IETF Logo Mail Archive

Re: [dmarc-ietf] Working Group Last Call on draft-ietf-dmarc-aggregate-reporting-14

"Brotman, Alex" <Alex_Brotman@comcast.com> Sat, 23 March 2024 18:17 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6ED6C14F5FB; Sat, 23 Mar 2024 11:17:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b="ZggJv0pK"; dkim=pass (1024-bit key) header.d=comcastcorp.onmicrosoft.com header.b="FBS70V6A"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TKOWMpiST22E; Sat, 23 Mar 2024 11:17:10 -0700 (PDT)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7BB0C14F5EE; Sat, 23 Mar 2024 11:17:10 -0700 (PDT)
Received: from pps.filterd (m0156891.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 42NIDQrI011169; Sat, 23 Mar 2024 14:17:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=kHKX02W7btRS1WAhk8lrSGsMk4JzIAKaeh8NZKMP0bM=; b=ZggJv0pK/x78inOGVFGudkAM7dgCCSB8nlGgBffYoQ/itdXZyRcISFW9KTGQyW+o0iXf ++mAGlX02qEn2xgwuvv1YR8B6yicqrrskhmmhlZxmg/3rGWuy9f8rXTbfzMSR8ULgHCv YKF+Q/A9DOV/xKNn68rzNrjaZfImQQj0uHClBKXGtB7wyoFu9+03l2D1S8CQsOjgVxlp xyZW9vjglWjSk3IoscSPycdAJgY+qKkPjf0T9Ntlcd7M1ST+HScnuJFy1s++y/dDYjJa EK6VEMGOL517saz4RGiSoEMRaeQ2oL0yP9whQk/GTrhz8bwfduc+xdQmDSR6GzBCllTs uw==
Received: from nam02-sn1-obe.outbound.protection.outlook.com (mail-sn1nam02lp2041.outbound.protection.outlook.com [104.47.57.41]) by mx0a-00143702.pphosted.com (PPS) with ESMTPS id 3x1uwx59v5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 23 Mar 2024 14:17:10 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=emkdvT36MdfK4RnbxrzSqQzyI8y0lIrNPFi3rTolrdTCqsw1EpzBJpnfL43JEeYbBdu1BDvBo6FjAE2YPWwaYJ1YObAlNxVFRhOpJ3CCFm8KevUV8hrvsB4vIeWi4Vhxaikp2YY6RtPWPO+VhUMlou73ydvhshxAXN48fHVGbsWvCY7sr5nmmuc1PEBP0pRw1mD0aYQksr8b4zT5iiDlVVdQgQxmdZTZa9lW0dJaxR/7CCTAvUE4KbPOtACfFKJjSE0utDv0JlcTcoXdx85hudYTiCPhxLMPFyDLh+jhrXtYiwkR9gTgByjNqWjmW+O4zYTscZRC3LAXEdSrivv/rg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kHKX02W7btRS1WAhk8lrSGsMk4JzIAKaeh8NZKMP0bM=; b=W2cc4EbelYhflv7iX7jWuh98BoIYTSkHsZeQP4xnFE49SHu0BWMZHvPoieaVuh7U1GB5F9wV4ff47tK0lLFZEEzV0GwqSOHYZ0IKDDMAT171b/K+cCRlKmBNkGodkQZTVD5PqaW5+8INqGzI1/Z6tPzoP+ff3d01IDilZlABaHcdRAIMJb1hf90xJzwXqVwIa4f2y26p9SOItvLjY/rWtRY1ptiUXte13jTBefbsjNiGZOj4pucYeBoiRBYFp56URRcTWAdH8TG82slVx9G68PswxP2bHj+saX35VGC4C4IVWr3vLLbjaGIGOGXltPtHquKnA6aA+puLqIw7GuuPWw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kHKX02W7btRS1WAhk8lrSGsMk4JzIAKaeh8NZKMP0bM=; b=FBS70V6AA8GW29tQn8e+6Mg1InWEimkdYJH2FgKLNae2R8BZiFFEOnCgtk8w/8evJq1i2QMshBjPSSM2mNhJTx3iFULKZoG7oKzaji8VBG6AfPzT5LQfb8+kxuqtWazDCm9jJuIAzxE9ZTdYwV1lS5kRxu24EvCKmC3GcW5cwYs=
