Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd

Ian Levy <ian.levy@ncsc.gov.uk> Fri, 06 December 2019 08:00 UTC

Return-Path: <ian.levy@ncsc.gov.uk>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E48B120220 for <dmarc@ietfa.amsl.com>; Fri, 6 Dec 2019 00:00:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYipLD3RwRqC for <dmarc@ietfa.amsl.com>; Fri, 6 Dec 2019 00:00:51 -0800 (PST)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110097.outbound.protection.outlook.com [40.107.11.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA3B212000F for <dmarc@ietf.org>; Fri, 6 Dec 2019 00:00:50 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F7ergiJQIDyVJsw6td6U6WcDweK39LZg8BJV442033uoVhEDFV2zyDsEcppec9oLRnJbx0WYDz87Ln8lN9T6BjaQTSdhqVLc6bGReuHB1N2p7j3OPDzSz+r7YxELxujUBOGLedEARV5uRVQdGfe4zlYomuUBqUQzGE67BahJU2v96pmEAAvuY4QoDwEod+k1hgAavA9Qlvd0M19ME/xBaa0V/Oo6TsgljfrGl9t+TFVLsjlzaO5Xj4PmUz3lLQtaY+muLBmShdyMfUZ0koBrdPGdNv77ozvJ2moAbg5ZvoAOwn7RdDXbXYsy3zyuXeoDx83bkXBzCnkITv/PU6wc9A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rj7tKTjOf4asY14NCDJ/mpiUilwJxJfzELtUH9mttFg=; b=AP51leIaydV9VSF5JJQj84O6ye6ZDJwiPsIk4nblGnh4zeENIoqIJ6IIfVylB2B+UuHK5ATljccAvTFxrU6so0GYkPBwZ8ouxBzTRTyj/TTFRWxYCppC1uDJTayNQ8zT1OAxPRb/l+CFsIzruKFAKuNfZY3fLjM2CmpAyYmPVjCPB6t/3YHdwWbqdSD8tp6oHEf8ZpfPm8mrLWKpq1X4jztgHIqam6hjM51AlXFsVTj67VMzmBn4j1looeW5gIND+GWc54gYnZhdYZ9DAWIRIHreDYs4F7ksOh8arJFMOc/mgZQi0Bt38JSz/yU1IONDlTVOL3UOT03SPJ8y2DVFUQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rj7tKTjOf4asY14NCDJ/mpiUilwJxJfzELtUH9mttFg=; b=P5L4a+YEPwa6B/0x6ANXJfJd6sn1kw7k3MGtSu/8/FDYygePq+FAMqh25Vebuya+svB1+kWB7+gcW/z5lVSKe99/9HWK5yZRGEiX8/3OS7p0UnvwR4rbfKUaw+ppwpjh1vn6rjawjoJaUlwlClSRiMEQ8qtB36tgGd9T+aDh+vs=
Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM (20.176.157.151) by LO2P123MB2590.GBRP123.PROD.OUTLOOK.COM (20.176.154.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.12; Fri, 6 Dec 2019 08:00:48 +0000
Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::b07d:fef5:217b:2f3d]) by LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::b07d:fef5:217b:2f3d%7]) with mapi id 15.20.2516.014; Fri, 6 Dec 2019 08:00:48 +0000
From: Ian Levy <ian.levy@ncsc.gov.uk>
To: Alessandro Vesely <vesely@tana.it>, IETF DMARC WG <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Comment on draft-ietf-dmarc-psd
Thread-Index: AQHVUkRUHW06UOOZ+kq6kqLLLMMrLqcaPC6AgANurWOAaHWPgIAADzIAgAAY2wCAAGFPgIAAblcAgCMwBICAADGdgIAC9Lzw
Date: Fri, 6 Dec 2019 08:00:48 +0000
Message-ID: <LO2P123MB22856E5CB48BC4D92F5C46ECC95F0@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM>
References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <CAL0qLwacbAT04tckpPcRcnOt=1QByOBeJ7uDf6rNK6NRwtxZYg@mail.gmail.com> <ffa2bf72-3024-237b-86ae-9cc04babeec6@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <CAL0qLwbp2hNrgF_xxhKRRODQ6HP=U5_K-r3Wtm1wJZOZcKup3g@mail.gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <CADyWQ+GSP0K=Ci22ouE6AvdqCDGgUAg3jZHBOg3EwCmw=QG84A@mail.gmail.com> <CABuGu1obn55Y2=CuEYRYCEO3TYYNhYTsdkesQ67O61jRyfO=wA@mail.gmail.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> <CAL0qLwZnomZJTbFB=dfFdw2vWg7B0ObRuoage3pcWaYmP9Kp4A@mail.gmail.com> <df19dd96-b346-795e-2ffa-92aeffe8105d@tana.it>
In-Reply-To: <df19dd96-b346-795e-2ffa-92aeffe8105d@tana.it>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ian.levy@ncsc.gov.uk;
x-originating-ip: [51.140.114.144]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0c571c43-9115-45ca-78cc-08d77a2267a7
x-ms-traffictypediagnostic: LO2P123MB2590:
x-microsoft-antispam-prvs: <LO2P123MB259068EAFCC088FA5FCA79E6C95F0@LO2P123MB2590.GBRP123.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-forefront-prvs: 0243E5FD68
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(136003)(39850400004)(346002)(376002)(396003)(13464003)(199004)(189003)(55236004)(102836004)(76116006)(64756008)(7696005)(66556008)(76176011)(110136005)(66476007)(99286004)(66946007)(26005)(71190400001)(71200400001)(5660300002)(186003)(86362001)(33656002)(229853002)(316002)(66446008)(9686003)(6506007)(55016002)(53546011)(44832011)(14444005)(11346002)(66574012)(52536014)(305945005)(25786009)(478600001)(45080400002)(74316002)(966005)(2906002)(8676002)(14454004)(8936002)(81166006)(81156014); DIR:OUT; SFP:1102; SCL:1; SRVR:LO2P123MB2590; H:LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: t/MivcYoo2t/77PFPaHuQ6U7xbZ5jTLV/iAcVsJqa/cwpntDVy5LAttkwqVAGmqynpn06d6VCT9lTwKhqXvYrmLEGXtcEboFChFIOcjLguKDu4SBXZUbOPIrHga5ItkGOZJEIn3D5JMB4pA69MAkWaAWUHphQ794wXQgW/pi3yGQmgXCQCV/+j7wG2ylNyW5P7AK6GXfMSe1CxIds2KpeR6T5pJwksemtTXB4tylFaTnjV9zo3fGoqHoSwZxno0lMD4Gk0JSWapHg3Z+ydI/f58AowR8dxxNagobGrJWaUZsBR0skP9c3UNubMtsWC6xmRFgNrh0L0i9vSeMZrOpc3CVZMGGaej4draPeupuKYa490gkuHINM76nUBDK1vmqwebdamOrEXYQhdTngNIX35u06XCKu/KFBdEn/+IV+NvnAkVEhQ/C1i78X+HmpP2fwPyzvSMC4+g7nrl1DRJkS9vbCwaZ6vyuOFAn0IRkmdVwfmgrs1huSw82OkGIAsK6wY3eJWDr7HdAXnEO71k6GDO1mSdmKl76r7RyMUCDcQo=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 0c571c43-9115-45ca-78cc-08d77a2267a7
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Dec 2019 08:00:48.0960 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dR1VIjGlk4yEfaqAfA+/mPNyS2ruWnCsvTxIil3N3PJ8jRC8VICNufXUOXk7iBl11o6ZWJRrIMB0DjRhVuNsdw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB2590
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/KImdBiQda2-c3Hh-D3K2b2LKoC0>
Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2019 08:00:53 -0000

