Re: [dmarc-ietf] Two basic Issues to address to help complete DMARCbis
Hector Santos <hsantos@isdg.net> Mon, 24 April 2023 13:41 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D4EFC152D8E for <dmarc@ietfa.amsl.com>; Mon, 24 Apr 2023 06:41:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SbAt84YQdwZN for <dmarc@ietfa.amsl.com>; Mon, 24 Apr 2023 06:41:33 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E9B1C152D8C for <dmarc@ietf.org>; Mon, 24 Apr 2023 06:41:33 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=2301; t=1682343691; atps=ietf.org; atpsh=sha1; h=Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=Rj0kgWzS8s3DlYDhlQMRU/fVViSpYNKXwOP/ilevdDU=; b=YOuO yvx5ulWxINiK7fI98F/KnYiiQb6Zsf6eqMdl/bGX1NzSULUEyTDDaPeamyZUXptH tBRVNOntEfrWZb2ugCts3P/1inEkYBain3+OPYDvrgTMAhb+WLPvkt2+3s3BZQl8 lXpPbA5wUk4x7B5Q6Oz5SaRUA6Xf4iPYQtqI9YA=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for dmarc@ietf.org; Mon, 24 Apr 2023 09:41:31 -0400
Received: from [192.168.1.68] ([75.26.216.248]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 2736473363.1.8508; Mon, 24 Apr 2023 09:41:30 -0400
Message-ID: <6446870B.5080003@isdg.net>
Date: Mon, 24 Apr 2023 09:41:31 -0400
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: dmarc@ietf.org
References: <0abf9711-ca1c-bfcf-afb2-15e16b9de149@tana.it> <20230420153727.DB568C106CE9@ary.qy> <CAJ4XoYeyoOYeXW1QN+yeMbxt4SF7Kn2Xi=FP7VmX4MhKiDi9hQ@mail.gmail.com> <C3D9E708-EDC7-43BC-AE5E-DF4FFAECCC2B@kitterman.com> <7e2ae4c0-6ebf-4539-55b9-e5d85765a024@tana.it> <185759A8-10CD-40F8-89C8-FE774B077F52@kitterman.com> <a31a3a91-1fe1-40b0-ae4c-0e76520e722c@tana.it> <644568C6.4000407@isdg.net> <bc4f7f74-2753-fa0b-b866-a0b45968345a@tana.it>
In-Reply-To: <bc4f7f74-2753-fa0b-b866-a0b45968345a@tana.it>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/s9TKiTO6jOmr0hkSahv0e009DYM>
Subject: Re: [dmarc-ietf] Two basic Issues to address to help complete DMARCbis
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Apr 2023 13:41:37 -0000
On 4/24/2023 7:22 AM, Alessandro Vesely wrote: > On Sun 23/Apr/2023 19:20:06 +0200 Hector Santos wrote: >> On 4/23/2023 6:10 AM, Alessandro Vesely wrote: >>> >>> Meanwhile, digressions about ATPS and similar schemes can help >>> casting some light on future evolution. From: rewriting cannot be >>> the final solution; it is a temporary hack. Digressions don't slow >>> down the publication, as discussions about actual text quickly >>> prevail. They are just a mean to help convergence toward a common >>> vision of the future. >> >> With each year, that "temporary hack" becomes the new normal and it >> will be harder to clean up. It is not the right way and I don't >> its too late to reverse. However, it has been 17 years and >> DMARCbis is not finished without some clean up in this area. >> >> First, Section 4.4.3 should have text on using extended tag methods >> to provide 3rd party authorization methods. Just add the RFC 6541 >> abstract or version of it: > > > Proposing to add text to DMARCbis about 3rd party auth is not a > digression. We cannot solve the problem before publishing > DMARCbis. The text to add to DMARCbis can mention that From: > rewriting will fade out, but cannot say how. (This is not a rule, > just a scheduling requirement.) This suggestion is helpful, thanks. I believe the time is now during this drafting. I rather not punt. I don't wish to wait another 5-10 years to address this again. DMARCbis should be the string board to finally solidity the potential DMARC add-on market to deal with the long time loopholes. The conceptual solutions are well known and there are both DNS and non-DNS proposals to explore. It can reference the efforts and explain why ESPs may not be able to use it for outbound mail, but may be able to support it for verification of inbound mail. It clearly scales for verification. Why not help with inbound security even if they can't use it from themselves? We are helping yahoo.com and others p=reject domains and I hope they are helping senders with their receivers. Even if the ESP has no policy or p=none, it can still do an verification ATPS check when the author and signer domains do not match. How hard is that? Any proposed text should cover these main points. -- HLS
- [dmarc-ietf] Is From spoofing an interoperability… Laura Atkins
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Scott Kitterman
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Dotzero
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Douglas Foster
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Laura Atkins
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Laura Atkins
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Scott Kitterman
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Hector Santos
- Re: [dmarc-ietf] Is From spoofing an interoperabi… John Levine
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Dotzero
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Alessandro Vesely
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Hector Santos
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Jesse Thompson
- Re: [dmarc-ietf] Is From spoofing an interoperabi… John Levine
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Laura Atkins
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Scott Kitterman
- Re: [dmarc-ietf] Is From spoofing an interoperabi… John Levine
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Alessandro Vesely
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Jesse Thompson
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Douglas Foster
- Re: [dmarc-ietf] Is From spoofing an interoperabi… John Levine
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Dotzero
- [dmarc-ietf] About UAID User Agent Identity. Hector Santos
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Hector Santos
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Scott Kitterman
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Alessandro Vesely
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Scott Kitterman
- Re: [dmarc-ietf] Is From spoofing an interoperabi… Alessandro Vesely
- [dmarc-ietf] Two basic Issues to address to help … Hector Santos
- Re: [dmarc-ietf] Two basic Issues to address to h… Dotzero
- Re: [dmarc-ietf] Two basic Issues to address to h… Hector Santos
- Re: [dmarc-ietf] Two basic Issues to address to h… Alessandro Vesely
- Re: [dmarc-ietf] Two basic Issues to address to h… Hector Santos