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by BL3PR11MB6505.namprd11.prod.outlook.com (2603:10b6:208:38c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.26; Sat, 23 Mar 2024 18:17:05 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::8948:2ea7:94b5:810c]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::8948:2ea7:94b5:810c%7]) with mapi id 15.20.7409.026; Sat, 23 Mar 2024 18:17:04 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: Matthäus Wander <mail=40wander.science@dmarc.ietf.org>, "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Working Group Last Call on draft-ietf-dmarc-aggregate-reporting-14
Thread-Index: AQHaayC5TsKJcYEGtEGVqxKiCSlT2rFC5mgAgALeqaA=
Date: Sat, 23 Mar 2024 18:17:04 +0000
Message-ID: <MN2PR11MB435136B5ED8C549D3FC0946CF7302@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <170917032719.21794.5530457789908442808@ietfa.amsl.com> <MN2PR11MB43514516D243026232B15E5CF75F2@MN2PR11MB4351.namprd11.prod.outlook.com> <CALaySJLe-2ZPedCWKRq7Jb5W9bOmU4V_hAu+biwd9peVOhAyhQ@mail.gmail.com> <3c9ff852-7b5d-41fd-af62-d85642347414@wander.science>
In-Reply-To: <3c9ff852-7b5d-41fd-af62-d85642347414@wander.science>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_ActionId=5c7691c5-4083-456e-8606-4828b80ba80d; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_ContentBits=0; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_Enabled=true; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_Method=Standard; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_Name=Confidential (C); MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_SetDate=2024-03-23T18:12:26Z; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_SiteId=906aefe9-76a7-4f65-b82d-5ec20775d5aa;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR11MB4351:EE_|BL3PR11MB6505:EE_
x-ms-office365-filtering-correlation-id: d39bd6b3-773b-4fd5-34de-08dc4b657175
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0cjzaKgwlsyWNER6J3ZzFLQOq//O1bLlVSOQxCh65BEz9QbmGG3KRPv1rj83amPLYExvw5DWa+V5oGe5nT/ggoXkK0EFChxbC/DNsAWFxXz206yStpyeBe2rrmevU7NoQvnZQBP5F5d0MXx++QsYB4ln6FrlFs1ZhSIpEZzjCYYcndPg9wwf/oOxJmU76Jdmx6OaGPyC8q7uDsnU7uwXNB62cujz6d7oha7p6t4QvCSmsUN/Vj93EvfCwqemAN07encvCTaIbgLa4gperpwCpxcKJI+kT2KOb5dGax4tYjyJ9zR4wFuxdSgyCEnbroZKmLZnDm7SmtpnsGVIEOzWRLIq1+1Di/bY5vjrIHGLsmGk4V7vvRWAAhzKoK3aMMLSGpcQqUoWJPaCpIab+AV/+78sRYdha8z66x9mbSwVFPKfYniXYvWRv4Lww+ciQj28+eTFPJZBf1OR/HTm2mwal66Fi+9c5pUzMrKESRi66ahlSTC5q5GmQzuw3D8Wk4mz++y148ZzZ3Ef562dQduUSApbpxzlYPRw2g7g32QNG7s1herOrdRb9ZC4PERHjVnTzvV/y3N9/O/CPxjbi0AscAUmgqLjyztIco9RWiV2mhZG/8PqOXTTWc6ChGYGNfNb3opzl0JmiwBANi7UTaWGkwqxXx6XqxGnR+bMEEOnKZc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(366007)(376005)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