Re: [dmarc-ietf] From: munging, was Ratchets - Disallow PCT 1-99

John Levine <johnl@taugh.com> Mon, 26 July 2021 16:06 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB1463A1BB3 for <dmarc@ietfa.amsl.com>; Mon, 26 Jul 2021 09:06:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=ioioLuib; dkim=pass (2048-bit key) header.d=taugh.com header.b=hQugsnvu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c3cnyy2iKy-2 for <dmarc@ietfa.amsl.com>; Mon, 26 Jul 2021 09:06:45 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 915FC3A1BB2 for <dmarc@ietf.org>; Mon, 26 Jul 2021 09:06:45 -0700 (PDT)
Received: (qmail 55003 invoked from network); 26 Jul 2021 16:06:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=d6d8.60fedd93.k2107; bh=MOR05ygOLSIHL+qoerSwG+1TKp9J1XoZPvp5eOcjBLw=; b=ioioLuibewekmHKezlrbDZxGxTAF/4BAWRGSaUOXc33pKOJ2Se/EE54x1t7a8awcVtOlhh7ku7PDesIe0PnKciWQ+IjYXuCbMZQbEZscKrOTiNjD8MBKwrYoy2qOgE3RUWSQ9Wv6GgrjX5NK2bNdDlTew3kaSEkAY+3ZIeH5FlHvGRTzSG3RnyuE/VNuBT1H0cBC2kMkJAOI1pwfITrGq0lGuB4EBDBl8T8nLN7Yc9UC29ETpt849VOEwVYz/mBRpbr/asYZpAvOWi52xZArHrxTDVcjOApNXacL3bLqbS1D8GF0aYjBQkxpXYlxrdZjvROr+Awe9PfTQxptYkqn+A==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=d6d8.60fedd93.k2107; bh=MOR05ygOLSIHL+qoerSwG+1TKp9J1XoZPvp5eOcjBLw=; b=hQugsnvuuoWQhi9gpm980a27ui0faij3Fgr49eXe0tZFynD+BuMK4F7MBB2vT7CXdvZTtXgGHH84+V2Kf9n/be0pvsT4wzT4RyqmpjLqLKF3xa1jAr9IWyclkOtJO7W02TU31R/Qxm8/8X9enFeWxqbQcEjg8sR8SP2Nwq6XO4KBj6E75Jcna29y6Uo2/XXN1J3GRV76wau13t6rZr9Q8Wnj2FBQP1mdpJXE6FTEX6HLOnNY79VOtmnak62YYBbv3rvYiAN7NRmLHM+iNVhYg0hd/qT4w8Dl7wn+Iwos40qiWErLeXhTFXIelixtxOUf87Y/bYT8mloSBRUE47kGpQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 26 Jul 2021 16:06:43 -0000
Received: by ary.qy (Postfix, from userid 501) id F16622502E24; Mon, 26 Jul 2021 12:06:41 -0400 (EDT)
Date: 26 Jul 2021 12:06:41 -0400
Message-Id: <20210726160641.F16622502E24@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dmarc@ietf.org
Cc: dougfoster.emailstandards@gmail.com
In-Reply-To: <CAH48ZfxHe6GGGvuv6qkOvyVz3xhemdFK5MDNBo9zCsoGjx-VHQ@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/as5YKqj_dVhY1E1-DOz7H-Sc7Rk>
Subject: Re: [dmarc-ietf] From: munging, was Ratchets - Disallow PCT 1-99
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2021 16:06:51 -0000

It appears that Douglas Foster  <dougfoster.emailstandards@gmail.com> said:
>But even with an algorithm, the goal seems elusive.  Since any liar can
>start an ARC chain and insert a set of unverifiable A-R assertions, it
>seems that trusting an ARC set requires prior knowledge of whom to trust,

Yes, that's a problem although in practice, the big mail providers have their
own data to know where the real lists are, and small providers don't get list
mail from all that many sources so it's not too painful to make a manual list.

>and when that information is available, ARC chain evaluation becomes >redundant.

No.  Please review the endless previous discussions of this issue.

R's,
John