IETF Logo Mail Archive

Re: [dmarc-ietf] Which DKIM(s) should be reported? (Ticket #38)

"Murray S. Kucherawy" <superuser@gmail.com> Mon, 25 January 2021 17:20 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B2943A0E61 for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 09:20:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.197
X-Spam-Level:
X-Spam-Status: No, score=-0.197 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9p4iRfRBVVCF for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 09:20:03 -0800 (PST)
Received: from mail-vk1-xa2b.google.com (mail-vk1-xa2b.google.com [IPv6:2607:f8b0:4864:20::a2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFDD13A15C7 for <dmarc@ietf.org>; Mon, 25 Jan 2021 09:20:02 -0800 (PST)
Received: by mail-vk1-xa2b.google.com with SMTP id e1so2171040vkd.10 for <dmarc@ietf.org>; Mon, 25 Jan 2021 09:20:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RCzr+hi9P/s5nuwFYyfcxKkBWYM+ebei/C5j66jMV0o=; b=RwxDadPARzzt8shsLKlHlrSeyxhYdhm5xLPrGj8vPC2V9hkZKAAOssq6FRqEVbqe36 4j9wD9MlMtpVOykyoUouS+sMc7hmaekPKLeNI0MfiwKFONr0EwHYT0/zH0Ss7dIwLBro NSKUv6y1ak9bP+zSKmO/i1RZ/vclNWhGBU5T9q5AhK5d48sRNQ87jjtVaKRC+X1FkAI6 1ViyINC8WoEgjPNVA1iXab2wp8sCp6w8kU1A4Sxw6D7eU8sodmTar5RMIl8/nbguvT5H DmyHtpPrAzeH5brCPbTtLW+FFTW6opauZc0p75P11uz9MfNolG2AF/P57pnM9LhFeu4Z fzeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RCzr+hi9P/s5nuwFYyfcxKkBWYM+ebei/C5j66jMV0o=; b=hiDZi+pVPhXtRVGTv6ZDIS5Hufg4bvDdB/EQ8zS2MkrqpVNi61jtB34J0Fq7gSCfuo rntCydsAeK8PWvslF3BlYVDXGKkwo/q4wNG2vs+nDGPfd4KtxWIJ7smsRRQa0GxX+MeD GHe3AiI+0vbXNR3WRAqFkoajZSymN0IkfWxPcOjguUyfpzg2AQxPvav8I+fvH8ckrtMr HEfj4icrw2gSpN9izE8Nen+/6AVVtX68iCdRuUL2dLrKKilZOBOTo7fCBqkI/ifakynH I7/qMb8wMXPPiCfqOUxVaZgX92IlkopP4oeKJi8ewx+DrdWB87K0hFw0UQvDCWNjLKIp duhA==
X-Gm-Message-State: AOAM53230FN/Dx3l++0IhaPAic+q6vj5v3E0ve/rctHQfIJ3PUP6YhGJ asYBWeQFCvWObr3hFiLnGneu5Jdq1nUJMzyRfnBezvB7w48=
X-Google-Smtp-Source: ABdhPJz4j1ZpGq1+q7Z5AZOWEmq6bOaszXulb88OzaxIdD/BHtY6FpfPmOmMmMpphKqB8rEv8toz1hmJVd7jQ0t5nOI=
X-Received: by 2002:ac5:c3d0:: with SMTP id t16mr1555646vkk.5.1611595201835; Mon, 25 Jan 2021 09:20:01 -0800 (PST)
MIME-Version: 1.0
References: <MN2PR11MB4351BD7203D41DB25771D3B3F7BD9@MN2PR11MB4351.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB4351BD7203D41DB25771D3B3F7BD9@MN2PR11MB4351.namprd11.prod.outlook.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Mon, 25 Jan 2021 09:19:50 -0800
Message-ID: <CAL0qLwYHsZuOAi+ewvaXc_upXAMQ_eGwpw3VgxsnUsrqCYTNdw@mail.gmail.com>
To: "Brotman, Alex" <Alex_Brotman=40comcast.com@dmarc.ietf.org>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000086f74d05b9bcbf53"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/b8_r_IKkOfX72o41sf6j7aV_iBU>
Subject: Re: [dmarc-ietf] Which DKIM(s) should be reported? (Ticket #38)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2021 17:20:05 -0000

On Sun, Jan 24, 2021 at 4:25 PM Brotman, Alex <Alex_Brotman=
40comcast.com@dmarc.ietf.org> wrote:

> Some time ago, an issue[1] was brought to the list where which DKIM(s)
> being reported is not clear in RFC7489 [2].  There was a short discussion,
> though no clear resolution before conversation trailed off.  It seems like
> there were points that may need to be discussed.  One was whether the
> reporting SHOULD report all signatures, regardless of alignment or
> validity, or perhaps just the one that aligns (if there is one).  There was
> also another question if there should be a limit to the number of
> signatures reported so that it remains sane.
>

A warning about use of "SHOULD" (or "RECOMMENDED") with respect to
protocols: Text saying "implementers SHOULD do foobar" presents the
implementer with a choice.  If you're going to say that, you need to
explain the choice; in particular, an implementer should have some idea of
the circumstances under which she might legitimately not do what it says
and what the implications of doing so are with respect to interoperability.

A bare SHOULD, meant to be hand-wavy like "you really ought to do this, but
you don't actually have to if you don't want to" is likely to draw
attention.  I've been kind of picky about this lately during IESG
Evaluation.

In this case, "reporting SHOULD report all signatures" -- why would you not?

-MSK

v2.23.0 | Report a Bug | By Email