4SwzB7qNXxqVZs7xbFecyAtKTIoXPMf74uZZ/8XZZq7OiHpcbVzoAbB8/sMCetWyTxvNz83Vcw0CQZd/T+o5k8yLAdSK3arVWTMIpq663g1T0wcjDZ4auHligYvKU4UkhmGfh5MY1NiKSLXo5aPO21BEyxU1u2KazhkUh/4O9ofKd98lZ5h9Q8D+XIpslP57eoj7SqBJxSjJPoO0T88XcCJRxkcYYGxL87EbomK7YoaabAvUCKfm6bI+Dpymd24bVqr+z+nbdHQ5VlDMj3y1o0de+GVMuhFEVVHxvNjNXWl02argCU7qKJb1PVUDqTuBiUlT0En5Tz5Mie/NhoNwjkPUJG7AwuFoyKpywfdXm+Q5l6fUl8pqocZkl/MjsI7IU7MQUv0mBWUIbdt+gdACOq48OATTFx9J/kXBFWGPhmj7PuiOj+dYDP92Zu4sxi4RdBBaBXHAZrr2wouZniHEyMZaLRbd2qW/GWHj9Fv7BLC9lTvOlvQeGQdpwqnl8+9nRUhbVRdANwoNS79pO1GIH7me4h0UMWc6KCIiu2ONHFQksB6P0OlQ5OFC/emcAa0dDdHIBnNeoe3BIluK2v+asjfGYQbzgm0GH7xtmRbeprKubhSJU9qQjf9Q3YnFyTQ9K+go5HN4E24Oi5ZZyMlMU2X3wgdmYJiEfjyRNVbpF2pWlchEqcYo/3cNUVBeAsRfBF64h2+vXA5wuFPhiBfQPmlR0N1+k4fQMvwy+JGtRNv3QZYhkgjNsNBUunZJAehWnG961iL1KaCli+rojUbaj11oDMAO1nlmDaAnLtys8AnaqjWJ14aVa/dFRtG8kIRmKXpB0PWb1UX84XY11CfIqVG5gCwuY68hkyNZmdWG1/UiiT18QFPSHfwM2Fe065JzLBkwQnisRHPfIm4ly4Nf6qcTKIu4dAARoSm1HWdQavQnY7qhp9WIE3jmjmRZPqECaDTrS9LNt+Eg0eXukmrc428WXL9DlKAo6OIhZrfhEYUkWifiP4ozerSbpvFh9ZJLpe38F+xxIdbWwt9HGn5SEy7j9wZO4IathCbFa+9u1YEbQKHCVKZe3UwB69mtwuLof42MdRQhJT2CIWHW3GOSyTpVeqKYwpwKNKd4DM0lgrKfwPK8yxtK0gHFe5HzUGMKet6Z7YNZZv7Ar4RznNCtWRsxy8AMMXxYjSoRAyvYtbni9M8QX+jB3hS6ZHYlcp989GorqZeJw4ezhrKCS5OoEilHA+sSuP8ORWjBPzq4UexcZrUh5rzIYRPSzkRV/vsw/Zv7hecs3+9nOmxE0Vet1K3GjiO7u+dBhXRnLC6J9wylRBs1soK7+nWl4Fw0ikbDyfrQBcpzWkNilrPQW92azOPN683skN8M3jz8rV+3P4l04msDmFJlCuTtfAj/0SJGcyjZTMhptYeQfwSv5I1OEAxwXA14zeYga4gRRaGHpSwGdOJhbpo9byNrnaYPL/L+WJXXcR/5xjNorY//ydoEHQX5SpGkAnQ0hpFbZmPw09J/r6rxXKm/UwiLGfysu7dt8SNS+bigfzRfrSEkwAFj7mmgEnXPyJqZt/q++NH7noWTHTUPMvdzy2pYSzed/u6Tgeb0fyLoUDa+Haa+tots+oTPUPFPvEdIkXc4Op+6gffqgFNLz4h0iQ6X7OB4SyGge4fb5uWsaRKyP1cnNJdX/A==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: comcast.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4351.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d39bd6b3-773b-4fd5-34de-08dc4b657175
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Mar 2024 18:17:04.7009 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: njvgjzzs7NNiDqhzT4k8lM4HMON4PQNpcJApYm3FdQvTA7lzLxcZpr6Xjd4yZ8p6//o5YhziCD8Swzea4uW5ONL6RdmFixtSxg3z4kXXNAg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR11MB6505
X-Proofpoint-ORIG-GUID: tHXSv7A9rAebdTfw1zh6CH4iQF-7S5jo
X-Proofpoint-GUID: tHXSv7A9rAebdTfw1zh6CH4iQF-7S5jo
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-23_12,2024-03-21_02,2023-05-22_02
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/bKNA9l0pGc436OLZgnMXPZvZQ_E>
Subject: Re: [dmarc-ietf] Working Group Last Call on draft-ietf-dmarc-aggregate-reporting-14
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Mar 2024 18:17:15 -0000

