IETF Logo Mail Archive

Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggregate-reporting-08.txt

"Murray S. Kucherawy" <superuser@gmail.com> Wed, 29 March 2023 01:00 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 127B4C1524AA for <dmarc@ietfa.amsl.com>; Tue, 28 Mar 2023 18:00:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ns8vuDuJ5LGE for <dmarc@ietfa.amsl.com>; Tue, 28 Mar 2023 18:00:44 -0700 (PDT)
Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B1E7C15171B for <dmarc@ietf.org>; Tue, 28 Mar 2023 18:00:44 -0700 (PDT)
Received: by mail-ed1-x52c.google.com with SMTP id y4so57009025edo.2 for <dmarc@ietf.org>; Tue, 28 Mar 2023 18:00:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1680051642; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=S5KHk9FcLWuUxIRb2kKTXzsvW0YhrBAqaHgTrUc7QO4=; b=OeNkwLnNDI13F7vySpUznZqvD/A+HNR5G4oHKV94lFWZ81LIipcuJZ+RLWVx/2BSDS 0Q2SPb9ttmUkxuSYmjrzUQO1GKtzYpp0+Ry+NycaKTiJgPM5xjvDGgwMs9igCS/XVw/g ZLnxm2nVPWdki/RKm2iETFxTcVZCEiJ+qQCn0VOw07abLDeIB5CFGIVO7nMQxlkq9WvS Py/fbeDOzg5eJixq1ZYwHJBkkM4nt9iNYeINct6IponT083Deodc0AD9M2Mc2A7sEt6A qqABGNBtCisJMknJ+VbzR47csIERFlcT3EjAF6ABn4cSGLQBEUR3UQGRyNz6JQ73vA/h iTfA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680051642; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=S5KHk9FcLWuUxIRb2kKTXzsvW0YhrBAqaHgTrUc7QO4=; b=5k2dXhQg3gnToPnhXeki1rNklIDd8VGF6SEdRBTpxRjZ+r3vDUr5EYup5J1Arrm+/7 f1sOOfTY2Jzmlps+eUIbeFBmNFJ1OiUrg0wEOWWm+6HYNUCRcmStXWz2mMw5PvFPzEKj sUQ7Ly1e00XcgA8gurys33bIF8pijyBEnOw6Q09Fq80Q5u4NA2ySjuGC/BUuNlg4NT45 ljS6peAvyTT9nO6yNqLb/EuvPKrYXWome6gsk2VGRQ2lBgT51xNUQKcO/MlEJbAvCXMl Doo4jHr2L14KROpEGaE32757oOjtOQw+zGbuqhpLMfugcKEHMB1ca8tPhuMfV4rZR7Gf X+QQ==
X-Gm-Message-State: AAQBX9dKY0WUVOi9w+1yIl9BYYDq/r9ImWNfvw3cJulXTL3625957Ww1 Mev5FFZDrokm02rYNdgj8A6L9YpvjjcOwi/QUeFL6Gjg6IhMLw==
X-Google-Smtp-Source: AKy350bCCtdqNgEoR3ebhEwLv0WNjFoutuK4cKQIjQgOFSQGtg9tRrtGyepPKCbXstM4nY/gV/S/YzA8Tlp8FkygS50=
X-Received: by 2002:a17:906:7051:b0:8db:b5c1:7203 with SMTP id r17-20020a170906705100b008dbb5c17203mr8795591ejj.11.1680051641845; Tue, 28 Mar 2023 18:00:41 -0700 (PDT)
MIME-Version: 1.0
References: <167993454302.11169.10772353959635417283@ietfa.amsl.com> <4313263.H7jo6l85BW@localhost> <MN2PR11MB4351233B049BF8B25F96032CF7889@MN2PR11MB4351.namprd11.prod.outlook.com> <2955537.Jt38lxfCpQ@localhost> <7C42479A-32FE-4145-B654-F8A46801AE0C@proofpoint.com>
In-Reply-To: <7C42479A-32FE-4145-B654-F8A46801AE0C@proofpoint.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Wed, 29 Mar 2023 10:00:29 +0900
Message-ID: <CAL0qLwbY6FBT-e+WXtT+NYD5979_rtD5WZPgiH57jXAkEUFXng@mail.gmail.com>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000510d4705f7ff81ff"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/qBuoRYyx1c-1Cm1fUw29FgFdZYs>
Subject: Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggregate-reporting-08.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 01:00:45 -0000

On Wed, Mar 29, 2023 at 5:30 AM Trent Adams <tadams=
40proofpoint.com@dmarc.ietf.org> wrote:

>  Regardless of the outcome of that analysis, though, it does seem
> reasonable to ask the reporter to include a tag indicating the method they
> employed to discover the policy.  They will know which method they use,
> it's reasonable to request they include it, and it'll significantly improve
> the utility of the reports.  Further... while trouble-shooting
> authentication problems, it's useful to compare reports from multiple
> sources, and when doing so it'll be necessary to distinguish between
> discovery methods.
>
>
>
> In short, I am strongly in favor of including a tag within the RUA that
> indicates which discovery mechanism was employed.  For all the reasons
> previously discussed, it may not be wise to key off of a version, but we
> could use some indicator of discovery.
>

I'm still noodling on this, but my current view is that this seems like a
reasonable thing to allow for in the specification and it might be
something we even want to encourage, though we ought not make it
mandatory.  If it turns out that implementation X doing a tree walk has a
vulnerability, or that the tree walk itself is vulnerable somehow, I might
not want to announce that I'm subject to attack.

-MSK, participating

v2.23.0 | Report a Bug | By Email