Re: [dmarc-ietf] Overall last-call comments on DMARC
Alessandro Vesely <vesely@tana.it> Wed, 03 April 2024 11:16 UTC
Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3DD6C151552 for <dmarc@ietfa.amsl.com>; Wed, 3 Apr 2024 04:16:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9azose9byspR for <dmarc@ietfa.amsl.com>; Wed, 3 Apr 2024 04:16:45 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [94.198.96.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34546C15154F for <dmarc@ietf.org>; Wed, 3 Apr 2024 04:16:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1712142997; bh=d0KJWcx7qQrKC+8tIFkrCi/p1RZbz8gEPDFYVQSvvXw=; h=Date:Subject:To:References:From:In-Reply-To; b=AVrjFHPPZl97Heg8Mp+aGNKewPCE6TQ3J+349K+rO6WRvtcJ/ShrmXNnfqe159oOz zJALlEmR2MAfZpY2SIq6czXQz/CAcJC+ng51sCKOTkdn7BkMNG9Zv6lxFIXWtbidIG 5Wlsx9SJ1LAZe9/kEdSTMY/Pwjr3Z+xlht8mRFKIDHnoXAskAYzihZd4OQSPa
Original-Subject: Re: [dmarc-ietf] Overall last-call comments on DMARC
Author: Alessandro Vesely <vesely@tana.it>
Received: from [192.168.1.3] ([::ffff:95.236.137.159]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0CD.00000000660D3A94.0000297E; Wed, 03 Apr 2024 13:16:36 +0200
Message-ID: <f5f55a39-127d-4a84-a66b-950379ecb013@tana.it>
Date: Wed, 03 Apr 2024 13:16:36 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US, it
To: "Murray S. Kucherawy" <superuser@gmail.com>, dmarc@ietf.org
References: <CFEA2796-9213-4847-836B-81E8770973F5@bluepopcorn.net> <5208da1b-ecfb-4d41-8506-a734a27ab3a0@tana.it> <CAL0qLwbnSe77Wdt+M8bi2pBmZFCZjDUQc6je9bjCzP5TQ0N6XA@mail.gmail.com> <49859572-18a4-483b-bb99-62c1c231896e@tana.it> <CAL0qLwZc6idmMra11pVx2bbtk2Em9-vy6+962M7jDWOMnP+UHQ@mail.gmail.com> <1ee6df39-a622-4060-83db-bcc9a7a835d4@tana.it> <CAL0qLwYX_D7S_-Vn9RwwRzwyNO=8=3UVqbP8rz3SCWG4dvGZig@mail.gmail.com>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
In-Reply-To: <CAL0qLwYX_D7S_-Vn9RwwRzwyNO=8=3UVqbP8rz3SCWG4dvGZig@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/LaocYAXrMQKytoXZJX-r4rrHOgY>
Subject: Re: [dmarc-ietf] Overall last-call comments on DMARC
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 11:16:51 -0000
On 02/04/2024 20:16, Murray S. Kucherawy wrote: > On Tue, Apr 2, 2024 at 9:01 AM Alessandro Vesely <vesely@tana.it> wrote: > >>>>>> By now, most mailing lists arranged to either rewrite From: or not break >>>>>> DKIM signatures. We all hope those hacks are temporary. >>>>> >>>>> What do you mean by "temporary", given the time scales that have already >>>>> passed since RFC 7489 saw wide deployment? Do you envision those >>>>> techniques ending sometime soon? >>>> >>>> Yeah, the time scale is killing us. Is ten years soon enough? >>> >>> You tell me. You say you're hoping they're temporary, yet they've been >>> around a long time and I'm not sure that there's an alternative on the >>> table. I'm asking you to explain. >> >> I believe alternatives are possible. Can't say how long it's going >> to take, but I presume when they are available, the nasty hacks >> will slowly fade out.> > So what are you suggesting should go in this document that's in WGLC? Section 8.6 states the ML problem very well, but it says nothing about the way forward. Section 5.8, cross referenced with 8.6, talks about "other knowledge and analysis". Neither that is forward looking, as it seems to suggest some kind of presently available, heuristic content analysis. Some sort of contract or agreement between sender and receiver seems to me to be unavoidable if we want to leverage ARC without having a global domain reputation system. We don't have a precise method to do that. We need to experiment and standardize something to that extent, which I hope this WG can do after publishing -bis. Meanwhile, we can mention ARC, in Section 5.8 (minimal text proposed in another thread[*]). How much can we expand that? For example, can we whisper something about the need to trust specific sealers for specific streams? In Section 8.3 the draft says: 550 5.7.1 Email rejected per DMARC policy for example.com I guess it would be too much to say: 550-5.7.1 Email rejected per DMARC policy for example.com, 550-5.7.1 ARC seal by forwarder.example verified but not trusted. 550 5.7.1 See https://receiver.example/arc-streams-registration/ Wouldn't it? Best Ale -- [*] https://mailarchive.ietf.org/arch/msg/dmarc/1aPplXPF1cYpnRzYHgxsTCPPzHg
- Re: [dmarc-ietf] Overall last-call comments on DM… Alessandro Vesely
- [dmarc-ietf] Overall last-call comments on DMARC Jim Fenton
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Standards Track? Yes or No. Douglas Foster
- Re: [dmarc-ietf] Overall last-call comments on DM… Alessandro Vesely
- Re: [dmarc-ietf] Overall last-call comments on DM… John R. Levine
- Re: [dmarc-ietf] Standards Track? Yes or No. Alessandro Vesely
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Overall last-call comments on DM… Alessandro Vesely
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Overall last-call comments on DM… Alessandro Vesely
- Re: [dmarc-ietf] Overall last-call comments on DM… Douglas Foster
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Overall last-call comments on DM… Alessandro Vesely
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Overall last-call comments on DM… Douglas Foster
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Overall last-call comments on DM… Dotzero
- Re: [dmarc-ietf] Overall last-call comments on DM… Murray S. Kucherawy
- Re: [dmarc-ietf] Overall last-call comments on DM… Jim Fenton
- Re: [dmarc-ietf] Overall last-call comments on DM… Douglas Foster
- Re: [dmarc-ietf] Overall last-call comments on DM… Tero Kivinen
- Re: [dmarc-ietf] There is no pony, Overall last-c… John R. Levine
- Re: [dmarc-ietf] There is no pony, Overall last-c… Jim Fenton
- Re: [dmarc-ietf] There is no pony, Overall last-c… John R. Levine
- Re: [dmarc-ietf] There is no pony, Overall last-c… Hector Santos
- Re: [dmarc-ietf] Overall last-call comments on DM… Alessandro Vesely
- Re: [dmarc-ietf] Overall last-call comments on DM… Neil Anuskiewicz