IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields

John Levine <johnl@taugh.com> Sun, 07 June 2020 19:52 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8057B3A08AF for <dmarc@ietfa.amsl.com>; Sun, 7 Jun 2020 12:52:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=RVEEztAV; dkim=pass (1536-bit key) header.d=taugh.com header.b=IotS0lu6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6lp7qNAtmJiT for <dmarc@ietfa.amsl.com>; Sun, 7 Jun 2020 12:52:31 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE39E3A08B0 for <dmarc@ietf.org>; Sun, 7 Jun 2020 12:52:30 -0700 (PDT)
Received: (qmail 65936 invoked from network); 7 Jun 2020 19:52:28 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=1018e.5edd457c.k2006; bh=CSjLjgLzDzTcF+M2CNYc8ROktmIEdgyro0ONBI3vPlI=; b=RVEEztAV9bsUntmUqdovuH/JuVN4pmRO9UIv4Y+YoG+6Picw5lqmywzNKPDllMqXfOXIamzzLMoeo2q19F0s1kTyaOLAXtnncJbKkz7JwoChkK3bxZOrdOZBcBA4TFhbVNWgZfb10fvaZjJirMxaU035N6CP1i8NJNEJjiuPsWKVRr9+NZqSFLrnqvdpHz6yYZ4z3ISzqlYrWnexWU/BCopj64HJLbbCuqEKP12mfkFwrxgYEy9KV2PCJTQR8kQ/
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=1018e.5edd457c.k2006; bh=CSjLjgLzDzTcF+M2CNYc8ROktmIEdgyro0ONBI3vPlI=; b=IotS0lu67817fCdFjYvFOZAVW1hdDMT+g833KeEw642odQZ4b/Q9T8rNn3ZUsHpQCbGAD9vaEHch7++NIsDBEXOltDWuKam1dSsC4xvAkT0NCwaMVqpMn47UChnKNsXGFXlRIG9zeS1FfaleyK5Tqp2JF4+W5a1mNgH0Two4rpmrOGT62P9pZSpbni1bDK3xpg6tQ4iIfA96V1MtYqCfh69iX7w3lnFL/PCjCO9kASEPluJjtnhZD7SFT+mI2DfH
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 07 Jun 2020 19:52:28 -0000
Received: by ary.qy (Postfix, from userid 501) id 70FC51A44FEC; Sun, 7 Jun 2020 15:52:28 -0400 (EDT)
Date: Sun, 07 Jun 2020 15:52:28 -0400
Message-Id: <20200607195228.70FC51A44FEC@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: stan@glyphein.mailforce.net
In-Reply-To: <46e045ae-9691-4f5b-86bf-142c066458d8@www.fastmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/LNqZD_3sibK9rbk00Me1IhR6QnQ>
Subject: Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jun 2020 19:52:33 -0000

In article <46e045ae-9691-4f5b-86bf-142c066458d8@www.fastmail.com> you write:
>-=-=-=-=-=-
>
>On Sun, Jun 7, 2020, at 9:16 AM, Douglas E. Foster wrote:
>> 3) Some of the discussion has been about how to prevent soclal engineering of the recipient user. This is an important
>topic, but not directly related to the project. IETF would do well to establish some recommendations about how MUAs should
>behave, so that trust data can be displayed to the user.
>
>Assuming this can be practically done, I would rephrase this, "...[E]stablish how MUAs should display trust data to users."

We have decades of experience that tells us that the IETF is hopeless
at UI design, and our intuition is usually wrong.

In particular, displaying warnings that "this may be bad" or even
"this is extremely bad" is known not to work. No matter what you say,
people will click through any warning to get to their kitten GIFs or
porn or whatever.

v2.23.0 | Report a Bug | By Email