Re: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy
Vladimir Dubrovin <dubrovin@corp.mail.ru> Sat, 26 January 2019 13:26 UTC
Return-Path: <dubrovin@corp.mail.ru>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 120A81311BC for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 05:26:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.842
X-Spam-Level:
X-Spam-Status: No, score=-2.842 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=corp.mail.ru
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6TopjDwpQey6 for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 05:26:24 -0800 (PST)
Received: from smtp53.i.mail.ru (smtp53.i.mail.ru [94.100.177.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD9E51311BB for <dmarc@ietf.org>; Sat, 26 Jan 2019 05:26:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=corp.mail.ru; s=mail; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject; bh=gbMyTpz8rA1fRUr/Ohs58SwMkc3Skw6fHL566X/8b3Q=; b=AQHqFlt8Oqil5T6KrUj8sEXlEL1wH+5b6MMos7aVpUAvwXahM8Ind8yuC8S3A4jFNZ8++Uihs2oUprumXI8d+17ICrcv3lFccJbuR3BnyOwGQMyHWCSwJ60ewMgWnTQz7zwd7/p5+aCjeGPqEgzhelKeuMYCKpGEIa+dEYg0gJI=;
Received: by smtp53.i.mail.ru with esmtpa (envelope-from <dubrovin@corp.mail.ru>) id 1gnNyW-0002Bp-Hj; Sat, 26 Jan 2019 16:26:21 +0300
To: Дилян Палаузов <dilyan.palauzov@aegee.org>, dmarc@ietf.org
References: <40a9f309a70254b799f8bc3e42cbec2f5cf9dd7b.camel@aegee.org>
From: Vladimir Dubrovin <dubrovin@corp.mail.ru>
Openpgp: preference=signencrypt
Autocrypt: addr=dubrovin@corp.mail.ru; prefer-encrypt=mutual; keydata= mQINBFkuo0YBEADhYgaiCbZjws9eRBKJAYMIeuo9x6cArdmG5lcDgyVrtIPz/7MGL/HJua0v xKJtfhk77fb2YKcJvIdCf6HMoJfU412Y/5Bjq7eLmXTBsf7KmpQ9Z6auYujrzLCEb6gHC4gp gauesj6+igIyd8YULbbbCieIht7FVEIQv1Hn6F3eIok6wC3UJi2gEUiRbN4p5fw1RI5IB8yJ /4iFTtZi2iKUvSxZt/6eMAGNYm+OrFFGSfCP6l3uD93ZO3M9x8TluMXXrUQM6J190LOUUeh7 jGklgyUxrJXi44pRLFMbirrBcCQwEcY/lpUb1tvq2Ohb9nhBFBWLoJ1Kplxpi9ueXAsNJ7zw K1R15EElpIYQEmXM7t3dvC+zRIwZOiYTEI+cTqi3+fe/89lVQB15R43lrALl3+GEOj2F9/HP eCJtTzn+ie8+p0lSIWhNb2ozRPaKv1vxEGqkA+1wcgF2EOh3melRKGnf5VKJ4ZL5LZi+55nV NV/MiHv6WuA6QEB08qxgkF1vmpy3olQmpxzRHGnLcKClAnkfgn3Gp4Kkf/cKZ/jmgycf3QiZ OX9pJmChkp7florVmb31gXnZwiwa3AM5j063+JE6r0Uwt5R4TZsOx109U9a0ta4eS6fE22+O pEPKddpaOPnCTB/RDcxFbyXWJw8J5FW6EUbNSaBQTIjZn6jUnQARAQABtClWbGFkaW1pciBE dWJyb3ZpbiA8ZHVicm92aW5AY29ycC5tYWlsLnJ1PokCPwQTAQgAKQUCWS6jRgIbIwUJCWYB gAcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEKxNqiqt3SqHr3kQAInNgkXiRv61Zs4g B2mxrPtTRij+iDF+UOJVA/A5SjHaMWPVbT0PblbwWkxQvaxBDEPN4NRp+5mLkxD6ETmJJFZx gfmB3N9vhqFjHVb9K6AqGc7qlhlGwoIj6x27F07lmNkYHXMqqdt9Nbk+FvjukDU4WMZYFtXu 4c43hclKCg2i+bgZ5rXNJFsLioaY2Z/6Yml4COwvhDSg+IXF8oZtnf0Y8EP9qPeC3DHpL5n1 IgcB5mpzcBdsQchIVVCYCljVf0g5wslfs0tKvyrOsSF1gX8NK6gY3mZb44f5M2yviL/DFCS2 