Re: [dmarc-ietf] Tickets 98 and 99 -- fake reports are not a problem and if they were authentication would not help
John Levine <johnl@taugh.com> Mon, 25 January 2021 18:23 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DFF43A171A for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 10:23:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.049
X-Spam-Level:
X-Spam-Status: No, score=0.049 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=pIUJxWgF; dkim=pass (2048-bit key) header.d=taugh.com header.b=IRVo4HOV
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8bKyTYYk8n9f for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 10:23:53 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AB2F3A1716 for <dmarc@ietf.org>; Mon, 25 Jan 2021 10:23:52 -0800 (PST)
Received: (qmail 73568 invoked from network); 25 Jan 2021 18:23:51 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=11f5e.600f0cb7.k2101; bh=kTq9m3N8kIYCFNF2cxyztc5k7BgUBoglvE4+dl+N578=; b=pIUJxWgFWw0gst31CUijb0x9OOAAwAdQSF0bDphSfpEvTGaR4tR8qYvj6gD3u7XL6Ikto7cUUnNF/P+Fu2oH8ZuH8vgNFY2vUyz/13SvciKQyRFSU3ZxRcwWU4WvJBSlHR2RLpwZ1RkxehfQ95V2WKOCRWgAfaHwnBfCzslZ41cCZqrqRVeRqfYP1XFzORRuWFLIZBBZdhTSv8wdQKEUgfpyKPcyKxwoqqs7vt17nw2BB7xRwxk4l2PkdAYqH2CKYMh9jKdPruxnSCfu5NjeFUyXks4fmcEt1obxJwG8W84t3tNPVWQ+1QzBiH+ySsU+g3IeOEO4NpYEQSY1UllfHw==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=11f5e.600f0cb7.k2101; bh=kTq9m3N8kIYCFNF2cxyztc5k7BgUBoglvE4+dl+N578=; b=IRVo4HOVFmjr/mQ8kg4aI30Z/hlINRSW0AFIfL8Dp3drJcGLrXIstqSgWtsWa2zPxz3zFMQ4bBYz82TTV6FbVGmD297UtMmdlZQkj5hthQxiROygnE815kryPoysccKjnVY65Y/2JmwSCBp5b6lVvfQBNRXzdLUj2h55dD0bggBEJ++Ho1j5JWJVojtivNpNm927KlXpErAKzTpt6WZfcu7mTz6yYgj0zzS5AJGnoQSCv79uzeANYHYNDQ1/4LoAcKHR7pXV5Mi7HkAuWpIG4yYYKgt7uHcxJ0O9yagO+Qmw8AFTvwaBBXR8Ng2QZ2LbtjKUBV1Vu9hKzz00FItuiQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 25 Jan 2021 18:23:51 -0000
Received: by ary.qy (Postfix, from userid 501) id DE0FE6C131FB; Mon, 25 Jan 2021 13:23:49 -0500 (EST)
Date: Mon, 25 Jan 2021 13:23:49 -0500
Message-Id: <20210125182350.DE0FE6C131FB@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: seth@valimail.com
In-Reply-To: <CAOZAAfP5n15=Ez6_SFmkyDOyF=mpD8npZJmJujKP1vw322fGLg@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/bhPte_l9HQeg5tbdR7Vs0vgIDUw>
Subject: Re: [dmarc-ietf] Tickets 98 and 99 -- fake reports are not a problem and if they were authentication would not help
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2021 18:23:54 -0000
>The list seems to be digging in because no one has raised a use case that >shows a need to revisit the text. This was made worse by asserting that >reports must be authenticated, when the text already makes that clear. I think the use case is my proposed https reporting. If you think it would be useful to allow domain authentication, it's easy enough to say that the client SHOULD send a client certificate. Nobody will, but every https server and client library I know supports client certs so it's not hard to implement. I continue to believe that authenticating the domain sending reports is of no value, since there is no way to tell what if any connection that domain has to the IPs in an aggregate report or the IPs or domains in a failure report. If I wanted to send fake gmail failure reports, I would register gmail-reports.com and send 100% perfectly aligned fake reports from that domain. R's, John
- [dmarc-ietf] Tickets 98 and 99 -- fake reports ar… John R. Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Douglas Foster
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Murray S. Kucherawy
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Douglas Foster
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Douglas Foster
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Alessandro Vesely
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Alessandro Vesely
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John R Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Alessandro Vesely
- [dmarc-ietf] reporting security requirements Michael Thomas
- Re: [dmarc-ietf] reporting security requirements Seth Blank
- Re: [dmarc-ietf] reporting security requirements Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Steven M Jones
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank