[dmarc-ietf] DMARC forensic reports (ruf=) and privacy
Дилян Палаузов <dilyan.palauzov@aegee.org> Sat, 26 January 2019 11:37 UTC
Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FE0313119E for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 03:37:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEs82_8Hm35C for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 03:37:46 -0800 (PST)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09AED13119B for <dmarc@ietf.org>; Sat, 26 Jan 2019 03:37:45 -0800 (PST)
Authentication-Results: mail.aegee.org/x0QBbfUm024256; auth=pass (PLAIN) smtp.auth=didopalauzov
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1548502661; i=dkim+MSA-tls@aegee.org; r=y; bh=ZAr7AirdIm383HBIJ79hhjE8DgOr7hXljSzxPQwXMqs=; h=Subject:From:To:Date; b=Uj1SFul+sSVj/b11ymhYc6SaXxPzdnYp61n3vXatzk0XPpbdCGovuZc5s0wTn8Pjv 2UBHZmvNJPLxU/qlShp7Cak/pWtmh5m1p7d6A/kL0atogH0Tvn/OEcWg/7YmseReGS a9pyMiPASCyZGfb5hORoW/0na2gUVLwKcp4A9Ooz/tQXbseSBiyuxYhJoRjiZfBN0f mtw6TlqGPqw+9B0E2J5xJaWtvdbhIGIy5h4z5Ta/dpzUVU5Q6RS2asr0Ke6R44rK1r Y6FlPEZmARfwrkPDiQj7U68gI/vUWjXsUHMVB6euNtc6fFUez7j5Xy4wXjQbZTmFkh 7fgU+lftfURZr8rOJwjCvwncanR2xoD486cdqTKVipBhiDjjca/mVgqQcLvzE0M1Ml XOEB5uCKaaF76FzlV5ZJ4BHZci+Ryl60FEe7+AbvqxiQR3xjrW5Qk/PCiVwgbnFmU0 veylTDKaJonamYMWhBeGKNTzFM59D6ZuG5Gu7RjEsSzjDa4KVculJMMp5fER3jUfib lsBfid0UWH9RYPBMiDpgwTbAP1aAgctMT2oL0FDixPun7myjBpSRYX3nsL39sOJARt F+Iy4YZ+cjuCVAI0uzxV1hubaEApaaJXjFHzvg/wpq7nkWXqTVlSoGpGOJTwXGUm2Y /jrvikDHOhiHZ7spMlwDRIIg=
Authentication-Results: mail.aegee.org/x0QBbfUm024256; dkim=none
Received: from Tylan (adsl-62-167-97-198.adslplus.ch [62.167.97.198]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id x0QBbfUm024256 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <dmarc@ietf.org>; Sat, 26 Jan 2019 11:37:41 GMT
Message-ID: <40a9f309a70254b799f8bc3e42cbec2f5cf9dd7b.camel@aegee.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
To: dmarc@ietf.org
Date: Sat, 26 Jan 2019 11:37:41 +0000
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.31.90
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.1 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/SsAKww1FHujNQz4_k93k7xYlM70>
Subject: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jan 2019 11:37:49 -0000
Hello, for a smooth working DMARC DKIM signers and verifiers must be interoperatable. When a server DKIM-signs a message and sends it to another server without intermediates, the latter shall be able verify the signature. Imagine, the DKIM validation fails and the ruf= dmarc report email address points to the sending server. What are the privacy concerns in this simple scenario that speak against sending a DMARC/DKIM report to sending server, telling that the DKIM validation fails? https://tools.ietf.org/html/rfc7489#section-9 mentions some privacy thoughts, but these are not applicable when the sending server obviously has already the reported message and no intermediates are involved, that could expose additional information. Regards Дилян
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- [dmarc-ietf] DMARC forensic reports (ruf=) and pr… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Vladimir Dubrovin
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Dotzero
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Kurt Andersen (b)
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Vladimir Dubrovin
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Alessandro Vesely
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Scott Kitterman
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Brandon Long