IETF Logo Mail Archive

[dmarc-ietf] Comments on dmarc-base-09

Jim Fenton <fenton@bluepopcorn.net> Mon, 05 January 2015 21:43 UTC

Return-Path: <fenton@bluepopcorn.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EEC81A8AE5 for <dmarc@ietfa.amsl.com>; Mon, 5 Jan 2015 13:43:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AEiccdZLP3IB for <dmarc@ietfa.amsl.com>; Mon, 5 Jan 2015 13:43:11 -0800 (PST)
Received: from v2.bluepopcorn.net (v2.bluepopcorn.net [IPv6:2607:f2f8:a994::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B142F1A8AE4 for <dmarc@ietf.org>; Mon, 5 Jan 2015 13:43:11 -0800 (PST)
Received: from [IPv6:2001:470:1f05:bfe:8487:211c:c357:5a90] ([IPv6:2001:470:1f05:bfe:8487:211c:c357:5a90]) (authenticated bits=0) by v2.bluepopcorn.net (8.14.3/8.14.3/Debian-9.4) with ESMTP id t05Lh9sH024713 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for <dmarc@ietf.org>; Mon, 5 Jan 2015 13:43:10 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net; s=supersize; t=1420494190; bh=4M7AvOe84h3yXy3NKn2cx/rgScco6nsWdwwSydmO11I=; h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type: Content-Transfer-Encoding; b=VVe0rafTsrfp3FUOYyY8t0aBol7VhjpLS4mpuy9gBB699NFKz8kKBcQ6HFSNjjyQs c5fYLwUjrqFn/NSIH7zz2Xm0YwJEBHNTYN6Eyur9BEU1RCKB3y3btNTycK33Xtfxiw LvTW251wAdjtp6Yk3hKWexKmi5dS/mRZ7cMjKpBA=
Message-ID: <54AB056C.2090101@bluepopcorn.net>
Date: Mon, 05 Jan 2015 13:43:08 -0800
From: Jim Fenton <fenton@bluepopcorn.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/dmarc/fRogXZnH2H9IEQyf_UXPx1_KLvE
Subject: [dmarc-ietf] Comments on dmarc-base-09
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jan 2015 21:43:13 -0000

I went back over my -04 comments while looking at -09, and the great
majority have been resolved. There are still a few things that haven't
been adequately addressed, as far as I can tell, nor resolved on-list. 
I haven't thoroughly gone through the -09 draft, and don't think that
would yield much new at this point.

Here are the residual items. Apologies if I'm re-raising something that
has been discussed, but I forgot about. Section numbers have been
corrected for the -09 draft.

Section 3, definition of Report Receiver: "...reports about the messages
claiming to be from a third party." Comparing with the previous
sentence, the third party referred to here seems to be another operator
that is sending reports to the Report Receiver. Suggest substituting,
"...reports about messages relating to another operator."

Section 3.1/3.2, organization nit: It seems a little odd for the
Overview and Authentication Mechanisms to be subsections of the
Terminology and Definitions.

Section 5.3, definition of fo: parameter: I had reported that there
isn't any prohibition on specifying both 0 and 1, and I thought someone
said that was fixed but I can't find it. More generally, I struggle to
find any real utility for a colon-separated list of options here.

Section 5.3, definition of pct: parameter: "However, this MUST NOT be
applied to the DMARC-generated reports, all of which must be sent and
received unhindered." This is strong normative language, but there is no
procedure specified anywhere for how to identify a DMARC-generated
report in order to apply this requirement. Consider the possibility that
bad actors may try to craft messages to look like DMARC reports.

Section 6.1, paragraph 3: "...the following verification steps are to be
taken"  It looks like this was changed in response to my earlier
objection to a SHOULD here, but now we have language that isn't clear.
Suggest "...the following verification steps MUST be taken"

Section 6.3, paragraph 4, "The format for failure reports is defined in
[AFRF]."  This is redundant with the previous paragraph and can be deleted.

Section 6.2.1.1, "The filename is typically constructed..." Again, this
is fuzzy normative language; it sounds like it's trying to say, "The
filename MAY be constructed..."

Section 6.3.1: "Operators implementing this specification also
implement..."  This needs a normative term, SHOULD or MUST. Not sure
which one.  Again, I think the SHOULD requirement on the Subject header
field is likely to trick an implementer into depending on it, and you
can't unless it's a MUST. The information is included in the report anyway.

Not mentioned anywhere: Which SPF modes are considered to be a "pass"
for purposes of DMARC? Presumably +, presumably not -, but it should say
something about ? and ~ if it doesn't already.

-Jim

v2.23.0 | Report a Bug | By Email