lmZDX2HqCmgyI0GwLTEW9zuZKE0WT6FF2KbWv3QbkwplygCQYlwCeEDOiemIsGiM11ubvDNe Iotvv06IsC5+6VYb63GBqRty+wEOjBNgz8AsHdljGxZjavQRBHa24+lYASMfLUqqoGPPM9wj mgiyOfS9p+VZumNzjk11mHrTe+Y7HujHVCjC74Ue+QHeyuIjk0bxDQSISh+w1jw9v/nyN8wh /tugEC4DO9LhyJPprZcduHQtlIFXEeZbmvapXqLjgMIz1WUB7hGcUMUkZZWqlkGyLhOdFpJL DkTMxqmazRL/jWLHSIRKWx1tmTn0GXLpXitP8ud8P67jY8mI2A04seuFNZLmtQLxP9qIIdrd f7WYPo19e+0b83BiC7rGuQINBFkuo0YBEADmrX6Ho18GYRk2GJZ3sy4g61oVuwAED+zGSsFt pYGGsOo/3rp9HRRcWR9qQ0osO14oB7swEhWnv4BMpab2WQ2BXM10W6B94yJsRMcZK4VJVSrP o/IEBrXe4roug+iG60wh4Cmi6Ojoi9OCarl+JVZCSclDy6cEv/MQRgwlNV+jvEqxVokdAwTY HrXpYpISnwCGcR6/eA+CHFvLQOkR+oHFqNuJsdx9e+OXP9MA5YLgi1atyHfkhGdDraLLTyGD aAqOaiOt7LdRL5xlaFejlHydkWEXbxSmIro7hHAFmyreslQ63V1vpLa6czylRqQ/us6iOidu rc+zsNAd7dbKVuOW/YEbiTrKwX7xjOa7lxYkOCBc+xa0Jj57FUoNQQdr678olgF5zqKvgZKa qiYSH6WR/wnKVmB8KQItyGZneq2f3Tqkc/S9Z45Olz7uYnN32uJAgn6awezkcK4iGSjQMzzg onP28LuLGoJVX92HWcYNBRW5T0Jqdro3i+XWLKWNsRSe8ifguH87CPfAtIsUJRUDvdR+XKF8 /TeXZfpdeU5tzOnRXPrST8L3Yw3Hpa//JtCmAXo02uer+fZm0e2+rB0cjn2P65fb5sb0jJNy mp1dwUEs+u0xHN3gHVBtPixCqnPVzFBygBtaPZF+6B6fhFLABNokIyii5NHYNS/NqEGTzwAR AQABiQIlBBgBCAAPBQJZLqNGAhsMBQkJZgGAAAoJEKxNqiqt3SqHOMQQAIojVofS2i1fAmML cnqhJVjB7nNZNTYGPGuqaSOk+P3nViihhkA+dhbntDRAipIzIoCOzBYQ69mY0LQAA1cAxC0T tqoDidp96OoGZfp1zWJu2pQrubfY8iR8+fxWPfQnPakVItp4Rexzg5oWsy070ysMhWemqRps DaozbJJU0dPCxIRCO28H20DLYF9LzK0BUQBJUcrGT7pLwyI2UXT8UdKBkyzezh53en+mnV2W a1U/syFstNBv5Y+XTemh882butmbBqGU4V47FK8BeBZdfrbqyz9fJMPQuV8esA3ucRP5gwDY S4z8QiofEfkPZ0V3ldGnpjJyCXdeYzMFgA/+cTmTO0lAA96+zB0Z/gcNwL/Nq1bX6P31mPsC PrBjlOUUCCBgek4D//oUKzoBF2YPQeMsqt7PKboHtTVeE0279vRifbIRF295X4nKVA4sWHpx V/HrSdpNQraWw7Sq4/iTbcqETNY48oWQBSeilGD+ZXKxtdUte8plVPDFoUxQZ6iQp3YqrEgi eNAwkMkiWb5zQ3YKd3JfsTOd1wd9Cc2jKaSE7fj3moAkSxQNZsgiQzMFThK7S/wcESpJfRxH hicIfJtLXgoQZOjH1zePjmdHxidhD65P8cfey++AYYSYWPyRrN5BW1Aam8FDOBpzU8pvNjWL NXdphurqQpFSRlvcRvXY
Message-ID: <129785b9-952e-611b-cff9-7a909b3fe4a4@corp.mail.ru>
Date: Sat, 26 Jan 2019 16:26:18 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <40a9f309a70254b799f8bc3e42cbec2f5cf9dd7b.camel@aegee.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Authentication-Results: smtp53.i.mail.ru; auth=pass smtp.auth=dubrovin@corp.mail.ru smtp.mailfrom=dubrovin@corp.mail.ru
X-618D5548: 890C00A99BF67EFAF8787DE96DB044641DF1F2D11C1BC0D4B9CA1E903B6768C3
X-77F55803: 6115F4D8777AF1675A78504BD2AC294108AEA42614CCE77CA8F2DF7D05A75CCFC6FEBDDEBACE8411FE6FF01A181F7FA3
