Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
Hector Santos <hsantos@isdg.net> Sat, 19 August 2017 15:22 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3595132926 for <dmarc@ietfa.amsl.com>; Sat, 19 Aug 2017 08:22:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b=Fy/1k7zL; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b=qd4DRpGu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15a6H4p-cyBb for <dmarc@ietfa.amsl.com>; Sat, 19 Aug 2017 08:22:21 -0700 (PDT)
Received: from mail.santronics.com (pop3.winserver.com [76.245.57.69]) by ietfa.amsl.com (Postfix) with ESMTP id F0D511323C9 for <dmarc@ietf.org>; Sat, 19 Aug 2017 08:22:20 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=3179; t=1503156136; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:Message-ID:Date:From: Organization:To:Subject:List-ID; bh=DAV9d1kRd/mjnVhImEjhEJMOllQ=; b=Fy/1k7zLrgADzVI3kt1uOp6Ma4+NMO00wAMEDCoMycnrwPhxpJ+J0hcpBetGRv VjAdRBx2fJXwLJ7WJFWv+jvI8H5a0f6fLFhJFfly3/ioxXDOJF44tQ7yb3lh+XZh HerAE1W42puTXxunLHBY7MUb/rmZxsujesRHezTzOortk=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.6) for dmarc@ietf.org; Sat, 19 Aug 2017 11:22:16 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from beta.winserver.com ([76.245.57.74]) by winserver.com (Wildcat! SMTP v7.0.454.6) with ESMTP id 3219989812.1.3528; Sat, 19 Aug 2017 11:22:16 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3179; t=1503156095; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=h5I66ML CRSEyACXjNJjbN1CPyUnNRdL34V0c2T7Wt5k=; b=qd4DRpGuVptVSWndPdoGkoL nGeHcHhy0TlANcp3bxwSJgHRKn3/N/eBgmGolOa0T8AYKz8Y5VwV8lw9VKy/ULBX TKUVJHIcKQmFUsK/KA3xLzmw1ue0tEdicd2HmCeFQbfW60I8F6Fp5O9WXNDCCUt5 6rUTmknERXwrY2y9wu4o=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.6) for dmarc@ietf.org; Sat, 19 Aug 2017 11:21:35 -0400
Received: from [192.168.1.68] ([99.121.5.8]) by beta.winserver.com (Wildcat! SMTP v7.0.454.6) with ESMTP id 103975687.9.5512; Sat, 19 Aug 2017 11:21:34 -0400
Message-ID: <599857AE.2090708@isdg.net>
Date: Sat, 19 Aug 2017 11:22:22 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: Bron Gondwana <brong@fastmailteam.com>, dmarc@ietf.org
References: <1502083287.2191248.1065195288.7CDC7FF3@webmail.messagingengine.com> <CABuGu1oTMbuLd4yTwecu5sKFnsmH+HiwT1FG=JpySYHzpMTx_w@mail.gmail.com> <1502200759.3946686.1066841264.607B4D0B@webmail.messagingengine.com> <2720431.u3G7bbkkxK@kitterma-e6430> <1502317564.1935379.1068588344.040173AF@webmail.messagingengine.com> <a08c7590-ded3-1642-4ffc-07848b3c6cd2@gmail.com> <e14f2130-6f00-4ef1-485b-850a4cc1c48c@gmail.com> <1502495646.4099176.1070896040.2B09B1F8@webmail.messagingengine.com> <166070f0-4ba1-70da-1f73-885b4a7f7640@gmail.com> <1502497178.4103451.1070917304.23DD466D@webmail.messagingengine.com> <598F9484.7020700@isdg.net> <CABuGu1p=oLfLRkuoaDHoz3Cv3_FrURdsFPzkac7jNzBpqBmiSg@mail.gmail.com> <599484FB.9050908@isdg.net> <1502929303.4038704.1075868960.5D80A788@webmail.messagingengine.com> <5997DBA6.3080701@isdg.net> <1503128933.2760522.1078309768.4D8C11C9@webmail.messagingengine.com>
In-Reply-To: <1503128933.2760522.1078309768.4D8C11C9@webmail.messagingengine.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/hycyo7SMUML-yC3iudCtl9qWp0Q>
Subject: Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Aug 2017 15:22:24 -0000
On 8/19/2017 3:48 AM, Bron Gondwana wrote: > For what it's worth, the ONLY one of these which my "fake Brandon" > email would have failed to validate for is p=reject, arc=none. A > chain of valid ARC seals is so easy to fraudulently create that it's > not funny. > > Everything other than arc=all there is totally pointless - if you can > intercept and modify email, you can easily add ARC headers that > maintain a complete chain is seals. > > Now arc=site2.com,site3.com,site4.com - that's valuable. I agree. That is what the ATPS (Authorized Third Party Signature) and the ASL (Authorized Sender List) proposals was all about. https://tools.ietf.org/html/rfc6541 Check out this wizard that helps generate the appropriate ATPS records and/or ASL extended DMARC tags: http://www.winserver.com/public/wcdmarc/default.wct But many feel it doesn't scale. We also called it a "registration" problem, i.e. how to get that authorized list, etc. What has been going since then is to develop a method to inherently pass this information via the headers. Thats been hard to understand since we are already making a DMARC DNS lookup that perpetuates all this. We are just not getting enough information to properly work with it. > You could > say "only allow ARC through the following intermediate domains" - and > then you could add those to your allowed list for your domain as you > got reports of validation failures and user requests. Over time a > domain would build a list of mail flows that its users used. You > could even use a different selector for each sending user, and publish > a different policy for that selector, so each user got their own > allowed mail flows! > > But anything that's based on count/position of seals in the chain, > that has no value. I fully concur with the "level of "experimentations" that would give all parties, a payoff they can realize and the capability to design a logical integrated system and negotiate3ed protocol without kludges and also apply some "Deep Learning" to help with the indeterminate conditions. We have determinate conditions with the strong policies. These MUST be honored or nothing works. This is the DKIM POLICY LAYER MODEL. The indeterminate conditions are the relaxed policies leaving it up to the receiver to explore algorithms. This is the DKIM TRUST/REPUTATION LAYER MODEL. The DKIM standard purposely removed the Policy Layer with the hope the trust layer would prevail. Many folks did not like this decision. It was extremely rough and we didn't have other developers, such as yourself around. But as expected, it didn't happen and the problems we are seeing is due to that separation. That said, I still expect it to happen because Policy gives us the first level automation (thanks to DMARC), and Trust/Reputation is the 2nd level to help with the fuzzy conditions. This is where it will be a vendor-based added value component to DKIM, as it was designed to be and should be. But as it was always stated, not everyone is going to use the same "Trust/Reputation" databases. I called that the "Batteries Required" dilemma. -- HLS
- [dmarc-ietf] ARC-Seal is meaningless security the… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Tim Draegen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… John Levine
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Scott Kitterman
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… MH Michael Hammer (5304)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… mhammer@americangreetings.com
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos