IETF Logo Mail Archive

Re: [dmarc-ietf] indeterminisim of ARC-Seal b= value

Peter Goldstein <peter@valimail.com> Mon, 27 March 2017 04:26 UTC

Return-Path: <peter@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FB381276AF for <dmarc@ietfa.amsl.com>; Sun, 26 Mar 2017 21:26:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.718
X-Spam-Level:
X-Spam-Status: No, score=-1.718 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IcRCW9P4yUeX for <dmarc@ietfa.amsl.com>; Sun, 26 Mar 2017 21:26:00 -0700 (PDT)
Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE9DB1292D0 for <dmarc@ietf.org>; Sun, 26 Mar 2017 21:25:56 -0700 (PDT)
Received: by mail-qk0-x234.google.com with SMTP id f11so28922665qkb.0 for <dmarc@ietf.org>; Sun, 26 Mar 2017 21:25:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uADX4LJA32miQ+TSu8+6yPUJiwxpCLTRrbpGmdL3Q9g=; b=LZArxiuMHUDP3N3C7BYDQoT9evHSBSYkpEKtv0DAb5cRcBYTVGPUIbAreCKrbXCF8+ CNBn4gCh2BzVUIEGr4rwY199j045RoqEAVtFdsHL3Q9sE2Ha+QbSGswPlm0Td1x1GIcJ NKFAW0XJZzyGLtK7RhLroP3/rgUXg3rfN1cTXATaeXOBqTfDfcBYerMw89EuS7odD8Ix x915Qwa6r45tGampJ7eomEfVINp8sabcDKyQXWTd5cy6MZXH4yeocZhI6PqFZJw+d3X0 6yk4+1zWIMrVapAX425PvibNUaNr35OjfbI6HpHa6ncX0B2EJ7r6BFL80NQg/AsnYg2/ V2Gw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uADX4LJA32miQ+TSu8+6yPUJiwxpCLTRrbpGmdL3Q9g=; b=fldux4DrQA/htqqMBKKQMn8GcfIn3CocbX0clz5dDU030ER5EPmVGrVmsWJ/Mr4bPh ciVihGLLmNNmo5QB4Eh6STMzbk7rEK1J21tSOvV7aCEUm5y389Xna96PbUJhufMekV15 fgh8AM0Lo/buTQC4c7J7tYFdr75q5v57yI/RfiOr3RylNcC9uZnuI+IcnEVr4q4pbNOO /HEGb+Kd1lQR91Wmy35JNiSInB2F/Gnjm2ya9OKD2zCZvT/3nxqjRL61pbAWgv+Wmtkg QGX67lCwQFB2mwicL0CbT5Y64Cn7G/1KvSwt2vYrFvUbzvO77aUQFuajoCWluqr+y6zA Qf1Q==
X-Gm-Message-State: AFeK/H0ba9LDNVq2YYTPb8/yFpLs4Pn+FYnF9EerUWt8S4dSDPIm6oZ2ICtF3SB1+cBj+fSBInZ0wyh1OzrtIg==
X-Received: by 10.55.170.143 with SMTP id t137mr17374768qke.303.1490588755669; Sun, 26 Mar 2017 21:25:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.141.207 with HTTP; Sun, 26 Mar 2017 21:25:55 -0700 (PDT)
In-Reply-To: <alpine.OSX.2.20.1703262130330.4114@ary.local>
References: <CANtLugO_D1Mz_v_341pc5O1mZ7RhOTrFA3+Ob5-onp72+5uRfA@mail.gmail.com> <20170324212304.85346.qmail@ary.lan> <CANtLugOK4tXqA3ztYwchYsc8+t6KhyNj6mvgEu2wzvwKm_rK7A@mail.gmail.com> <alpine.OSX.2.20.1703262130330.4114@ary.local>
From: Peter Goldstein <peter@valimail.com>
Date: Sun, 26 Mar 2017 21:25:55 -0700
Message-ID: <CAOj=BA1ruma6dp1CQht8sgYQ-xqGGE2a=R7=+DkXmaft8td2hw@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Cc: Gene Shuman <gene@valimail.com>, dmarc <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c05d99a49d290054baebd62"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/bupqju3JL9d4ElkMqfJFUpeRYDU>
Subject: Re: [dmarc-ietf] indeterminisim of ARC-Seal b= value
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 04:26:04 -0000

John,


> I have to say I don't find that very persuasive.  It's not hard to write
> test code that checks for the hashes and fields in a signature header
> without regard to what order they're in.  I would rather write better test
> code than add fragile extra cruft to every ARC implementation.