X-7FA49CB5: 0D63561A33F958A5AFE1CD5B0CC66B9836B9A558B29563816FA8C8E11A0CCF108941B15DA834481FA18204E546F3947C5EF3C447179F0106F6B57BC7E64490618DEB871D839B7333395957E7521B51C2545D4CF71C94A83E9FA2833FD35BB23D27C277FBC8AE2E8B0920FC4EF0AE1D47A471835C12D1D977C4224003CC8364767815B9869FA544D8D32BA5DBAC0009BE9E8FC8737B5C22498B372E35CF5A2D2DD32BA5DBAC0009BE395957E7521B51C24DA2F55E57A558BE49FD398EE364050FB28585415E75ADA9040F9FF01DFDA4A8C4224003CC836476C0CAF46E325F83A522CA9DD8327EE4930A3850AC1BE2E7358D8083C743180710F370CE93649EA8CD731C566533BA786A40A5AABA2AD371193C9F3DD0FB1AF5EBFD6F4F5CC2EFF5953C9F3DD0FB1AF5EB4E70A05D1297E1BBCB5012B2E24CD356
X-Mailru-Sender: DBC2F4F1B1B33C64B837EEACE6D760D018CAEB05198BA02CA3EB5A3D49264654DC5C483502D9B882DF27400FA58A4AF1E66B5C1DBFD5D09D63761FFB9297ED015BF713DEE2A5F4A567EA787935ED9F1B
X-Mras: OK
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/rq_TugsrWkuMYA30VwbQnU4UKyo>
Subject: Re: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jan 2019 13:26:27 -0000
Message sender can expect message content is only stored in sender's and recipient's mailboxes after delivery. If deleted by both sender and recipient, this message is not longer exists and it's content can not be recovered. In this scenario, (partial) message content can be stored in DMARC forensic subsystem unknowingly to user, it may violate user's privacy expectations and/or rights, depending on local legislation. 26.01.2019 14:37, Дилян Палаузов пишет: > Hello, > > for a smooth working DMARC DKIM signers and verifiers must be interoperatable. When a server DKIM-signs a message and > sends it to another server without intermediates, the latter shall be able verify the signature. Imagine, the DKIM > validation fails and the ruf= dmarc report email address points to the sending server. > > What are the privacy concerns in this simple scenario that speak against sending a DMARC/DKIM report to sending server, > telling that the DKIM validation fails? > > https://tools.ietf.org/html/rfc7489#section-9 mentions some privacy thoughts, but these are not applicable when the > sending server obviously has already the reported message and no intermediates are involved, that could expose > additional information. > > Regards > Дилян > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc -- Vladimir Dubrovin @Mail.Ru
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- [dmarc-ietf] DMARC forensic reports (ruf=) and pr… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Vladimir Dubrovin
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Dotzero
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Kurt Andersen (b)
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Vladimir Dubrovin
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Alessandro Vesely
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Дилян Палаузов
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Scott Kitterman
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… John Levine
- Re: [dmarc-ietf] DMARC forensic reports (ruf=) an… Brandon Long