> Perhaps because I don't get so much mail from gov.uk

Ale,
We can fix that for you if you want :-). 

Seriously, if you want to try some volume testing, let me know off-list and we'll try to sort something out. 

Ta.

I.

--
Dr Ian Levy
Technical Director
National Cyber Security Centre
ian@ncsc.gov.uk

Staff Officer : Kate Atkins, kate.a@ncsc.gov.uk
Pronouns : he/him

(I work stupid hours and weird times – that doesn’t mean you have to. If this arrives outside your normal working hours, don’t feel compelled to respond immediately!)

-----Original Message-----
From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Alessandro Vesely
Sent: 04 December 2019 10:40
To: IETF DMARC WG <dmarc@ietf.org>
Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd

On Wed 04/Dec/2019 08:42:09 +0100 Murray S. Kucherawy wrote:
> On Mon, Nov 11, 2019 at 2:21 PM Dave Crocker <dhc@dcrocker.net 
> <mailto:dhc@dcrocker.net>> wrote:
>
>>> * add text to the PSD draft making it clear that what it's describing is
>>>   an experiment whose outcome will be taken only as feedback to the
>>>   revision of the standard (i.e., this is not intended to be the final form
>>>   of anything), and it is not intended to be deployed outside of the
>>>   experiment's participants;
>>
>>  Forgive me, but while everyone involved in this has extensive 
>> experience  and is trying to solve a real and serious issue, this is 
>> an astonishingly  naive view.
>
> I don't think it's based entirely on naivety.  I think there's a 
> healthy dose of feeling that the experiment as it's currently designed 
> couldn't possibly scale to "the entire domain namespace" and/or "all 
> servers on the Internet", so in that sense from where I sit there's a 
> built in safeguard against this becoming a permanent wart.


After installing the DKIM/DMARC filter that implements PSD, I can say that the impact is unnoticeable.  I didn't carry out precise measurements, I just didn't notice any delay.  Perhaps because I don't get so much mail from gov.uk, but I don't think I could reliably measure a positive delay even if I were a strict correspondent of Boris.


> Rather, it's primed as a possibly useful data collection exercise.

Kurt also talked about reporting some findings.  I'm embarrassed, I have no idea what I, as a receiver, should report.  What data should I, and other receivers collect?

IMHO, the experiment should be conceived as having it run by as many receivers as possible, so as to have a noticeable effect on senders.  They can collect aggregate reports and make a comparison.


Best
Ale
--


















_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdmarc&amp;data=02%7C01%7Cian.levy%40ncsc.gov.uk%7C969a778d73d4449d0d5708d778a64df4%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C637110527988698509&amp;sdata=IUFTCWhr1rc6I7vWMTk26NpayRjxXsnV4qqAU%2BmoOPg%3D&amp;reserved=0
This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright ©