IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy

Дилян Палаузов <dilyan.palauzov@aegee.org> Sat, 26 January 2019 14:05 UTC

Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A43A412867A for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 06:05:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18GOnwjJvmEG for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 06:05:46 -0800 (PST)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11467124B0C for <dmarc@ietf.org>; Sat, 26 Jan 2019 06:05:45 -0800 (PST)
Authentication-Results: mail.aegee.org/x0QE5eeY004163; auth=pass (PLAIN) smtp.auth=didopalauzov
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1548511541; i=dkim+MSA-tls@aegee.org; r=y; bh=bfF9WUSebbnXcv2k9XT71heWG3TMmZnMjTi9RGH9yN0=; h=Subject:From:To:Date:In-Reply-To:References; b=lGpZSVJqJqKwNiZrdN1v86YdR/vHWRV4Po0fYfc9a9ZpdNPLiIPUkmNxcC/Spsko1 Fj44j5/fxNIgNDHdfjNYGIOftu6/7ojPtYXs+HtrWDqjtOHcYxw0jk80qZRWdfHK/T mID58ezaUxEk1e5aGtoydEhpgaqH2sLg+pgF/0Hp/Y92zsSrGekYvAkvIxf4taJcwr rie84l244uJ0X4fo6aP+GKq1by3Ay2lsIbtDugdqeeRurD5J9yuu7qAtRpvh627PmZ L4W0qr+ITcZhslIX1HTQtHebAwxW/dMyydgWlBvca1dFOd4qlzeaJiR9pgWxs5/zoq F6JUTwUbP7poos0FZ6liRHBXyB9faIomnbZ9wtI8qY6vyysKfKiWe5Wadl9g6jFcZf O2FRPIflgvWo2Es/fA6blWgBobwseiTQth+nVOmUYigWhGyscWTHcNCXRbTPGajoRa Shjm55KeMehecXjpGhdGqeY02eFKASG7QBKOtlPVztELtsnhqYHdsSvFYXr8CzTln1 AFiOqd9SsFJFVSSdPU/GfuiDOOE5MYgmG8joZoOqimBTg9AosSiXr3qkQiJN0thoIe d6V17zI7dmCxEgLIwRUCC1gnW9wPks9tL9Ng2+MYCj1t0pTzu62jFIquha5xNLgv7L nnctW5frvLe5sIb05JeeKsyo=
Authentication-Results: mail.aegee.org/x0QE5eeY004163; dkim=none
Received: from Tylan (adsl-62-167-97-198.adslplus.ch [62.167.97.198]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id x0QE5eeY004163 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 26 Jan 2019 14:05:40 GMT
Message-ID: <b3f6406700707790a140a4b05fed38cd5be711fc.camel@aegee.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
To: Vladimir Dubrovin <dubrovin@corp.mail.ru>, dmarc@ietf.org
Date: Sat, 26 Jan 2019 14:05:40 +0000
In-Reply-To: <129785b9-952e-611b-cff9-7a909b3fe4a4@corp.mail.ru>
References: <40a9f309a70254b799f8bc3e42cbec2f5cf9dd7b.camel@aegee.org> <129785b9-952e-611b-cff9-7a909b3fe4a4@corp.mail.ru>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.31.90
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.1 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/XVpv5ykZhTckauEqQhp__un9VkQ>
Subject: Re: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jan 2019 14:05:49 -0000

Hello,

how does the unrealistic expectation of message sender and recipient, that a “deleted” message is immediately
irreversibly removed from all backups, differ from the expectation that an “erased” message does not exist in a forensic
subsystem?

Do Terms of Use, that clarify the sending of forensic reports (and backup policies) close the expectation/reality gap?

Regards
  Дилян

On Sat, 2019-01-26 at 16:26 +0300, Vladimir Dubrovin wrote:
> Message sender can expect message content is only stored in sender's and
> recipient's mailboxes after delivery. If deleted by both sender and
> recipient, this message is not longer exists and it's content can not be
> recovered.
> 
> In this scenario, (partial) message content can be stored in DMARC
> forensic subsystem unknowingly to user, it may violate user's privacy
> expectations and/or rights, depending on local legislation.
> 
> 
> 
> 26.01.2019 14:37, Дилян Палаузов пишет:
> > Hello,
> > 
> > for a smooth working DMARC DKIM signers and verifiers must be interoperatable.  When a server DKIM-signs a message and
> > sends it to another server without intermediates, the latter shall be able verify the signature.  Imagine, the DKIM
> > validation fails and the ruf= dmarc report email address points to the sending server.
> > 
> > What are the privacy concerns in this simple scenario that speak against sending a DMARC/DKIM report to sending server,
> > telling that the DKIM validation fails?
> > 
> > https://tools.ietf.org/html/rfc7489#section-9 mentions some privacy thoughts, but these are not applicable when the
> > sending server obviously has already the reported message and no intermediates are involved, that could expose
> > additional information.
> > 
> > Regards
> >   Дилян
> > 
> > _______________________________________________
> > dmarc mailing list
> > dmarc@ietf.org
> > https://www.ietf.org/mailman/listinfo/dmarc
> 
>

v2.23.0 | Report a Bug | By Email