I honestly find this response a little unpersuasive  :).  There are two
points I'd like to raise.

First, the idea that locking down the format of the signature adds 'fragile
extra cruft' seems off to me.  On the contrary, the suggestions in this
thread reduce fragility - by requiring that the set of signed fields (ARC
Message Signatures, ARC Seals) meet a well-defined, strict, and trivially
verifiable format.  This is fairly standard practice in video, security,
etc. protocols - every field has a place, and large scale
re-ordering/re-formatting is not permitted unless there's a compelling
technical reason.

I'm not sure why there's a perceived value in accommodating ambiguity here
- this is a brand new standard with a limited number of actual
implementers.  There's no random person not on this list implementing ARC
(especially given the standard isn't finalized).  And if there is, the
whole idea of providing a globally usable automated test suite is to ensure
that person can easily validate that their implementation will interoperate.

Second, the premise that "it's not hard to write test code..." is simply
not true.  What would be required to actually write such code would be
either a) pick a preferred ordering/formatting for these tags, and only
have the tests pass for that ordering or b) include a complete ARC
verifying system in the test code.  The first is what OpenDKIM did for its
specs (see below).  The latter is possible, but seems ill-advised for a
test suite.

To see that this is the case, it's useful to look at two earlier email
standards and their corresponding test suites.  SPF has a language-agnostic
test suite (http://www.openspf.org/Test_Suite) that makes it easy to test
implementations in any language.  I've done it myself, and it requires
minimal effort - https://github.com/ValiMail/coppertone/tree/master/spec/
open_spf.  I can tell you from personal experience that the test suite was
really helpful in ensuring the implementation was correct in all cases.

There is no corresponding test suite for DKIM, and the ambiguity in
tag/value ordering is the fundamental reason why.  The closest we come are
the tests for OpenDKIM.  If you examine the signing tests for OpenDKIM,
it's clear that they fail your "not hard" requirement.  I can write a
perfectly valid, legal DKIM signing implementation that will fail all of
OpenDKIM's signing tests, because OpenDKIM has a preferred ordering and
formatting for tags.

The OpenDKIM signing tests all check that OpenDKIM produces a signature
header matching a constant string that embodies this preferred ordering.
Any implementation that uses a different ordering/formatting will obviously
fail.  Changing the tag ordering/formatting changes the hashed value in the
header, so it's not just a matter of parsing some tag/value pairs.  And so
short of a full DKIM verification implementation it's impossible to make a
generic test suite that accepts all legal implementations.

Frankly, this is somewhat unfortunate.  But DKIM is a relatively simple
protocol.  ARC is more complicated, with multiple levels of signatures and
more complex state.  Given the substantially more complicated nature of
ARC, it's desirable to have a test suite that will pass any legal
implementation.  Interops are great, but I'd take a bulletproof test suite
over an interop any day of the week.

I won't be at the IETF meeting this week, but I'd be happy to dive into
this in more detail over email or phone if it's helpful.

Best,

Peter

On Sun, Mar 26, 2017 at 7:32 PM, John R Levine <johnl@taugh.com> wrote:

> It's even more important than it was with DKIM to have a test suite that
>> can verify signing behavior.  If we don't agree on any sort of standard, a
>> test suite will need to select a preferred format for the ARC headers &
>> will fail all implementations that don't meet this form.  We've discussed
>> this with Murray, and he agrees with this conclusion.
>>
>
> I have to say I don't find that very persuasive.  It's not hard to write
> test code that checks for the hashes and fields in a signature header
> without regard to what order they're in.  I would rather write better test
> code than add fragile extra cruft to every ARC implementation.
>
> As it happens, the IETF is meeting this week in Chicago, and I expect I'll
> see Murray in the next day or two so I can talk to him directly.
>
>
> R's,
> John
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>



-- 


[image: logo for sig file.png]

Bringing Trust to Email

Peter Goldstein | CTO & Co-Founder

peter@valimail.com
+1.415.793.5783 <(415)%20793-5783>

v2.23.0 | Report a Bug | By Email