Re: [dmarc-ietf] DMARCbis Privacy Considerations was: Re: I-D Action: draft-ietf-dmarc-dmarcbis-17.txt
Scott Kitterman <sklist@kitterman.com> Mon, 29 August 2022 17:54 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70E9FC180A9D for <dmarc@ietfa.amsl.com>; Mon, 29 Aug 2022 10:54:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=P99aMC9q; dkim=pass (2048-bit key) header.d=kitterman.com header.b=jHurFY+9
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VZYD1h6jOVO2 for <dmarc@ietfa.amsl.com>; Mon, 29 Aug 2022 10:54:08 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DAA4C180A97 for <dmarc@ietf.org>; Mon, 29 Aug 2022 10:54:08 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 1F24BF80315 for <dmarc@ietf.org>; Mon, 29 Aug 2022 13:54:06 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1661795645; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=rQlCgpGGJIqzp1PYoe/Ew+JeBEHBE58t3H46/zgml40=; b=P99aMC9qgip1TPG7DRbXpRtVfQ26EnvFaE6CsEpLXokHllGP6hEYwXxo/2c1LSHqlP//c n961ik7J1M4ZvXHAQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1661795645; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=rQlCgpGGJIqzp1PYoe/Ew+JeBEHBE58t3H46/zgml40=; b=jHurFY+9TpdI3eaIcYSfKahPPhxuWZ3DcSTyzNfWtO63+bCntQDn4cxP65Q4VOAzh8hCV Zsd1B1JaQ/cFVxt9cyQrbJR1EWbS1WSxAqSjnpfByoeJWtN87GVCC2BTfjsZMoozQt6pb+e KHrIs2hmZUuI8lUuXT+nIpSHt4Il4WmvHH8E92aDiYpj8WCRtIDz14LyVnbpBHt4T7sZDpC ERBqdN24tcYgiZs2tUqiaPEah+OPFXdgkQ0HcAgk6EKk2x/cho8gOvDVynK2qXKldenBSnO FGl+wQ2kTrNl1UyrE9xEL97KxyXTBVpQY3XHPnV8iku9KkVpSjOrbL+N0N1g==
Received: from zini-1880.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTP id DAF15F80153 for <dmarc@ietf.org>; Mon, 29 Aug 2022 13:54:05 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Mon, 29 Aug 2022 13:54:05 -0400
Message-ID: <332361045.ZmM30qICTS@zini-1880>
In-Reply-To: <7669b554-89b9-c9c5-172f-db97b9bdce3b@tana.it>
References: <166178507559.47631.2900016221052924761@ietfa.amsl.com> <2969398.fzCzL4EFEC@zini-1880> <7669b554-89b9-c9c5-172f-db97b9bdce3b@tana.it>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/kIG0S6DJTG7vyg_pyPvKp18rbOM>
Subject: Re: [dmarc-ietf] DMARCbis Privacy Considerations was: Re: I-D Action: draft-ietf-dmarc-dmarcbis-17.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Aug 2022 17:54:12 -0000
On Monday, August 29, 2022 1:48:57 PM EDT Alessandro Vesely wrote: > On Mon 29/Aug/2022 18:27:11 +0200 Scott Kitterman wrote: > > On Monday, August 29, 2022 11:09:50 AM EDT Scott Kitterman wrote: > >> Also, I am reminded that since this document will obsolete RFC 9091 if > >> approved, we need to incorporate the Privacy Considerations from that > >> document instead of referencing them. I'll prepare a recommend change > >> for > >> that. > > > > I looked into this a bit and it turns out to be more complicated than I > > expected. > > > > Currently DMARCbis has no Privacy Considerations section at all. > > Generally, I think this is correct since the DMARC relevant privacy > > issues are tied to reporting, which is in separate drafts. I do think > > though that since we are covering all aspects of DMARC record publishing > > in DMARCbis, there are a few specifics that should go in the main draft > > with pointers to the reporting drafts for relevant details. > > > > RFC 9091 Privacy Considerations (which are currently incorporated by > > reference in DMARCbis) say that for PSDs, feedback MUST be limited to > > Aggregate Reports. > > > > I think it would be appropriate that DMARCbis have a short Privacy > > Considerations section which points out that putting an rua or ruf tag in > > your DMARC record may have privacy implications for organizations with > > pointers to the reporting drafts for details. I would include something > > like if psd=y, MUST NOT also have an ruf= value in DMARCbis. > > I have no opinion on the worthiness of a Privacy Considerations section. > However, I'd mandate that a report generator MUST NOT send failure reports > related to subdomains of a PSD (which is approximately expressed in the > failure reporting draft.) > > Prohibition to publish a ruf= sounds strange. Would the record become > invalid in that case? And then there's the case of PSDs sending mail, > which may be entitled to receive failure reports as well. > > > The bulk of the RFC 9091 Privacy Considerations text would then go in I- > > D.ietf-dmarc-aggregate-reporting. All that would be needed in > > I-D.ietf-dmarc- aggregate-reporting Privacy Considerations is a > > relatively simple admonition to not send failure reports for PSDs. > > Aggregate reporting seems to be extraneous to those considerations, no? RFC 9091 Privacy Considerations spend the bulk of its text discussing Aggregate reporting. Failure reporting is a simple "don't". I'm not proposing inventing anything new beyond what's needed to deal with the document split. I hadn't anticipated anything that would cause records to become invalid. Scott K
- [dmarc-ietf] I-D Action: draft-ietf-dmarc-dmarcbi… internet-drafts
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… Todd Herr
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… Scott Kitterman
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… Todd Herr
- [dmarc-ietf] DMARCbis Privacy Considerations was:… Scott Kitterman
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Alessandro Vesely
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Scott Kitterman
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… John Levine
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… John R. Levine
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… Scott Kitterman
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… John R. Levine
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… Todd Herr
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dma… Scott Kitterman
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Scott Kitterman
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Alessandro Vesely
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … John Levine
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Barry Leiba
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … John R Levine
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Scott Kitterman
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Tim Wicinski
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Alessandro Vesely
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … John R. Levine
- Re: [dmarc-ietf] DMARCbis Privacy Considerations … Douglas Foster