Re: [dmarc-ietf] reporting documents, Ticket #55 - Clarify legal and privacy implications of failure reports
Hector Santos <hsantos@isdg.net> Mon, 28 December 2020 19:31 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 288D93A0D73 for <dmarc@ietfa.amsl.com>; Mon, 28 Dec 2020 11:31:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b=fTZAHNLS; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b=0Gi/8sez
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v4t22sltGfdh for <dmarc@ietfa.amsl.com>; Mon, 28 Dec 2020 11:31:40 -0800 (PST)
Received: from mail.winserver.com (mail.winserver.com [76.245.57.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 915193A0E17 for <dmarc@ietf.org>; Mon, 28 Dec 2020 11:31:36 -0800 (PST)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3004; t=1609183889; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:Message-ID:Date:From: Organization:To:Subject:List-ID; bh=jaK365znsmAIQfyORR63JRF7UhN2 upq9FPgPRwjMcw0=; b=fTZAHNLSjogJy2qw8jTNy1kSfnTd7UAm5Z+Ph3sofMOP DOKNQy4HNMII+bd0wuX9cUosbjikkzmm62fCPlZNNYdWfBkHwqan7DRSWZHDv8wO DLnw4gJauviSzH5INO6rkHFuKrZhg0V+gqtC5KxPCAkKu/L6wwql2tmLdHasypY=
Received: by mail.winserver.com (Wildcat! SMTP Router v8.0.454.10) for dmarc@ietf.org; Mon, 28 Dec 2020 14:31:29 -0500
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; dmarc=pass policy=reject author.d=isdg.net signer.d=beta.winserver.com (atps signer);
Received: from beta.winserver.com ([76.245.57.74]) by mail.winserver.com (Wildcat! SMTP v8.0.454.10) with ESMTP id 2623954229.16935.3272; Mon, 28 Dec 2020 14:31:28 -0500
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3004; t=1609183519; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=jaK365z nsmAIQfyORR63JRF7UhN2upq9FPgPRwjMcw0=; b=0Gi/8sezFmqf8O6twzViOxg RX2elTlTUeVT79ccLIKSom4l7vniAc8uguC+23Lw4xwKu0onQ8dBoUEQKvv7KpEQ GN+po+HOMjN5tkeWljAsRh0RlgceLlVAGsC+hQ1yMv2jyoSuJ+loNfXQ4o01+1fG x6WqRv1fL6L8kaa445Qk=
Received: by beta.winserver.com (Wildcat! SMTP Router v8.0.454.10) for dmarc@ietf.org; Mon, 28 Dec 2020 14:25:19 -0500
Received: from [192.168.1.68] ([75.26.216.248]) by beta.winserver.com (Wildcat! SMTP v8.0.454.10) with ESMTP id 2490824220.1.17296; Mon, 28 Dec 2020 14:25:19 -0500
Message-ID: <5FEA328F.9010701@isdg.net>
Date: Mon, 28 Dec 2020 14:31:27 -0500
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: dmarc@ietf.org
References: <20201218023900.E73B82ACBB2B@ary.qy> <CAJ4XoYdXWTgADpdL1eJuYGnpSY038vj-FW_x1f2rEp1JL0r2oA@mail.gmail.com> <01RTICXKLL3E0085YQ@mauve.mrochek.com> <c5f7413e-52c1-6710-16e5-63f59d2c24b9@taugh.com> <CAL0qLwYDeV9CmFg9qCCGPse00JV30WRiSC4orC-EitK=hiahgA@mail.gmail.com> <a79dd75-4d73-d1dc-d6b1-272de866b950@taugh.com> <CAL0qLwZXu3FxH7QGBS7PGbeDwfDTGmC=rbPEQidVV4eDJNHLUA@mail.gmail.com> <CAJ4XoYeK2cJb+easc=mqCi4ap1932LmbDdfxM1dFZKrdo2a2mw@mail.gmail.com> <acfe3d9e-97eb-50ee-26a2-568fdd8359dd@taugh.com> <CADyWQ+GJ62jt=dL9Gzuw_O7USNbS=86BqAzu8Rdv9sCb5OpCdw@mail.gmail.com> <d4a00be5-bd61-0c05-3431-8d56b39a3550@tana.it> <8813331f-f5e4-faa5-c6d-11212fc25797@taugh.com> <5d150251-427c-5c44-a0c3-ad2e7f24b692@tana.it> <01RTP8I70EYI004QVR@mauve.mrochek.com> <6a4a11ea-fae2-81f5-ce5f-fbd4bc1d41e2@taugh.com> <CADyWQ+GrxxVBBGSViap-Hmjty+jq69ak51hY2fUOn1jryUHCHw@mail.gmail.com> <CAOZAAfOuYft5f7JjXi57chBzJwPu1nWb_XUP5iPJPxu5gu2Zgg@mail.gmail.com> <22d97bde-22c3-ef30-c93a-ec89951ab5be@mtcc.com>
In-Reply-To: <22d97bde-22c3-ef30-c93a-ec89951ab5be@mtcc.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/kq4BZZnkPWrjUNGkueFeEO4e3AM>
Subject: Re: [dmarc-ietf] reporting documents, Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Dec 2020 19:31:48 -0000
On 12/28/2020 1:17 PM, Michael Thomas wrote: > > On 12/28/20 10:05 AM, Seth Blank wrote: >> We agreed to split aggregate and failure reporting into different >> documents, and this split was discussed on the list several times, >> as well as at IETF 108. >> >> The intention was to split apart the key components that >> realistically get updated in different manners / at different cadences. >> >> Aggregate reports and failure reports get used in wholly different >> manners, have fundamentally different use cases, are implemented in >> wildly different ways, and have completely different privacy and >> security considerations. Hence, we agreed they should be split into >> separate documents, so each can be concise, to the point, and >> independently updated. >> > > Does that