Thanks for the feedback.  I believe I've corrected all except

- 2.1: "(...) while there MUST be one spf sub-element". At least one according to the XML Schema Definition (might be two, each with a different scope "helo" and "mfrom").

Can we talk about how this looks in a sample report? 

-- 
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
 

> -----Original Message-----
> From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Matthäus Wander
> Sent: Thursday, March 21, 2024 6:23 PM
> To: dmarc@ietf.org
> Subject: Re: [dmarc-ietf] Working Group Last Call on draft-ietf-dmarc-aggregate-
> reporting-14
> 
> Barry Leiba wrote on 2024-02-29 16:03:
> > This document is also ready for our final look, so this message starts
> > a working group last call for the aggregate reporting document, with
> > the same timing as for the DMARC spec.
> >
> > Please post to the DMARC mailing list by 31 March, giving your last
> > call comments (which should include “I read it and I think it’s ready”
> > as well).  If you have significant issues to raise that have not
> > already been discussed and closed, please post each of those as a
> > separate thread.  Minor issues and editorial comments can just be
> > posted here, to this thread, and we can split them off if necessary.
> 
> Editorial and nits:
> 
> - Would it be useful to add a reference to dmarc-bis?
> - 2.1: Bullet point "A separate report should be generated (...)"
> appears to be a requirement, not an enumeration of data included in the report.
> - 2.1: Bullet point "The DMARC policy discovered and applied, if any" is redundant
> with "The policy requested by the Domain Owner and the policy actually applied
> (if different)".
> - 2.1: Write out "IP" as "IP address".
> - 2.1: The terminology of having two sections and two subsections may be
> misleading, as this is not reflected in the XML structure. Suggestion:
> replace "subsection" with "element", which is a term used in XML.
> - 2.1: "In most cases, this will be a header_from element, which will contain the
> 5322.From domain from the message." Add: "There may be an envelope_from
> element, which contains the RFC5321.MailFrom domain."
> - Multiple instances: Replace "5322.From" with "RFC5322.From".
> - 2.1: "the 'record' element". Only instance where the element name is enclosed
> in quotes.
> - 2.1: "(...) while there MUST be one spf sub-element". At least one according to
> the XML Schema Definition (might be two, each with a different scope "helo" and
> "mfrom").
> - 2.1: "(...) the value is one of
> none/neutral/pass/fail/softfail/temperror/permerror." Would it make sense to
> add a reference to RFC 8601?
> - 2.1.3: "Specified below, the reader will see a msg-id, Report-ID, unique-id." msg-
> id is not specified below. "5322.Message-Id" is briefly mentioned in 2.6.2.
> - 2.3: "(...) regardless of any requested report interval." The report interval (ri tag)
> has been removed from dmarc-bis.
> - 2.6: "Any reporting URI that includes a size limitation exceeded by the generated
> report (...) MUST NOT be used." The size limitation has been removed from
> dmarc-bis. However, leaving the text as-is offers the option to re-introduce a size
> limitation in future URI schemes.
> - 2.6: "(...) the Mail Receiver MAY send a short report (see Section 7.2.2)"
> Dangling reference: error reports have been removed.
> - 2.6.2: "This transport mechanism potentially encounters a problem when
> feedback data size exceeds maximum allowable attachment sizes for either the
> generator or the consumer. See Section 7.2.2 for further discussion." Dangling
> reference.
> - 3: "(...) after conversion to an A-label if needed." Add reference to definition of
> an A-label. Dmarc-bis references Section 2.3 of [RFC5890].
> - 3: "the same overall format as the policy record (see Section 5.3)."
> Section 5.3 (or 5.4) of dmarc-bis.
> - 8: "report_id: UUID, specified elsewhere". Change to: "report_id:
> Unique Report-ID".
> - 8: "error: ?". Change to: "error: Optional error messages when processing
> DMARC policy".
> - 8: "The percent declared in the DMARC record". Change to: "Whether testing
> mode was declared in the DMARC record."
> - 9: The policy_evaluated in the sample report evaluates to <dkim>pass</dkim>,
> but still results in <disposition>quarantine</disposition>. Is that an adequate
> example?
> Suggestion: change to <disposition>pass</disposition>.
> 
> Regards,
> Matt
> 
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmarc__;!!C
> Ql3mcHX2A!Bnuiz20ACdarSauiLSk8IQ3CRyWbItwpq20m0AgtFVIA2mRNyWeQMb
> -h_WUJsrvmtSbtJROBvnxFUdm0-HW0MvTSHXxGxoFC-BA$

v2.23.0 | Report a Bug | By Email