Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
Seth Blank <seth@sethblank.com> Fri, 18 August 2017 17:18 UTC
Return-Path: <seth@sethblank.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6356213219A for <dmarc@ietfa.amsl.com>; Fri, 18 Aug 2017 10:18:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sethblank-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uA0f9dHPTcZs for <dmarc@ietfa.amsl.com>; Fri, 18 Aug 2017 10:18:04 -0700 (PDT)
Received: from mail-vk0-x235.google.com (mail-vk0-x235.google.com [IPv6:2607:f8b0:400c:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FBBE120721 for <dmarc@ietf.org>; Fri, 18 Aug 2017 10:18:04 -0700 (PDT)
Received: by mail-vk0-x235.google.com with SMTP id g189so34283415vke.5 for <dmarc@ietf.org>; Fri, 18 Aug 2017 10:18:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sethblank-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=SDRilE9ISirGEZ6MExQxftuf+8B9bh9z6Qd1nhxut1E=; b=TUeOvsD7zZ43jnsIq9g0aLsZOby0ntwLwhHHgKuAkOTkDp6xLzxWygvFNDN0XKrZcq LLY3178ZXJ4hc+cAaFQtqHDhdlZVnmcFGpFiEP4CG7sYHoWPxe3dabk+oXkSDRHkOOAX CzjB4b96XE7x6xAZI/Uj6BPjzveau2ZEFhXNHFb+LDvIJ2F2TJ9iSQRb8as2MOElRA1D zvjn0I+s8jlAlhtftoBb1WPaOz7y6ay5aTifLV/LUnRtVd10Abz8xiVfIMsNt23M76uD Jz0jh9SGHqryl57uEebkK74NWQAlv4YdbKvymd5QbIdsSyuH+uSUSG+Euejj/axH1ebC 0htQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=SDRilE9ISirGEZ6MExQxftuf+8B9bh9z6Qd1nhxut1E=; b=fbVK9tBL/wiQfWfkDjWKPDwM96YSFPodoCHkiHBd+Rsr0TqOk7uCl62WM2azmcCTmc DNP9fcZ2jN5HD/pJGpdwV+siQ3A/6XAjQdS4C91QqdZ4FkJSKTgGj+0VVzcRQSP3Xnw5 ITaHFLr7bWDqMvD/ClvO3MAhvLlqxKl34JmYFV+ddtxuX8w8IRuroPuWkRWpLOLEoQAM 2EWyOC6fqsS9DCVYEi+ihE1UGPCu5K+F1dfPMlCCRO+Enn/Jv7pR4Rbh4L3b2ZThAbTf QSi99HFgXCBuelzxSXX9LV+ZdI1a/9X02eC3yeqrzQej+vCTs6VJnRsZrz+AupWFEOZn 23/g==
X-Gm-Message-State: AHYfb5gTF8dxdQ/n+EIOYS5dxeRiMzhT6a8KwJwCanKi6K00E+Z8Saok LtH6478702VAXPNcjfi4lTtU1u7zq+xw5Gk=
X-Received: by 10.31.3.205 with SMTP id f74mr300137vki.163.1503076683391; Fri, 18 Aug 2017 10:18:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.89.22 with HTTP; Fri, 18 Aug 2017 10:17:42 -0700 (PDT)
In-Reply-To: <f62ca9fc-e73c-82e7-173c-5cdc3c761dd6@gmail.com>
References: <1502083287.2191248.1065195288.7CDC7FF3@webmail.messagingengine.com> <2720431.u3G7bbkkxK@kitterma-e6430> <1502317564.1935379.1068588344.040173AF@webmail.messagingengine.com> <a08c7590-ded3-1642-4ffc-07848b3c6cd2@gmail.com> <e14f2130-6f00-4ef1-485b-850a4cc1c48c@gmail.com> <1502495646.4099176.1070896040.2B09B1F8@webmail.messagingengine.com> <166070f0-4ba1-70da-1f73-885b4a7f7640@gmail.com> <1502497178.4103451.1070917304.23DD466D@webmail.messagingengine.com> <598F9484.7020700@isdg.net> <CABuGu1p=oLfLRkuoaDHoz3Cv3_FrURdsFPzkac7jNzBpqBmiSg@mail.gmail.com> <599484FB.9050908@isdg.net> <1502929303.4038704.1075868960.5D80A788@webmail.messagingengine.com> <CAD2i3WN_bmDgmQBw3pnyu7vWJJM2Kzwgru87VhK=NA_H91B+og@mail.gmail.com> <1502930858.4042926.1075890568.5069945B@webmail.messagingengine.com> <CABuGu1ofdkP6Gdsfin6KfpiTJW39gXz8Fa0iAAmXfcvyWGZxdA@mail.gmail.com> <CAD2i3WPuiMw6Gbdw0E+Gh=yNDfNjECMrqLHKPUspq_h6dnpbnA@mail.gmail.com> <f62ca9fc-e73c-82e7-173c-5cdc3c761dd6@gmail.com>
From: Seth Blank <seth@sethblank.com>
Date: Fri, 18 Aug 2017 10:17:42 -0700
Message-ID: <CAD2i3WMzZY9XS3CwGi-UyGPq75yHb4v2N1UWdYv5jqpE0Owhsw@mail.gmail.com>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="001a1142870cc8b47c05570a4f08"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/SqWgoH2Cii_zvU3eYK1ZFE--zec>
Subject: Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 17:18:10 -0000
On Fri, Aug 18, 2017 at 10:08 AM, Dave Crocker <dcrocker@gmail.com> wrote: > On 8/18/2017 10:00 AM, Seth Blank wrote: > >> >> Right now, we've got deployed code that we know works and improves the >> landscape. Everything else is - rightly or wrongly - conjecture. >> > > > Personal Point of order: > > Using an 'installed base' argument for a brand new specification that > is still in development and has minuscule deployment is not appropriate, in > spite of having a long and storied history of being used to resist a > proposal. > > What's supposed to happen with a proposal is an evaluation of its > technical and functional merits. > So let me be very clear, because I wasn't rehashing earlier conversations from this thread: Right now, everything in ARC serves a purpose, and the AS, AMS, and AAR are all defensible. As we've clarified ARC and dug into putting appropriate data into the AAR, the usefulness of the AS has gotten less apparent - but it still serves several purposes and has been explicitly asked for by several members of the working group. Right now, there is one person - with a valid concern - asking if we really need the AS. That conversation was dug into on list, and the consensus (which that person agreed to) was that his concerns might be right, but the point could be argued over forever with valid stances from both sides, or determined on its merits quite quickly once the ARC experiment begins. My point is, we can actually begin the experiment now. The open technical concerns are around "will this piece matter?" and they're more philosophical than technical (except for the AS concern, which might be practical) - but the data to answer them is at our fingertips, so let's go get the data. Seth > > > The entire point behind bringing a nascent specification to the IETF is to > get review and suggestions from a wider audience. > > > d/ > > > ps. Note that I haven't commented on the merits of this particular > proposal. I like the intent quite a bit, but haven't thought about the > technical or operational aspects yet. > > > > -- > Dave Crocker > Brandenburg InternetWorking > bbiw.net >
- [dmarc-ietf] ARC-Seal is meaningless security the… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Tim Draegen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… John Levine
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Scott Kitterman
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… MH Michael Hammer (5304)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… mhammer@americangreetings.com
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos