IETF Logo Mail Archive

Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations

"Douglas E. Foster" <fosterd@bayviewphysicians.com> Mon, 20 July 2020 12:56 UTC

Return-Path: <btv1==4700ea4663c==fosterd@bayviewphysicians.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C2DB3A08E5 for <dmarc@ietfa.amsl.com>; Mon, 20 Jul 2020 05:56:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bayviewphysicians.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UdUD9ZxU1jpx for <dmarc@ietfa.amsl.com>; Mon, 20 Jul 2020 05:56:01 -0700 (PDT)
Received: from mail.bayviewphysicians.com (mail.bayviewphysicians.com [216.54.111.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EE233A08E1 for <dmarc@ietf.org>; Mon, 20 Jul 2020 05:56:01 -0700 (PDT)
X-ASG-Debug-ID: 1595249759-11fa3107a817080001-K2EkT1
Received: from webmail.bayviewphysicians.com (webmail.bayviewphysicians.com [192.168.1.49]) by mail.bayviewphysicians.com with ESMTP id D22t5WVj6yg1nLoP (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO) for <dmarc@ietf.org>; Mon, 20 Jul 2020 08:55:59 -0400 (EDT)
X-Barracuda-Envelope-From: fosterd@bayviewphysicians.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.1.49
X-SmarterMail-Authenticated-As: fosterd@bayviewphysicians.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bayviewphysicians.com; s=s1025; h=message-id:reply-to:subject:to:from; bh=TrmKY5W4h+FgCDTkpqDGFZYy3ZnK2SM6K0OnYhiLOFI=; b=W2SqBntt1jeUl2eBczrIvgme4/CmrLd/Tb6NCi6tayTw39y6zGwagm7mI2pxuNRCq f83ZpTaJutO0DvqgOvlKUSTIT6tn5rq6P0zibgBSxpEgAKXL7fqjYcVZlT8BX/6b8 NobzCSmIr8oaSzCffzABzVPN/6krE9yy4liUzanFk=
From: "Douglas E. Foster" <fosterd@bayviewphysicians.com>
To: dmarc@ietf.org
Date: Mon, 20 Jul 2020 12:55:50 +0000
X-ASG-Orig-Subj: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
Reply-To: fosterd@bayviewphysicians.com
Message-ID: <3829fac4748a48d0b752403450843bd5@bayviewphysicians.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="3992d382d2644686971b17439cd67822"
In-Reply-To: <87zh7ur069.fsf@orion.amorsen.dk>
References: <bf5b68c74a3c487ca8a07a0a27061e47@com> <87zh7ur069.fsf@orion.amorsen.dk>
X-Exim-Id: 3829fac4748a48d0b752403450843bd5
X-Barracuda-Connect: webmail.bayviewphysicians.com[192.168.1.49]
X-Barracuda-Start-Time: 1595249759
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Barracuda-URL: https://mail.bayviewphysicians.com:443/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at bayviewphysicians.com
X-Barracuda-Scan-Msg-Size: 7106
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=HTML_MESSAGE
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.83331 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 HTML_MESSAGE BODY: HTML included in message
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/fmncvyR8T77evEVQLBRINAQiGw4>
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2020 12:56:06 -0000

The court system is a poor substitute for prior deterrence or attack disruption.   DMARC seems to do both.   

The Internet limits the utility of legal remedies because of the difficulty of attribution, a problem which also DMARC helps to solve.   Litigation is also hampered by jurisdictional boundaries that create little risk of consequences for the perpetrators of crime.

This forum was proposed for upgrading DMARC from informational status to standard status.   Instead, it has become a conspiracy to demolish it.    The MLM problem will only be :"solved" if DMARC is completely abandoned, so that spoofing is once again uninhibited.   Therefore, moving from normal IETF "suggestion" mode to "enforced" mode will be necessary to achieve what MLM proponents want.   It is not what I am advocating; quite the reverse.   I am advocating for MLMs to stop spoofing and make their peace with DMARC.

DF

----------------------------------------
From: Benny Lyne Amorsen <benny+usenet@amorsen.dk>
Sent: 7/20/20 5:44 AM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
"Douglas E. Foster" <fosterd@bayviewphysicians.com> writes:

> Ultimately, this becomes a question of power. Do domain owners have
> the right, with the help of their correspondents, to prohibit spoofing
> (unauthorized use) of their digital identity?

Domain owners are free to use the court system to assert trademark
rights and copyright. They are also free to apply whichever seals of
digital identity that they want, of course.

> Or since they are technically leaseholders, not owners, are their
> rights conditional?

You seem to be laboring under the impression that domain owners have a
right to compel mail recipients to respect a DRM scheme. This is not the
case. You can try to sue Google to force them to reject incoming email
with your domain in the From: field and no valid DKIM (or whatever)
signature, of course, but I have a hard time imagining which right you
would assert to make the suit successful.

> Specificslly, do Internet insiders have the right to declare their
> spoofing control efforts to be based on foolish premises, both
> unnecessary and inconvenient, and therefore not allowed?

No one, certainly not "Internet insiders" of which I am certainly not
one, is stopping you from doing whichever spoofing control efforts you
want on your systems.

Feel free to keep p=reject on your domains. Many mail servers will keep
using that as a signal among many others, rather than as a blanket
reject.

If you want recipient mail servers to change that policy you can either
do it by convincing their administrators or by getting a law passed. So
far you appear to favour the latter approach, with your focus on
"prohibit" "unauthorized use" and "rights". The IETF is not a lawmaking
body, so it appears there are better venues for you.

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

v2.23.0 | Report a Bug | By Email