IETF Logo Mail Archive

Re: [dmarc-ietf] Charter Discussion at the DMARC BOF

"John R Levine" <johnl@taugh.com> Sat, 13 July 2013 04:43 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1761711E80A2 for <dmarc@ietfa.amsl.com>; Fri, 12 Jul 2013 21:43:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.658
X-Spam-Level:
X-Spam-Status: No, score=-2.658 tagged_above=-999 required=5 tests=[AWL=-0.058, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4oyZgflydDCY for <dmarc@ietfa.amsl.com>; Fri, 12 Jul 2013 21:43:22 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id F41CB21F9E3C for <dmarc@ietf.org>; Fri, 12 Jul 2013 21:43:21 -0700 (PDT)
Received: (qmail 44774 invoked from network); 13 Jul 2013 04:43:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=aee5.51e0dae9.k1307; bh=f1vBZBcUpRSH8qhTXmCn6ReGSZomxtZjmsiCQtKrLjo=; b=bybcfjeHId7puaORUM305TCeesWGOuzOUAPPr5qlEcTy8ybQYIaeAutqIPJdabz8R7BIfbTfLNRn8ie9eBHH4s4i+bdIhKLxpTRv52zePiuHQeXrAqsOJSdZe+36me3OiuFKAu2xL98TSTLm8BE/8gGnQ+70YbuNXyaqIOS1FamNws0CYwS4jkGSIJ7atYPe9K2PW8YhtBHTMVqakyK0M3h4YfCMaEgrbsdQftt6GdhDzKFCeXjMLlRY4X5tR5sX
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=aee5.51e0dae9.k1307; bh=f1vBZBcUpRSH8qhTXmCn6ReGSZomxtZjmsiCQtKrLjo=; b=m+HbUzW9FEhLngobd8fRtmL4Kw+8r7iMLYlvn4J+JeW5cdAVN4iwQgW1bYUMtomS52WBfgzcgJGkRIKseGjzDmHp3ityQ5RcCYCi3cRb6FxkyC5bdS/T2v9DIfyULILNo9kqXqGmwKhHZYEZ5EjN98Wxs/puvWnuOX6q0acIgijDkFDJ4UJvqHCmMlvt7vjcPEG2xSabbCL9jEohUHteFfu10B07dB4sZzQ3fu60dFiEir6R+/pdVxmGhDawpFIa
Received: (ofmipd 127.0.0.1); 13 Jul 2013 04:42:59 -0000
Date: Sat, 13 Jul 2013 00:43:21 -0400
Message-ID: <alpine.BSF.2.00.1307130000130.81901@joyce.lan>
From: John R Levine <johnl@taugh.com>
To: Dave Crocker <dcrocker@gmail.com>
In-Reply-To: <51E0BF08.6020608@gmail.com>
References: <20130713013609.14351.qmail@joyce.lan> <51E0BF08.6020608@gmail.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Charter Discussion at the DMARC BOF
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jul 2013 04:43:23 -0000

>> Um, didn't we just have this argument last week?
> ...
>> Executive summary: if there's going to be a DMARC group, it gets to
>> work on all the DMARC documents.
>
> Why?
>
> More specifically:
>
>     For each such document, what is the... uhhhh... you know... "work"?

Sigh.  Keeping in mind that we DO NOT KNOW what the draft that will 
apparently be submitted says (since the most recent public one is from 
April), here's a few things in that draft that could use work:

* Fix the requirements in sec 3.1

* Fix the terminology in sec 4.

* Figure out whether the public suffix kludge in sec 4 and A.6.1 needs 
further definition to interoperate adequately

* Decide whether to remove section 12.2.2 since I don't think anyone has 
ever implemented and it's rather badly specified.  Every http POST I've 
ever seen has had an application/x-www-form-urlencoded or 
multipart/form-data body.  While there's nothing in the http spec that 
forbids other random multiparts, I wouldn't want to write it into a 
standards track document unless I was confident that web servers would do 
something reasonable.  Note that an http PUT means to replace whatever is 
at the URL with the body of the message, which is not what you want. 
POST makes more sense, but for a POST to work reliably you'd be much 
better off with the gzip file inside a multipart/form-data.  The Subject 
field it describes is also pretty dodgy since I don't know anyone who uses 
them with http, and would in any event be redundant with the filename in 
the form-data.  The section is also somwhat underspecified on the response 
side, since it gives no hint as to what http return codes might be 
returned and how a receiver should interpret them, e.g., if it gets a 302 
should it really go re-post it somewhere else?  If it gets a 4xx should it 
keep sending subsequent reports?

* Has 12.2.4 been implemented?  The bracketed text suggests not.  It says 
that if you can't deliver a report, you sould send a DSN to the same 
address you couldn't deliver the report to, which seems like an exercise 
in futility.

* Section 13 seems to say that if I act as a mail receiver, I have to send 
daily reports, unless that "and/or" means something else.  Say I have a
small mail system where I use a postfix plugin to do DMARC processing on 
inbound mail, but I don't have a database to store all the results so I 
can't send aggregate reports.  It appears to be telling me in that case 
not to bother doing the inbound processing.  That seems counterproductive.

That's what I got in a 15 minute read through.  If I read it carefully, 
I'd probably find more, as would other people.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.

v2.23.0 | Report a Bug | By Email