Re: [dmarc-ietf] Does the concept of an ARC tempfail make any sense?
Brandon Long <blong@google.com> Wed, 24 May 2017 22:56 UTC
Return-Path: <blong@google.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E2F7129BA8 for <dmarc@ietfa.amsl.com>; Wed, 24 May 2017 15:56:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pfJhzPBrarJP for <dmarc@ietfa.amsl.com>; Wed, 24 May 2017 15:56:17 -0700 (PDT)
Received: from mail-oi0-x22e.google.com (mail-oi0-x22e.google.com [IPv6:2607:f8b0:4003:c06::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6155C129B55 for <dmarc@ietf.org>; Wed, 24 May 2017 15:56:17 -0700 (PDT)
Received: by mail-oi0-x22e.google.com with SMTP id b204so260818248oii.1 for <dmarc@ietf.org>; Wed, 24 May 2017 15:56:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=dBJIU1AuP5mr/9MjIOxni+mqy+6LV5h8yvZWRWm737w=; b=gJZ1jlV+5hqips6uvgWZatlT+Wd4U60N3ZOLnERP1NCWFwCe44crZSD/COqyip1XWq 5Q+Fs7mp9pWbTbdMpmCMEMvlTy6e3SSwhhe6JONfLhiknD/6G+GUkMxbOKZ0v1VHRwOa +xTIQ830MHINnnU5N0Q4ZG+DiWiofrH/CrjFOVV9jJnn5lSZrA5Uy6McOoZWAMqMbk+2 3HFbJC0ml5qydI0TwGznRpbOCmNsaKGmpJS8qqCPZuPXMOsYJQ5s6OdB4bysz3LIV7Yq 9lepT1XR1p8d1A5gDTzTklS/avBtDjG8nZNWDKX0KpDi6+wJfHrhUTuP/GpHSPfk1GXo +1Ug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=dBJIU1AuP5mr/9MjIOxni+mqy+6LV5h8yvZWRWm737w=; b=kHHHGxIoISS55WDUTa7mS65lKvBqlx1Rsn6bWPqbKcNJHB/YNQoIMT9Q2eE4XvGxhx yJkLysZSUjeU4F44m4+ODzh0S0LqrsW8bpryjVxi067k1zOlHSGWiGaelFR7tJUZgrTD 3odlqmTlIutBPj/vzvPDDrrnf1/ZBd/Ln6AaGbjkMxL5ftiRxePoWyp2REUTNzkT58yn wqVsC1W5dN+qFQ1OTDFMn1kbKqCoCcGDhnUgLwixErJgsgu+C04QC/DUzTJ0vb5gRr5k E2vYRErt4yOOvn/vPZ7EWeu6h6gUk9vAaqC88CPEOQYf3G1er+Hn7BRCDLcG3XZ72ZSQ /Q/w==
X-Gm-Message-State: AODbwcDNg7feZI+8sBeYjjm4yVCCLPao8TnbTHfEB7CnhCVnCGRlY48o ZrS+/AaebDqn9FYe/KuGEmp6DCTkltGI
X-Received: by 10.202.204.197 with SMTP id c188mr18678741oig.194.1495666576473; Wed, 24 May 2017 15:56:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.8.34 with HTTP; Wed, 24 May 2017 15:56:16 -0700 (PDT)
In-Reply-To: <CAOZAAfMC_EPhhBVc0UVJEbkhaR6G3wy7UQXUTrc_FM50SB0GRQ@mail.gmail.com>
References: <CAOZAAfMC_EPhhBVc0UVJEbkhaR6G3wy7UQXUTrc_FM50SB0GRQ@mail.gmail.com>
From: Brandon Long <blong@google.com>
Date: Wed, 24 May 2017 15:56:16 -0700
Message-ID: <CABa8R6tyhGffHXDpMsR_T31AyHyyHNdw6Nfk8UCk_KDSOFf44Q@mail.gmail.com>
To: Seth Blank <seth@valimail.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c17710febc9505504d02f1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/bPTM3NO5bT28CUIVDxGrxjSa1YI>
Subject: Re: [dmarc-ietf] Does the concept of an ARC tempfail make any sense?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2017 22:56:19 -0000
So, last year I did add the concept of a dmarc tempfail to our code, but the main utility of that was to respond with a 4xx error on p=reject instead of a 5xx error. I could imagine having an arc temp fail that could have otherwise overridden a p=reject having the same utility. I could also imagine that an arc temp fail at a non-modifying hop shouldn't be any different than just not signing that hop. If if is a modifying hop, then the chain will break on the next hop that's able to successfully evaluate. If you encapsulate the failure in the chain, does that gain anything? Can a subsequent hop basically override the tempfail to a fail or pass? I guess a tempfail hop would still have valid spf/dkim data in the new AAR, just an inability to use any previous information. In that sense, it's like removing the existing chain and replacing it. Again, in that sense, a tempfail would be like not processing the arc chain at all, validity wise. Ie, you can sign an arc chain without validating it. If you did that with a cv=pass, you're taking "ownership" of a potentially invalid chain, but if we add cv=tempfail, maybe the ownership is voided. I think it makes the chain harder to reason about, and I'm not sure the added utility is useful. Brandon On Wed, May 24, 2017 at 11:30 AM, Seth Blank <seth@valimail.com> wrote: > I couldn't find prior discussion about this, if I missed it somehow could > someone cluestick me? > > We've been working with Murray on openarc, and there are some chain > validation failure modes that closely resemble a dkim tempfail (for > instance, DNS unresponsiveness when trying to query for a key). > > Right now, these create chain states of cv=fail. > > We believe this is the correct behavior, as a message in transit amongst > multiple hops cannot cleanly have a temporary error retried, so the > temporary failure effectively becomes a permanent error for the chain and > cv=fail is justified because the chain is dead from this point forward. > > That said, is there any value (especially for final receivers), in > transmitting that this failure was due to a temporary error and not > necessarily a permanent one? And is so, where would this transmission live? > > Seth > > -- > > [image: logo for sig file.png] > > Bringing Trust to Email > > Seth Blank | Head of Product for Open Source and Protocols > seth@valimail.com > +1-415-894-2724 <415-894-2724> > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > >
- [dmarc-ietf] Does the concept of an ARC tempfail … Seth Blank
- Re: [dmarc-ietf] Does the concept of an ARC tempf… Brandon Long
- Re: [dmarc-ietf] Does the concept of an ARC tempf… mhammer@americangreetings.com