IETF Logo Mail Archive

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

Bron Gondwana <brong@fastmailteam.com> Tue, 08 August 2017 13:59 UTC

Return-Path: <brong@fastmailteam.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3077F132427 for <dmarc@ietfa.amsl.com>; Tue, 8 Aug 2017 06:59:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.719
X-Spam-Level:
X-Spam-Status: No, score=-2.719 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=EzFMS9cR; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=TnJ3+b2R
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id daUZ-V5e4PbB for <dmarc@ietfa.amsl.com>; Tue, 8 Aug 2017 06:59:20 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D73E132426 for <dmarc@ietf.org>; Tue, 8 Aug 2017 06:59:20 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id B642820BAA; Tue, 8 Aug 2017 09:59:19 -0400 (EDT)
Received: from web4 ([10.202.2.214]) by compute6.internal (MEProxy); Tue, 08 Aug 2017 09:59:19 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=xCtlI5 lPxh2CAPOLVpvqGTLMeK2G9Yx4Er0/iBGsauk=; b=EzFMS9cRVbNXKmloFkg7wX ZsISh2tHPgNkFSdzr4RN7KzI5eQBE+KscEvS9krchejg0q51SvsMAlj+MT9dpiIV xZ1ZyaP5Dlgej1H/UZhx9bZIQ8vmKM5xdj1GrXI90fNaXxhkZ/q/Pn/2mdVAZJPq TPFhO0y2RmopmJejxVe8difjaiFCyxpYAnuO2LzB9WdgKdI7t1A+OvnjoLMDip53 RdSpetIj8dEA5pzwzVQRXP9vIQXD9879bgX+46S04e8p6hP34dpDwkO7iGYBgYOb i7HQOEHoRRlySBsdCiiFnW5jyhWBYcq9eNUdqIFOAzoPJ4XVb+IvYyrVKReO5ZCg ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=xCtlI5 lPxh2CAPOLVpvqGTLMeK2G9Yx4Er0/iBGsauk=; b=TnJ3+b2RoxjjNPl/QbMvTh NMRma8kBBQgpTS/t4IkVkTjokCcFDVOQ5kEBSjCXiE2wnc1yv2CkfI5s+BTJrWF3 ND075ZWvi0SZ9W6/7vosKDMe5embrIEy5TZPC4Dt0bXvUwvBYhQEo/DYuiSWuwfO 1/Tmbu+tUP5BX0PXYzB2WxEj7bIMSowh58iVD/T3KvFvXEDPXAOgoCIcKQbbvc0l IKaFFzKudRh9eOyh+PhysmldP1VQVTFnsC/QuFu197ni04+O8hripALxWt9PEs/v Nium3AIFUmrLdOoK7xV9dWRMPiKeIZ2Tepttz3GWH16nP2h0RDJfvbZk3azr/9Xw ==
X-ME-Sender: <xms:t8OJWb4OUYqvSsMLrZ4b_Cxr_d0PbKnYIuyig9mKsMfqsF3Q8dYtWQ>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 9545DBAB72; Tue, 8 Aug 2017 09:59:19 -0400 (EDT)
Message-Id: <1502200759.3946686.1066841264.607B4D0B@webmail.messagingengine.com>
From: Bron Gondwana <brong@fastmailteam.com>
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: dmarc@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="_----------=_150220075939466861"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-4448c6f4
Date: Tue, 08 Aug 2017 23:59:19 +1000
References: <1502083287.2191248.1065195288.7CDC7FF3@webmail.messagingengine.com> <CAD2i3WOCFHf7C4qjpCcGCFKJKsZC2+Wty1arkQgTU_jtrS6MuQ@mail.gmail.com> <1502165454.4116080.1066378520.2314FE46@webmail.messagingengine.com> <CABuGu1oTMbuLd4yTwecu5sKFnsmH+HiwT1FG=JpySYHzpMTx_w@mail.gmail.com>
In-Reply-To: <CABuGu1oTMbuLd4yTwecu5sKFnsmH+HiwT1FG=JpySYHzpMTx_w@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/sGpVbQWszG6hh_oCFEP3LtXpzus>
Subject: Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Aug 2017 13:59:22 -0000

On Tue, 8 Aug 2017, at 23:36, Kurt Andersen (b) wrote:
> On Mon, Aug 7, 2017 at 9:10 PM, Bron Gondwana
> <brong@fastmailteam.com> wrote:>> __
>> 
>> . . .  If you aren't willing to agree that the most recent liar can
>>   repurpose an existing chain, I'm happy to avoid making the forgery,
>>   otherwise I'll make up a forgery and send it to the list.>> 
>> 
>> But since you either trust every hop to do good checks, or you
>> don't trust the entire message - then the ARC-Seal is literally
>> adding nothing.  It adds no meaning, just extra work.  Hence my
>> snakeoil claim.>> 
>> 
>> 
> Is your concern that the last hop (or any other) can essentially do a
> wholesale replacement of the message contents and that there is no way
> to distinguish that from a semantically meaningless footer tweak?> 
> I'm not sure that I understand your assertion that you can forge an AS
> any more than you could forge a DKIM signature.
The whole point of verifying the chain of AS all the way back to i=1
is that you can tell that the message went through those servers, in
that order.
But it's bogus, because AS doesn't sign anything except itself and some
AMS and AAR.  Once AMS doesn't validate any more (any change at all)
then you can't really tell that the message passed through there, just
the _a_ message passed through there.
So I could take an existing message that had passed through Google and
create a brand new message and pass it off as if it had passed through
Google before passing through my server on its way to you.
In which case - the AS is meaningless.  It claims something which is
only true if everyone plays by the rules.  But if everyone plays by the
rules, then it's excessive.  You could just check the previous AAR and
know that the previous site had validated the hop before it, and so on.
It's crypto that doesn't add anything of value.
It's not actively damaging (other than the advice to do excessive DNS
lookups), but it's also not doing anything meaningful, and it's adding
something forgeable that looks like it means something.
Bron.

--
  Bron Gondwana, CEO, FastMail Pty Ltd
  brong@fastmailteam.com

v2.23.0 | Report a Bug | By Email