Re: [dmarc-ietf] indeterminisim of ARC-Seal b= value
Peter Goldstein <peter@valimail.com> Thu, 30 March 2017 17:01 UTC
Return-Path: <peter@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AA891299C9 for <dmarc@ietfa.amsl.com>; Thu, 30 Mar 2017 10:01:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.719
X-Spam-Level:
X-Spam-Status: No, score=-1.719 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t-jR0nLYdWhk for <dmarc@ietfa.amsl.com>; Thu, 30 Mar 2017 10:01:13 -0700 (PDT)
Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75E9F1299E4 for <dmarc@ietf.org>; Thu, 30 Mar 2017 10:01:07 -0700 (PDT)
Received: by mail-qk0-x230.google.com with SMTP id p22so45487216qka.3 for <dmarc@ietf.org>; Thu, 30 Mar 2017 10:01:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=erDYH+nyzldSfz9S3vUorce8Cw+zkBW5slOgCF4JIF0=; b=Gc42hLXxkYGj4BClqR7RLg1uTUSdCNLlCEkajrKX3wsrjDdK+PVLCujgxo38vKJbQc hKPMP0KmNnlP6M/oMN7KWwAW1HE+tK/etNhJ3KQrFSU8jXUHWXo124qMEg6LyVYvM0KM KCjYHyAsXCmadnndUcTGrQZwcECdqr9EKbVfw0ns04IFDl+lNoVDXrYlQZM3LRr3IdFk URA/tScbJrQQ08n/bQApgDK1JhOJmcCcqdQejZXznKAYh/k/dH8LAB7njG9fwro8XtuG vmqonLhMHfPfdjNla761n+oPdQRIrGHqhnQMrblhJQRAMsaE8dP9kjV66sEnhdrvDctj fJTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=erDYH+nyzldSfz9S3vUorce8Cw+zkBW5slOgCF4JIF0=; b=duPAgcSG/f83L6WUBzcidLIOCxxivtUA50nX8KkKl1vFZiznv2/doAbZ5IryC6LrX/ NPXhHOBUDonw7Yp38nfljXysCmnV+BqO8OeXCGyd9BMppYz6VCYKsQUwQr4GTDkmdLmr 8Q5UTcuBiPVuU4cA3c00kfuEQOGsFw+gsu/p1xvFiFONPfJ9tdOdBcaoL14zQZPjnB8f J2XnfZmpbyBBCZ4wp1fI0uFzVPW4DLeJnpMUdlHOPhRZF6Q+rqZOFuTMcIaaNJIiFMJT Ra8JJSeQ4XTnRiYJRkMu+91ucYX+7QY4c7C+8HmzqrYEwwhOL1lSiXH05grdg2+V/Xa1 y59Q==
X-Gm-Message-State: AFeK/H3rObzc/VgHG7rjXu9bgrxRS7nrFyYQTzTn/7RrqpBOblcvz/k2yrnX7/0aPPQKo+AaM6Qo/uno+1ojTA==
X-Received: by 10.55.87.198 with SMTP id l189mr700339qkb.304.1490893266514; Thu, 30 Mar 2017 10:01:06 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.141.207 with HTTP; Thu, 30 Mar 2017 10:01:05 -0700 (PDT)
In-Reply-To: <01QCKR5S5OXK0003XB@mauve.mrochek.com>
References: <CANtLugO_D1Mz_v_341pc5O1mZ7RhOTrFA3+Ob5-onp72+5uRfA@mail.gmail.com> <alpine.OSX.2.20.1703272118210.2533@ary.local> <CAOj=BA0YKHYrkseR=wwgZn0_GNBKfdL7jmHehgBRzxqGKV6C1g@mail.gmail.com> <2978391.eJVbVTHBlo@kitterma-e6430> <CAL0qLwbP4c+09=TNSOsDqKwcp6iw++aGW8jDhARoVwvsghSLvA@mail.gmail.com> <01QCKR5S5OXK0003XB@mauve.mrochek.com>
From: Peter Goldstein <peter@valimail.com>
Date: Thu, 30 Mar 2017 10:01:05 -0700
Message-ID: <CAOj=BA3p-XQT=AeR4PHC-udWsn7rOmtR+UQHV0vbVofDKYOH_Q@mail.gmail.com>
To: ned+dmarc@mrochek.com
Cc: "Murray S. Kucherawy" <superuser@gmail.com>, "dmarc@ietf.org" <dmarc@ietf.org>, Scott Kitterman <sklist@kitterman.com>
Content-Type: multipart/alternative; boundary="001a114dbb788ca870054bf5a38d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Y0BnTa_186dTXvC-rQzGPKoIAn0>
Subject: Re: [dmarc-ietf] indeterminisim of ARC-Seal b= value
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 17:01:25 -0000
> > > I think Peter's proposal (and he can correct me if I'm wrong) is only to > > constrain signers. Verifiers are still expected to handle everything > weird > > that the infrastructure might do. > This proposal creates a situation where verifiers are required to support > something that no compliant signer will generate. The result will be that a > test suite with reasonable coverage cannot be generated using compliant > software. > And since most people are not going to bother to create an incompliant > signer > specifically for purposes of testing, if anything this will create, rather > than > elimnate, interoperability problems. > Just to be clear, this is not what I was proposing. Specifically, I don't think the Robustness Principle <https://en.wikipedia.org/wiki/Robustness_principle> applies in this case. Verification should check the RFC defined spacing, ordering, etc. of the tag/value pairs and reject non-compliant values As this is a new protocol, and these headers are all new and used exclusively for ARC, and for the reasons mentioned by Ned, there's no reason to be lenient in what is accepted. > That sort of organic validation of implementations seemed to work for > > DKIM. The unknown here is whether