IETF Logo Mail Archive

Re: [dmarc-ietf] Is From spoofing an interoperability issue or not?

Scott Kitterman <sklist@kitterman.com> Fri, 21 April 2023 16:44 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B0E8C151544 for <dmarc@ietfa.amsl.com>; Fri, 21 Apr 2023 09:44:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b="iAGItvuU"; dkim=pass (2048-bit key) header.d=kitterman.com header.b="hN06Q8/W"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OKnmIwOTgpwx for <dmarc@ietfa.amsl.com>; Fri, 21 Apr 2023 09:44:00 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31F15C151530 for <dmarc@ietf.org>; Fri, 21 Apr 2023 09:43:59 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id BEEFBF8027F; Fri, 21 Apr 2023 12:43:49 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1682095415; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=na2QozIc18g/dO6trmmnA3tEmta2YX5qHsKVtsfn3JI=; b=iAGItvuUmHeDEEF0eMoOYZ9Uf+dsleFwmxy60Hbk09Fzaq6TP9WBfMY3PbiTzLZZVfWjH aX7NgWBT0NNgUB0Ag==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1682095415; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=na2QozIc18g/dO6trmmnA3tEmta2YX5qHsKVtsfn3JI=; b=hN06Q8/Wswl4sctoMDwVvsLlKiCoc/biLvXSpDci4HN/iQSTN29nAmiBjjMZwKpqYxyg7 VPlQ3sFoYsy9LDJypy410BQ8feElV3GZodSzYwdqNYuipHXDTGwxq3ZbomjJ5DNifKftYJL MOFBC3t6SysSh+1qlUd/Ujq71xBXm1QhW57HRKUGvWuTBHs8TX4bPnrMy//zupxdUOTpbBo CcrUXkRa+wYy9A+UXmdcAUTf180Pl9+VcuGXs3/AOJWmDDoZvjuxjbt4zLQSARss8JoC0El j0oYBCn9budhlvMHCFTU46IomzPw0Jsvll/rrsM73gI78TBYYUE1eoweSU/g==
Received: from [127.0.0.1] (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id EBCF2F80239; Fri, 21 Apr 2023 12:43:34 -0400 (EDT)
Date: Fri, 21 Apr 2023 16:43:30 +0000
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
In-Reply-To: <7e2ae4c0-6ebf-4539-55b9-e5d85765a024@tana.it>
References: <0abf9711-ca1c-bfcf-afb2-15e16b9de149@tana.it> <20230420153727.DB568C106CE9@ary.qy> <CAJ4XoYeyoOYeXW1QN+yeMbxt4SF7Kn2Xi=FP7VmX4MhKiDi9hQ@mail.gmail.com> <C3D9E708-EDC7-43BC-AE5E-DF4FFAECCC2B@kitterman.com> <7e2ae4c0-6ebf-4539-55b9-e5d85765a024@tana.it>
Message-ID: <185759A8-10CD-40F8-89C8-FE774B077F52@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/RZJMRSBY8vwle3GM2qddV7feHwU>
Subject: Re: [dmarc-ietf] Is From spoofing an interoperability issue or not?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Apr 2023 16:44:05 -0000


On April 21, 2023 3:57:54 PM UTC, Alessandro Vesely <vesely@tana.it> wrote:
>On Fri 21/Apr/2023 05:41:03 +0200 Scott Kitterman wrote:
>> On April 20, 2023 4:18:08 PM UTC, Dotzero <dotzero@gmail.com> wrote:
>>> On Thu, Apr 20, 2023 at 11:38 AM John Levine <johnl@taugh.com> wrote:
>>>> It appears that Alessandro Vesely  <vesely@tana.it> said:
>>>> 
>>>>> IMHO at least an appendix should say that if you can't do anything better you have to rewrite From: with examples of legitimate display-phrase, expanding a bit the first bullet in Section 11.4. That can also be a good place to explain the kind of damage DMARC causes. >>>
>>>> Absolutely not. This sort of thing is utterly outside the scope of our job and wasting time on it just further delays our already extremely late work.
>>> 
>>> +1
>>> 
>>> There are many things John and I may disagree on but he clearly understands why avoiding scope creep (and bad ideas) is important.
>> 
>> Definitely agree with both of you on this.
>
>
>Eeeh, what an uprising!  I just proposed a couple of paragraphs, not a new rocket science theory.
>
>As for the badness, why wouldn't a concise but detailed explanation be better than obscure forbiddings and dark forebodings, such as MUST NOT be used by humans or interoperability will break down?
>
>BTW, what's the outcome of that discussion?

That, specifically is a question for the chairs, so no idea.

There are a nearly infinite set of few paragraphs we could write that would make things clearer.  If we ever want to finish this, some of them need to be out of scope.

Scott K

v2.23.0 | Report a Bug | By Email