IETF Logo Mail Archive

Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations

"Murray S. Kucherawy" <superuser@gmail.com> Sun, 19 July 2020 04:23 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A95423A08BD for <dmarc@ietfa.amsl.com>; Sat, 18 Jul 2020 21:23:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3vG3aduI0nEs for <dmarc@ietfa.amsl.com>; Sat, 18 Jul 2020 21:23:50 -0700 (PDT)
Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77EF83A08BA for <dmarc@ietf.org>; Sat, 18 Jul 2020 21:23:50 -0700 (PDT)
Received: by mail-ua1-x92d.google.com with SMTP id l12so4049719uak.7 for <dmarc@ietf.org>; Sat, 18 Jul 2020 21:23:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HikvOiCHrBwVNLYyzNxDLHJDyE2ZVBrfrsaflUKSBhc=; b=Gs3DRkYBDlTENW0B8eDUWOB4yAmfgbQKLA+1xaWO5zHw6XPyJKsn1Ce5hT2jC4jR1x gRu18qgjyZygIqWt+2FUgxKj71Gww1QLTi89303b9Dlm79BwjRYKnh9Xwu+v1+9HAwsk ori2TAXW8msOZocFLHElTnWzUhtNHnNpf5If+XBaB8PT8nF2UyKmMMAtsQhMk12/31QK 1TeyQKyRxq6dGNKUW/eMnx5x3vwDKS3OpyXwe/tfzqaAJJYv/EydZCtK+d2jLyQpghzb WaGl1NDI0tP9zDhJftmI4X3SOKzJFfLSb7TVtv5Fo5XpqjVgCfQ5qLFTplWfAkB28du0 vAEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HikvOiCHrBwVNLYyzNxDLHJDyE2ZVBrfrsaflUKSBhc=; b=NTgbVnsk4Ww3aMXtmLe6MBcJCHPB9MJS0GCrGsCLTspo3Y8J34Bqar2nAr8XzVvyap 4H9+saKTkQVJWCCpM/ISoH7Y0OUr2Zq5NMEXQ3nMfSCi2n6O8aFphpbDuLRMG7YfQDRx JX0c4GuSPTuxljpTTPYpM0E8CBIk8mDv8X9HOVgv+jhZetqgw6c1WJVOH9whDKFfcP1P qdJV/0XtzI3XrmB4s1emLxoyJyJUX4MgEuQnkq5JjNQD8EMk864eRRihCVnv2gFQv2zF 0JchBEqVFErz2M4Y4V5Daa0AsK02/OJSKSbSy5nMgQIAA29jvO4K88gPjs2HWO/sN8vd Kpzg==
X-Gm-Message-State: AOAM532lLtQe0ZustxcSguiPt99/jAqdnr2m+Hmt1pDRYtflRBltayU5 m09w347T59DsWiJY5WLmD+UcYxvpLYheydEpJfw=
X-Google-Smtp-Source: ABdhPJzH75D9hUO4WzuLMlNOzuZrtP1uOEnStWEN9JKO6De7skm/IzQ+IGq9WC9VRhKQuTlIbmOm3ZG+sVJWZOaIiR4=
X-Received: by 2002:a9f:3806:: with SMTP id p6mr11888290uad.101.1595132629235; Sat, 18 Jul 2020 21:23:49 -0700 (PDT)
MIME-Version: 1.0
References: <cd9258e6-3917-2380-dd9b-66d74f3a64d3@gmail.com> <20200717210053.674D61D2C431@ary.qy> <CAL0qLwbkhG-qUyGqxaEjcFn2Lb7wPMhcPFEMA8eqptBJpePPxA@mail.gmail.com> <8efcf71c-f841-46a4-10b7-feb41a741405@gmail.com>
In-Reply-To: <8efcf71c-f841-46a4-10b7-feb41a741405@gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Sat, 18 Jul 2020 21:23:36 -0700
Message-ID: <CAL0qLwbK7GQXkiS+H8GtsvHMzWr4o431Shc7Cc9MhqsTiHfzFw@mail.gmail.com>
To: Dave Crocker <dcrocker@gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bc3fb205aac3c116"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/P6-4mvdCrRVXEz6DQXGunBsRKqA>
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jul 2020 04:23:52 -0000

On Sat, Jul 18, 2020 at 6:32 PM Dave Crocker <dcrocker@gmail.com> wrote:

> If end users do not reliably make trust decisions based on /any/ of the
> information in the rfc5322.From field, then how is this question
> important.  It seems to be seeking precise data about something that
> isn't even secondary.
>

Google strikes me as the kind of place that would make a decision about
what to show users based on data, so I was wondering if they have any,
because I seem to remember them talking about this back when DMARC was in
development.

While I'm intrigued by the discussion about the domain name isn't visible
and thus may not be as important to protect as we originally thought, I'm
less convinced by the notion that all of the RFC5322.From is disregarded by
the preponderance of users when deciding what level of trust to put in the
message's content.  That suggests we blindly open and read absolutely
everything, and I suspect that isn't the case.

-MSK

v2.45.0 | Report a Bug | By Email | System Status