ARC will be as successful with that > > model. > Exactly. And given the success of the approach with DKIM, the burden is > on those proposing to use a different model for ARC to explain why it will > work better. A few quick comments on this. As per my earlier email, I have a lot less confidence in how well this 'seemed to work' than some of the other participants in this thread. One of the benefits of DMARC re:DKIM is it has exposed some issues with DKIM implementations that were not obvious prior to DMARC evaluation. Without DMARC reporting some of the problems with certain DKIM implementations were simply not very visible. So I don't actually think the DKIM model worked as well as is being asserted. Second, the existence of such a test suite would have had material benefits just within the last ~18 months over which ARC implementations have been developed. We know this because of the immediate benefits the current test suite (which does impose a canonical ordering, spacing, etc.) yielded almost immediately. The suite exposed a few minor but significant issues with the Python implementation that was submitted to dkimpy. Similarly, it exposed that the current OpenARC signing functionality is in a much less mature state than was generally understood. In terms of RFC definition, it exposed the fact that the current RFC as written required support for insecure 512 bit keys - and triggered a discussion on this very list. In our internal development it's forced us to look hard at some of the corner cases and raise them on this list or at interops. Note that most of these issues had escaped detection through multiple interops. None of the above is meant to insult the associated developers or spec authors. Their contributions have been essential, and the skill and dedication they've brought to their tasks is greatly appreciated. It is simply meant to demonstrate the material benefit that this kind of testing has already brought. This is what automated tests do - bring problems to light quickly. So yes, I think this approach works better. Much better. Best, Peter > -- [image: logo for sig file.png] Bringing Trust to Email Peter Goldstein | CTO & Co-Founder peter@valimail.com +1.415.793.5783
- [dmarc-ietf] indeterminisim of ARC-Seal b= value Gene Shuman
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… John Levine
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Gene Shuman
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… John R Levine
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Brandon Long
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Brandon Long
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… John R Levine
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Scott Kitterman
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Scott Kitterman
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Murray S. Kucherawy
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Murray S. Kucherawy
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Murray S. Kucherawy
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Murray S. Kucherawy
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… ned+dmarc
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Peter Goldstein
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… ned+dmarc
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Seth Blank
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Brandon Long
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Dave Crocker
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Seth Blank
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… HANSEN, TONY L
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Seth Blank
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Dave Crocker
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… John Levine
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Seth Blank
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Dave Crocker
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Seth Blank
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… Murray S. Kucherawy
- Re: [dmarc-ietf] indeterminisim of ARC-Seal b= va… ned+dmarc