mean all of the reporting? So that DMARC is really ADSP-bis? When Seymour Cray was asked by his engineers building the Cray super computer, what primary language should they use for the new concept of Vectorization computing, Seymour responded; "I don't care what language we use ... just call it FORTRAN!" It's marketing now, folks. It was what academia was teaching and industry engineers were using at the time. Lets just get the DKIM-POLICY model done and call it DMARC. I really don't care because the basic fundamental concept has been established and to me, that is the most significant gain we have here - the DKIM-POLICY DNS LOOKUP concept has traction. Yes, functionally, they were all the same, SSP, ADSP, DSAP and DMARC, from the basic LMAP "Lightweight Mail Authorization Protocol" concept of using an author domain for a DKIM-POLICY DNS lookup model. DMARC is the latest with a different syntax language that has gained traction. I support DMARC for that only reason -- its about TIME!! I rather we define the protocol DKIM-POLICY Model because we already have a DKIM-TRUST model in the standard. Nonetheless, now we can piggy-back off the _dmarc.example.com DNS lookup rather than _adsp._domainkey.example.com. All the same concept, therefore all the same problems. Lets get DMARC done as a basic-lookup protocol and begin adding more to it related to 3rd party authorization protocols which can piggy-back of the DNS call. Reporting should of always been a separate consideration. PS: Consider how many DNS lookups an all-things SMTP receiver does for port 25, non-authenticated/Authorized connections. For wcSMTP: At connection: IP Geo Location Filter IP DNS RBL At SMTP before DATA Maybe EHLO domain DNS matching check Maybe EHLO domain SPF check Maybe MAIL FROM SPF check Maybe MAIL FROM Call Back Verifier (MX) At SMTP DATA if it gets this far: Maybe DKIM check Maybe ADSP 5322.From check Maybe DMARC 5322.From check Maybe ATPS 5322.From check Maybe VBR 5322.From check Overall, there are a lot of calls today per SMTP session. -- Hector Santos, https://secure.santronics.com https://twitter.com/hectorsantos
- [dmarc-ietf] Ticket #55 - Clarify legal and priva… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Seth Blank
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Kurt Andersen (b)
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Kurt Andersen (b)
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Tim Wicinski
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Todd Herr
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Todd Herr
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Tim Wicinski
- Re: [dmarc-ietf] reporting documents, Ticket #55 … John R Levine
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Tim Wicinski
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Seth Blank
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Michael Thomas
- Re: [dmarc-ietf] reporting documents, Ticket #55 … John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Hector Santos
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] reporting documents, Ticket #55 … ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Todd Herr
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Jim Fenton
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Laura Atkins
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Laura Atkins
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Jim Fenton
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Paypal security confirm your password now
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Kurt Andersen (b)
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Jim Fenton
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Header Rewriting Laura Atkins
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Header Rewriting Laura Atkins
- Re: [dmarc-ietf] Header Rewriting Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Header Rewriting Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Header Rewriting Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Header Rewriting Laura Atkins
- Re: [dmarc-ietf] Header Rewriting Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Header Rewriting John Levine
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Header Rewriting Alessandro Vesely
- Re: [dmarc-ietf] Header Rewriting John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker