Re: [dmarc-ietf] WGLC contentious topics (I'm in the rough and I know it) in draft-ietf-dmarc-dmarcbis-30
John Levine <johnl@taugh.com> Mon, 01 April 2024 20:26 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBF2BC151064 for <dmarc@ietfa.amsl.com>; Mon, 1 Apr 2024 13:26:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="WPxsdM2K"; dkim=pass (2048-bit key) header.d=taugh.com header.b="ihYK3dAz"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hw7Ev2qTI6Vv for <dmarc@ietfa.amsl.com>; Mon, 1 Apr 2024 13:26:30 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FA54C169436 for <dmarc@ietf.org>; Mon, 1 Apr 2024 13:25:25 -0700 (PDT)
Received: (qmail 27067 invoked from network); 1 Apr 2024 20:25:23 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=69b9660b1833.k2404; bh=68SKOQCZX2t0uJ4+BeOpIwrQDwLvzLif1vNX3bJUk3Y=; b=WPxsdM2K2ng4D2VUT8Cpvddfv8ZSW+7C2cIXa9G78cniA2SQC3VRY0SIAWpvul7kbRpQeKUSb7cKtjLiuaOah7/BI4UAuDmXG6ldEAfpAum+i+Yh4lsh1E0FOGR4vm3Q6jDzgr9nsl/KroW+v0g7fAauvrlXI/dutWvCm5ZHMY+Ejk/bR0kDjjVNpBZSDItcoex9S78q6x0IoWdUBWbdLHxS+qDE3JN5L7+aW657BRvhwwtd5uuZbGO5aBVTrfdDTYq0DnBXv/E+zbIjhN3T4n5MZaEi7evpg38EHTX5X/H6GIga+F0VE7wSvRrWze/rVJjKIuqIjJj5HorBsQNKig==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=69b9660b1833.k2404; bh=68SKOQCZX2t0uJ4+BeOpIwrQDwLvzLif1vNX3bJUk3Y=; b=ihYK3dAza4Svwgm1tWipE49bhUd2MqG0MRx50hh5/MwdugA8N+7VtpP6r4cZs9DgOI1DEvX4rtGf01+Y8xK5aTLFqsPb7ya07zAYlzy0h7D4HwSHbg43DB2BlB/oZXbnh9NZsqhHs8gqjKb0/B02EF/Oy3Et3+kwemdYZxSJt6qYMcwQyxTxCPs6TGiCr4QGs4g85vjtiP2YqeBiYfNhhO8WJTQYP12R23mBOlHrB9g53avufzx07k+wAnlYhmjOo4Ya5Uj1ZHqYwkEJyQpqS28QRmFXjPrQJ7dV/vwz/DIr4OiKbo5YoS514mqsbQdlCKIPoI0CRv8YRJl+h408Lw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 01 Apr 2024 20:25:23 -0000
Received: by ary.qy (Postfix, from userid 501) id 94C5F86A5A67; Mon, 1 Apr 2024 16:25:22 -0400 (EDT)
Date: Mon, 01 Apr 2024 16:25:22 -0400
Message-Id: <20240401202522.94C5F86A5A67@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: seth@valimail.com
In-Reply-To: <CAOZAAfPmjD--xBzLbwtD5uzr_gubKDYz7sHiPufML1JbYU8x4Q@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/jg12YRzzXMljrRb5DeM2Hdtk44E>
Subject: Re: [dmarc-ietf] WGLC contentious topics (I'm in the rough and I know it) in draft-ietf-dmarc-dmarcbis-30
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2024 20:26:34 -0000
It appears that Seth Blank <seth@valimail.com> said: >More accurate language that alleviates the concern would be "It is >therefore critical that domains that host users who wish for their messages >to be modified and spoofed by downstream intermediaries, such as alumni >forwarders or mailing lists, SHOULD NOT publish p=reject. Such spoofed >messages may still be rejected, regardless of a domain owner's published >DMARC policy." There is nothing "spoofed" when a mailing list adds a subject tag. This sort of misuse of languge just makes us look silly. Sure, say it breaks the DKIM signature and makes DMARC fail, but that's because of a fundamental design problem with DMARC, not because anyone's spoofing anything. >OLD: Given the above, to ensure maximum usefulness for DMARC across the >email ecosystem, Mail Receivers SHOULD generate and send aggregate reports >with a frequency of at least once every 24 hours. > >NEW: In order for domain owners to properly collect and analyze reports >(section 5.5.5) in order to authenticate their mail and publish a policy if >they wish (section 5.5.6), mail receivers need to supply those reports. To >ensure maximum usefulness for DMARC across the email ecosystem, >understanding that some receivers may find this an undue burden, Mail >Receivers SHOULD generate and send aggregate reports with a frequency of at >least once every 24 hours. I don't see that the extra words add anything useful. SHOULD already means do it unless you have a good reason to do something else. If people aren't already inclined to send reports I don't think that trying to make them feel sorry for the senders will change their minds. >3. 4.4. Identifier Alignment Explained > >If we ever open alignment again for a future document, I hope we do away >with strict alignment. It would also simplify the document and the examples >greatly. Agreed, but that horse ain't in the barn. Strict DKIM canonicalization is equally useless, but same thing. >OLD: The choice of relaxed or strict alignment is left to the Domain Owner >and is expressed in the domain's DMARC policy record. > >NEW: The choice of relaxed or strict alignment is left to the Domain Owner >and is expressed in the domain's DMARC policy record. In practice, nearly >all domain owners have found relaxed alignment sufficient to meet their >needs. That seems OK. R's, John
- [dmarc-ietf] WGLC contentious topics (I'm in the … Seth Blank
- [dmarc-ietf] WGLC contentious topics (I'm in the … Tero Kivinen
- Re: [dmarc-ietf] WGLC contentious topics (I'm in … Baptiste Carvello
- Re: [dmarc-ietf] WGLC contentious topics (I'm in … Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC contentious topics (I'm in … John Levine