IETF Logo Mail Archive

Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations

"Murray S. Kucherawy" <superuser@gmail.com> Sun, 19 July 2020 00:17 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1E093A0EA4 for <dmarc@ietfa.amsl.com>; Sat, 18 Jul 2020 17:17:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aCBzL1MCbD1T for <dmarc@ietfa.amsl.com>; Sat, 18 Jul 2020 17:17:02 -0700 (PDT)
Received: from mail-ua1-x92c.google.com (mail-ua1-x92c.google.com [IPv6:2607:f8b0:4864:20::92c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACF613A0EA2 for <dmarc@ietf.org>; Sat, 18 Jul 2020 17:17:02 -0700 (PDT)
Received: by mail-ua1-x92c.google.com with SMTP id p6so3961537uaq.12 for <dmarc@ietf.org>; Sat, 18 Jul 2020 17:17:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=c4LZ0AHtia9Z7kZcUazjkzdgWtpBd2cu6uJNLA3cTzw=; b=bhvoF1XNJyYars6XPcJvzcRDaf1dDa9hnTOVU5ZeF8QxKbIT36XnnThIxnXCMhYy7P +WbI2gSjx7xA7vwpk1lTQIXEyLKhvoUVspIu+icROjLu6VnUBpNB3vGdkQrwqWuZyh+C o9D1RySTiCfnQIwURq/mdABBfldrjAJjOqJ8JSxlYTLiN7lzU4aeuTtpOK9fXwCZ1O25 49fhBQjUHRF9qoPiZIvtTQBkeubRyNWRIvOlJNUWhiHsqY8ucyrD5FXpsfQwTaHrMb7n FqUWD3m2L+/QqugnT38NOsUEjzpzsNucrM6t0UDmf4J4rQlmfVI8u3aa7HJaJTen3hCG D+sQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=c4LZ0AHtia9Z7kZcUazjkzdgWtpBd2cu6uJNLA3cTzw=; b=hOWl9SlW8l/3KoPcrriEEzgSeTAVAhuRgHXD1jaxFHLqcdcKg/4HQGJwAWren0+0YM wawU7t+ZrPVp3ql2IdKrcpDmqRvqZ8m66gdnC3DO124RQUy9OnHewS+uzoa8cI1JlqOt qegRzxbocV7v+peSkYaA+pjiy0Kmq5TPgU8aRwUGyizhqKdqWgCiwn1JxKZgkOzaZKjC mF6sDQR2FJ3BQLwpiXE2uYECrRRkuSIVCOdg7C3+KV2aAW5xXt7h0qGvIdmMmVjg3w8h 21/WB9PudjXIRqAqJynRpLs285OBZWduxvoF88mQZAP0/+atmcL0iJ/WFRLNrWVjjekN FWTQ==
X-Gm-Message-State: AOAM5334KXZNUIprvWQ9tgBmBaU75EVb8YrnVGonj5Ex/isHVexTokoP zPrOCkuvZxU6OqYmzY4RM/TnkEj8/IAg0BRibQk=
X-Google-Smtp-Source: ABdhPJzxzTYnle3NZtNRbFgCYnI360JiKkIh7QBGSa0CmPqpBhJExj0ZEYkcizAAS2MKBGTErAc4Qb+1zT8/H/H5BDc=
X-Received: by 2002:a9f:31f3:: with SMTP id w48mr5699632uad.87.1595117821573; Sat, 18 Jul 2020 17:17:01 -0700 (PDT)
MIME-Version: 1.0
References: <cd9258e6-3917-2380-dd9b-66d74f3a64d3@gmail.com> <20200717210053.674D61D2C431@ary.qy>
In-Reply-To: <20200717210053.674D61D2C431@ary.qy>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Sat, 18 Jul 2020 17:16:50 -0700
Message-ID: <CAL0qLwbkhG-qUyGqxaEjcFn2Lb7wPMhcPFEMA8eqptBJpePPxA@mail.gmail.com>
To: Dave Crocker on behalf of Kurt Andersen <johnl@taugh.com>
Cc: IETF DMARC WG <dmarc@ietf.org>, Dave Crocker <dcrocker@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000213e4005aac04fc2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/e9G9sTFQfhqcKaal1zco3Y63P9Y>
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jul 2020 00:17:04 -0000

Brandon Long, if you're watching:

On Fri, Jul 17, 2020 at 2:01 PM Dave Crocker on behalf of Kurt Andersen <
johnl@taugh.com> wrote:

> In article <cd9258e6-3917-2380-dd9b-66d74f3a64d3@gmail.com> you write:
> >> I'd counter by personal anecdote that we have had to undertake
> >> security remediations because of messages which were forwarded by our
> >> CEO to other employees for responses which happened to contain malware
> >> and/or bad links. ...
>
> >Except that the problem isn't the email address, especially since almost
> >no one sees those any more.  And the display name isn't protected.
>
> Do we have any recent numbers on how many users see the From address rather
> than or in addition to the display name?
>
> Signed,
> uh, someone
>

At some point in the past, Gmail decided to show the email address only
unless that address was in the recipient's contact list, or if the
recipient had replied to that address previously, or something like that.
In those cases, the RFC5322.From address was trusted, and so the display
name was shown.  Is there logic like that still in place?

Any other UI developers got a policy here?

-MSK, sans chapeau

v2.23.0 | Report a Bug | By Email