Re: [dmarc-ietf] Good paper analyzing inter-component flaws in email security
Dotzero <dotzero@gmail.com> Fri, 14 August 2020 19:16 UTC
Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C39583A121F for <dmarc@ietfa.amsl.com>; Fri, 14 Aug 2020 12:16:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BrrqoqhKP3dZ for <dmarc@ietfa.amsl.com>; Fri, 14 Aug 2020 12:16:13 -0700 (PDT)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D87973A1206 for <dmarc@ietf.org>; Fri, 14 Aug 2020 12:16:12 -0700 (PDT)
Received: by mail-wr1-x42e.google.com with SMTP id f7so9272058wrw.1 for <dmarc@ietf.org>; Fri, 14 Aug 2020 12:16:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ybc8nVVebsumHwtWYqIN7+SuKomkaWXzk/3yDakchP0=; b=vOoSGaV20FVzQuPXgbpAM3EvrHzH6s0tFKvc+zlRZTJQOooJZYA7lUVUGEE45tKk23 bAg6x53ImgfjfuECFEjvfUey06VRxEXhXDoLN8K41sBQyiJdVA+7PeYLR9S6Wp+XHA6q Hc0cW1gSvEXAsXprzT4bE3uLSD0I6j1Zm7RjQRhXNS6xdyvZw5i+4nut0R1diHM1/jM5 CmSlrMRyStY45GIB45NfFlSYEzQP9mRfqGGGhVMFQWTVbYw9kVvzKOLCZVVC730FRPaa R3/5uc41wPDOD4ZTPuXLJBaAl3k5UJj1HUhFTRG13S5x2CTSEs4whOGjm7/1vy3V2C4p y1Pw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ybc8nVVebsumHwtWYqIN7+SuKomkaWXzk/3yDakchP0=; b=KwMBNNY4A0wQQ2Xp2/70rTS59+JEx7kQr1gaynElOtqdqX9l+mIZ8plZju03za672R ZqR3ATy/s4VOMUmcMCjgn6HwXtv32U6jrbHQoSAEMLge4x0AGLBHJlQE0aeY/+oL45/f SbH58R9BDzoQ4TKmnFgKG8aDVoyMgNcE4jDS3w2VEfJWWMtgOtygjnlE9ksy3Th0H6Dk qfI8VqfrOIKPg8OAf5qx7OfusYhEMFdxHx8qdlXXwQRQI9pA7qCnAodXBXPIiaISMMLf 1NcC11GbkHNUpP7u2lClG97Saspb/xAV7yQv0BZ6TLBAlGOZOlY+pfVXIqOrY/OPoZus JaeQ==
X-Gm-Message-State: AOAM531FSyJ0nwyYJOgsYzfb/zv/CAqex7Z4Zn1+SQLF8dX+gCRr3p2R y0frlimyyNhpBAJw2VGh/5ZfJwjNbBXqxSyOAM1QvDPF
X-Google-Smtp-Source: ABdhPJwxN/zt9sc1p5cxjoU+XztcyyELSAovUXCAsuAokrJN15obDWYaktrnCTR6d17XR9wiYXE6JLxSggq9jJvtlgs=
X-Received: by 2002:adf:f289:: with SMTP id k9mr4028217wro.203.1597432571175; Fri, 14 Aug 2020 12:16:11 -0700 (PDT)
MIME-Version: 1.0
References: <CABuGu1rpTfs5fNCbtgQMTCfCM8Gj54S9VHGk9wm+_-UuaHMxQQ@mail.gmail.com>
In-Reply-To: <CABuGu1rpTfs5fNCbtgQMTCfCM8Gj54S9VHGk9wm+_-UuaHMxQQ@mail.gmail.com>
From: Dotzero <dotzero@gmail.com>
Date: Fri, 14 Aug 2020 15:16:00 -0400
Message-ID: <CAJ4XoYeBtm0OosstDaSy2D+A+40S29B4zbV3TFeAzT__+oHF6w@mail.gmail.com>
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f5283005acdb403e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/U7c2L61Vf8kEBfUWa2UD7FvfNYY>
Subject: Re: [dmarc-ietf] Good paper analyzing inter-component flaws in email security
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2020 19:16:22 -0000
On Fri, Aug 14, 2020 at 10:59 AM Kurt Andersen (b) <kboth@drkurt.com> wrote: > It would be worthwhile for everyone in the group to read through > https://www.usenix.org/conference/usenixsecurity20/presentation/chen-jianjun > as they analyze implementation flaws that allow attacks against DMARC in > existing implementations. > > The paper should be publicly accessible now since the conference is in > progress. There's also a slide deck with a summarized set of results from > their study. > > --Kurt > Did a first look at the slide deck. Some interesting stuff. Some is clearly interoperability and should be considered by the working group. Some is DMARC/DKIM/SPF implementation issues and some like the display name is intractable. As someone suggested to me today, it would be incredibly useful to disambiguate the Display Name from the From email address for anti-abuse purposes but my feeling is a) that is something for the email core group (not this group) and b) there would be incredible pushback against such an effort. Michael Hammer
- [dmarc-ietf] Good paper analyzing inter-component… Kurt Andersen (b)
- Re: [dmarc-ietf] Good paper analyzing inter-compo… Dotzero
- Re: [dmarc-ietf] Good paper analyzing inter-compo… Jim Fenton
- Re: [dmarc-ietf] Good paper analyzing inter-compo… John Levine