IETF Logo Mail Archive

Re: [dmarc-ietf] DMARCbis Privacy Considerations was: Re: I-D Action: draft-ietf-dmarc-dmarcbis-17.txt

Scott Kitterman <sklist@kitterman.com> Mon, 29 August 2022 17:54 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70E9FC180A9D for <dmarc@ietfa.amsl.com>; Mon, 29 Aug 2022 10:54:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=P99aMC9q; dkim=pass (2048-bit key) header.d=kitterman.com header.b=jHurFY+9
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VZYD1h6jOVO2 for <dmarc@ietfa.amsl.com>; Mon, 29 Aug 2022 10:54:08 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DAA4C180A97 for <dmarc@ietf.org>; Mon, 29 Aug 2022 10:54:08 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 1F24BF80315 for <dmarc@ietf.org>; Mon, 29 Aug 2022 13:54:06 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1661795645; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=rQlCgpGGJIqzp1PYoe/Ew+JeBEHBE58t3H46/zgml40=; b=P99aMC9qgip1TPG7DRbXpRtVfQ26EnvFaE6CsEpLXokHllGP6hEYwXxo/2c1LSHqlP//c n961ik7J1M4ZvXHAQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1661795645; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=rQlCgpGGJIqzp1PYoe/Ew+JeBEHBE58t3H46/zgml40=; b=jHurFY+9TpdI3eaIcYSfKahPPhxuWZ3DcSTyzNfWtO63+bCntQDn4cxP65Q4VOAzh8hCV Zsd1B1JaQ/cFVxt9cyQrbJR1EWbS1WSxAqSjnpfByoeJWtN87GVCC2BTfjsZMoozQt6pb+e KHrIs2hmZUuI8lUuXT+nIpSHt4Il4WmvHH8E92aDiYpj8WCRtIDz14LyVnbpBHt4T7sZDpC ERBqdN24tcYgiZs2tUqiaPEah+OPFXdgkQ0HcAgk6EKk2x/cho8gOvDVynK2qXKldenBSnO FGl+wQ2kTrNl1UyrE9xEL97KxyXTBVpQY3XHPnV8iku9KkVpSjOrbL+N0N1g==
Received: from zini-1880.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTP id DAF15F80153 for <dmarc@ietf.org>; Mon, 29 Aug 2022 13:54:05 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Mon, 29 Aug 2022 13:54:05 -0400
Message-ID: <332361045.ZmM30qICTS@zini-1880>
In-Reply-To: <7669b554-89b9-c9c5-172f-db97b9bdce3b@tana.it>
References: <166178507559.47631.2900016221052924761@ietfa.amsl.com> <2969398.fzCzL4EFEC@zini-1880> <7669b554-89b9-c9c5-172f-db97b9bdce3b@tana.it>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/kIG0S6DJTG7vyg_pyPvKp18rbOM>
Subject: Re: [dmarc-ietf] DMARCbis Privacy Considerations was: Re: I-D Action: draft-ietf-dmarc-dmarcbis-17.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Aug 2022 17:54:12 -0000

On Monday, August 29, 2022 1:48:57 PM EDT Alessandro Vesely wrote:
> On Mon 29/Aug/2022 18:27:11 +0200 Scott Kitterman wrote:
> > On Monday, August 29, 2022 11:09:50 AM EDT Scott Kitterman wrote:
> >> Also, I am reminded that since this document will obsolete RFC 9091 if
> >> approved, we need to incorporate the Privacy Considerations from that
> >> document instead of referencing them.  I'll prepare a recommend change
> >> for
> >> that.
> > 
> > I looked into this a bit and it turns out to be more complicated than I
> > expected.
> > 
> > Currently DMARCbis has no Privacy Considerations section at all. 
> > Generally, I think this is correct since the DMARC relevant privacy
> > issues are tied to reporting, which is in separate drafts.  I do think
> > though that since we are covering all aspects of DMARC record publishing
> > in DMARCbis, there are a few specifics that should go in the main draft
> > with pointers to the reporting drafts for relevant details.
> > 
> > RFC 9091 Privacy Considerations (which are currently incorporated by
> > reference in DMARCbis) say that for PSDs, feedback MUST be limited to
> > Aggregate Reports.
> > 
> > I think it would be appropriate that DMARCbis have a short Privacy
> > Considerations section which points out that putting an rua or ruf tag in
> > your DMARC record may have privacy implications for organizations with
> > pointers to the reporting drafts for details.  I would include something
> > like if psd=y, MUST NOT also have an ruf= value in DMARCbis.
> 
> I have no opinion on the worthiness of a Privacy Considerations section.
> However, I'd mandate that a report generator MUST NOT send failure reports
> related to subdomains of a PSD (which is approximately expressed in the
> failure reporting draft.)
> 
> Prohibition to publish a ruf= sounds strange.  Would the record become
> invalid in that case?  And then there's the case of PSDs sending mail,
> which may be entitled to receive failure reports as well.
> 
> > The bulk of the RFC 9091 Privacy Considerations text would then go in I-
> > D.ietf-dmarc-aggregate-reporting.  All that would be needed in
> > I-D.ietf-dmarc- aggregate-reporting Privacy Considerations is a
> > relatively simple admonition to not send failure reports for PSDs.
> 
> Aggregate reporting seems to be extraneous to those considerations, no?

RFC 9091 Privacy Considerations spend the bulk of its text discussing 
Aggregate reporting.  Failure reporting is a simple "don't".  I'm not 
proposing inventing anything new beyond what's needed to deal with the 
document split.

I hadn't anticipated anything that would cause records to become invalid.

Scott K

v2.23.0 | Report a Bug | By Email