IETF Logo Mail Archive

Re: [dmarc-ietf] third party authorization, not, was non-mailing list

John R Levine <johnl@taugh.com> Tue, 25 August 2020 16:22 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 476FF3A104A for <dmarc@ietfa.amsl.com>; Tue, 25 Aug 2020 09:22:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=Khc1SuEc; dkim=pass (2048-bit key) header.d=taugh.com header.b=r8dSNmWy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8admwgOs7Z3V for <dmarc@ietfa.amsl.com>; Tue, 25 Aug 2020 09:22:21 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 858B73A10EC for <dmarc@ietf.org>; Tue, 25 Aug 2020 09:22:21 -0700 (PDT)
Received: (qmail 27262 invoked from network); 25 Aug 2020 16:22:19 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=6a7c.5f453abb.k2008; i=johnl-iecc.com@submit.iecc.com; bh=YVip5WC2QkRraufMC4CqX0mWw1BbBNTtmmqCWI9UW0k=; b=Khc1SuEcccJKdaW9EvbIW0drdFVPkVzBBM+l5eciNb5wvLHJnOI5hZEc/xO8vib/rKqQp7jr4OFOlXyGp87js21yfpFVc1IW1rWZBn19B85YHc69zjRIe1sLAsaV6UWnaGhY7m155tWTXVOa9Qibv7ug287tXAaQEB0iYKFWyYzh4jSN0DcFkdSvaiKIoBXfQj0lGcCcm7Oa5bU8w6vX0NZt3gKpYNJzTtFkia0vDO5b3eefCRnqv/3szlXdkpTqJC2ARXLHC68NSn8OZ3d82Mjm5eZ+Z3jKzBvz5UwGiEsKWrz4zf5VcAd/Qctis9mkx2zzwhncOQOqndrXB+vW2w==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=6a7c.5f453abb.k2008; olt=johnl-iecc.com@submit.iecc.com; bh=YVip5WC2QkRraufMC4CqX0mWw1BbBNTtmmqCWI9UW0k=; b=r8dSNmWy9ZVc3QphWVpuWPtNcvn/yv3zUhU39Te9zOx852JMdjr5apIbdvzMT+3IlOtK9nhZQEeEZguLgbiu6dDu7x+J4c2mxTb3+GaIGfpwomNM2IfVR6wnYYBbcW4x0zLCauVrYWIJbMZfKRkxRUskjaz8p7S+s3Euyr1gcnEykQsjt+OELQ/+tluejmkeJEMlnUfKcJIPgu0Qh/iD6LY9AiwYMyF6ZD1r2sxb8WUNfOWC7prm6L+sL8XBHqv+WnmZXvWpfJFuPDMg9C5mO3LHotMQ4HfF7OMWsmvyHr+peesZEP2DSFNo2feb1SsAyAHEd7hyRC4iuaU0sz+aHQ==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 25 Aug 2020 16:22:19 -0000
Date: Tue, 25 Aug 2020 12:22:19 -0400
Message-ID: <1fe7a47f-4ebc-7621-2c1-e4803473e8d7@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Dotzero <dotzero@gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
In-Reply-To: <CAJ4XoYc1vutV61E-66DHWcdOxHmCUWiC0HC0AmiRYUcMxLgcCQ@mail.gmail.com>
References: <20200824172403.A927C1F14BF5@ary.qy> <5fe7d5c2-7330-c9fb-2856-e7dfc2175c82@tana.it> <CAJ4XoYc1vutV61E-66DHWcdOxHmCUWiC0HC0AmiRYUcMxLgcCQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/mnqlda_JfP5WwnDF1GEuChgqWsE>
Subject: Re: [dmarc-ietf] third party authorization, not, was non-mailing list
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2020 16:22:23 -0000

On Tue, 25 Aug 2020, Dotzero wrote:
>> https://tools.ietf.org/html/draft-levine-dkim-conditional-00?

> Under my concept, all mail would still be signed in full. The weak
> signature would be in addition to the full signature and the intermediary
> would be expected to sign in full as well. If the original full signature
> is broken you are left with the original "weak signature" which authorizes
> the intermediary and the full signature of the intermediary.

Take another look at my old draft.  Sounds like exactly the same plan.

> I would expect there to be multiple potential approaches to identifying
> acceptable intermediaries.

The harder part is to decide which intermediary gets to re-sign which 
message at the time you apply the weak signature.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email