Re: [dmarc-ietf] spec nit - which DKIM to report

"John R Levine" <johnl@taugh.com> Fri, 21 June 2019 19:24 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75AB0120130 for <dmarc@ietfa.amsl.com>; Fri, 21 Jun 2019 12:24:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=IFUxiDKj; dkim=pass (1536-bit key) header.d=taugh.com header.b=R6ZT1a9k
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ra5OgcOuj_i for <dmarc@ietfa.amsl.com>; Fri, 21 Jun 2019 12:24:09 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83112120096 for <dmarc@ietf.org>; Fri, 21 Jun 2019 12:24:09 -0700 (PDT)
Received: (qmail 25432 invoked from network); 21 Jun 2019 19:24:07 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=6356.5d0d2ed7.k1906; i=johnl-iecc.com@submit.iecc.com; bh=3MVSYjdcf7HbxwaOvclgeGwI+is5VbRZigtSsm/jiUU=; b=IFUxiDKjMOPuvd6jIpB5u2trOlI9cBvc2jFfD9ZZXvgCBkeMVL1MkNJUJ8B6FOHn+uah6Bi43W9SaV1xugmanFwLT+JswnwNWZbVi4weCEYsRtYD38gWB8gReAWDCgYFVu0VeHRRULqLPpWiFIumAm1tiD/0UksE0+6s2Ls2M7HCMWC9/xSOYtvYz3dEh/CIKiyGm/iqwOOD7xLe2g2RZAmILeHwTR6JYvdIUrk8KS4SCn/C/t94YJ0eu2FHsxjd
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=6356.5d0d2ed7.k1906; olt=johnl-iecc.com@submit.iecc.com; bh=3MVSYjdcf7HbxwaOvclgeGwI+is5VbRZigtSsm/jiUU=; b=R6ZT1a9kbCXfBBCWH0KbozQBbxSrKFLVThI7tHmzIdhP9cbTdtajfgNBZNZPWeAJIs7QPSy59yBreC984IdYc9GNAnMDW5rxZt5wj3a7YjLRIpyPC5CEddW0cnj6YsuJMBXOjCYcr7kYbEG2Q/gGcnSIOQfM7S+KweHLvE/iNl6uSNGD0tTy7mLgbD6ZH9dHsjLUWwJ+rOmk6TML5lidzTf3JplJmSrmM1Xi7KcpTgQyP++uVprfhgpOkQozpXny
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.2 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 21 Jun 2019 19:24:06 -0000
Date: 21 Jun 2019 15:24:06 -0400
Message-ID: <alpine.OSX.2.21.9999.1906211523500.53944@ary.qy>
From: "John R Levine" <johnl@taugh.com>
To: "Elizabeth Zwicky" <zwicky@otoh.org>
Cc: "John R Levine" <johnl@taugh.com>, dmarc@ietf.org, tki@tomki.com
In-Reply-To: <0C6B5A70-6373-4DC1-9AB3-E0745F4D3364@otoh.org>
References: <20190621184626.AE1B52016298ED@ary.qy> <8C941177-5B45-4B69-A2CB-C774BFB543FD@otoh.org> <alpine.OSX.2.21.9999.1906211507430.53840@ary.qy> <0C6B5A70-6373-4DC1-9AB3-E0745F4D3364@otoh.org>
User-Agent: Alpine 2.21.9999 (OSX 337 2019-05-05)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-1745139005-1561145046=:53944"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/cYnkNGUeZazscy6hAMB1GItYXSc>
Subject: Re: [dmarc-ietf] spec nit - which DKIM to report
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jun 2019 19:24:12 -0000

> The problem with that language is that
>>  o  The identifier evaluated by DKIM and the DKIM result, if any
>
> is genuinely unclear. Often there are multiple identifiers. Does this mean I can pick any one of them? (That does not actually provide sufficient interoperability.) If there’s a specific one I should pick, which is it?

How about we change identifier to identifiers?

R's,
John

> On Jun 21, 2019, at 12:11 PM, John R Levine <johnl@taugh.com>; wrote:
>
>>> I believe they MUST contain any aligned DKIM signature regardless of validity and SHOULD  contain an entry for each domain, selector, result triple.
>>
>> RFC 7489 says:
>>
>>   The report SHOULD include the following data:
>>
>>   o  The DMARC policy discovered and applied, if any
>>
>>   o  The selected message disposition
>>
>>   o  The identifier evaluated by SPF and the SPF result, if any
>>
>>   o  The identifier evaluated by DKIM and the DKIM result, if any
>>
>>   o  For both DKIM and SPF, an indication of whether the identifier was
>>      in alignment
>>
>> (and a bunch of other stuff)
>>
>> I don't see any basis to change this, since as long as the report's format and syntax are correct, it'll interoperate.  It may not have all the hints the report's recipient would like, but life is like that.
>>
>> R's,
>> John
>

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly