka7BS4pasfz31qYmUqSttNUB0iK1fqvWXehTlDcaOe7FWdGOVmvlfw6yRZFySMd+/JMcRDUnEedJhcBDjC3Gj7/kgiH8tFE58OQA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=10b87.5fc9425b.k2012; olt=johnl-iecc.com@submit.iecc.com; bh=n4q9uWJvq1TcHX9m/ToI9ohaPu9eGZUS01Y3QwZswcI=; b=kUHUtEQYqkEhX18nJm7Gh5oCzcAUL8IXpnHvmhQr0uZO4S7IMIbtmgRgatoN1caRNK0UGcTxjFNKVsetQ4pXZAMbSrmTLs0MXbo5UcYMv6y4BFZvPTjbX40y5fW/js/Idku0s8ejlggI1w0RUMNn0jvTXYFCzvWofFys0HqI01hB0EBs7iJuJuwFxsVlqbd0Id8hJpjEwp3mmylaND5rOa/DE5Q+RQ+F+LPQP4gTYJEVZGNGxQ0tFx6xbw40yBuUISh5kYIQzR/a157uaRlCzLiptkLwbBt04NUZETehv5yD9waUP4HlOi+7JehZvB336riY4+EBZ1+f3p8gZcAM/Q==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 03 Dec 2020 19:54:03 -0000
Date: 3 Dec 2020 14:54:03 -0500
Message-ID: <a4c256c2-d0a3-1fc1-b585-7b8659cd6a4@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Alessandro Vesely" <vesely@tana.it>, dmarc@ietf.org
In-Reply-To: <f406f70b-3f98-a8fd-db9d-956c000f5c68@tana.it>
References: <20201202233432.D45FB28E1943@ary.qy> <f719b86d-9a7d-f865-3e16-10eaf35e0de0@tana.it> <479cfb50-b98e-fbbe-e7ce-375557cd624@taugh.com> <f406f70b-3f98-a8fd-db9d-956c000f5c68@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/KIbI69Y4sM94YkaMNjkpFFvtitU>
Subject: Re: [dmarc-ietf] Ticket #42 - Expand DMARC reporting URI functionality
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 19:54:09 -0000

>> I'm sorry but this makes no sense at all.
>
> I said so because you said https is faster.  The spec is unclear about intervals, but this is matter for another ticket.

For any given report, stuffing it into a web server with a PUT or POST 
will be faster than base64 encoding it and relaying it through mail 
servers.  This is just arithmetic.

>> Why do you believe that people would not send reports by mail and by https
>> at the same time?
>
> Oh my.  Hadn't thought about that.  It will certainly cause duplicates.

I meant "at the same time" as in during the same reporting run.  As Dave 
noted, if you sent any particular report by https, there's no need to send 
it again by mail.

Systems receiving reports have to be prepared for duplicates anyway since 
double deliveries of mail messages happens.  That's the point of the 
filename on the report, to provide a unique name for each report so it's 
easy to tell if you've seen a report before.

> $ gpg -u 500982D49712C507C236B2D6B8ABBBF9A091CC0D --clearsign < this text
>
> Can you verify it?  I cannot find how to transform the delta selector public key into a pgp public key block.

It says it can't find a public key which is not surprising.  I still don't 
think this is a productive direction to go.

If people really are worried about fake reports, there is a well defined 
way to put a signature in an XML document.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly