Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
"Murray S. Kucherawy" <superuser@gmail.com> Sat, 19 August 2017 05:17 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B838132621 for <dmarc@ietfa.amsl.com>; Fri, 18 Aug 2017 22:17:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cCrmiuoJXnLd for <dmarc@ietfa.amsl.com>; Fri, 18 Aug 2017 22:17:13 -0700 (PDT)
Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23CA113248A for <dmarc@ietf.org>; Fri, 18 Aug 2017 22:17:13 -0700 (PDT)
Received: by mail-qk0-x229.google.com with SMTP id z18so62536380qka.4 for <dmarc@ietf.org>; Fri, 18 Aug 2017 22:17:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=UVek6TlIDH2ozA1f+JJDvWGVHDE/DA8nYfPqcF0P6Tc=; b=XocFDWXLFRL1jI2Zk4/WYDdRf52sM6/uYAjGj58EkTU/h2WDP69udyuQtnPXdw4hcL Ofr1SWovlO/Bjm7ZZNmHsPqZcHWnLxE1RonY2PXMJ/axZmAqrwrcg9GQ5A74g44rhntP Bf+WAMdYBL/oshybZxbaqJJV9Agv/G5jYz5j/EaXJa7CB0ZP5UAwR9SiJEJRWCpwGnrs We9A+HMuL8G55axyG5j7Hq/Zy/rF0wzgabA/BRcOfcryxPUoWmYwnr4B2/4smr5picsJ RpAY1OfeguPr6VXhiBqam/VA3xJz24vNv4p/8ox+9pEDgpE02mucKAro4JNCAs0FEJeR 3dbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=UVek6TlIDH2ozA1f+JJDvWGVHDE/DA8nYfPqcF0P6Tc=; b=GrdP7n0XWjWqkCKGzY7YGKOomS/4NrdidwqfbVYNT/FoI6inMJ9oWfuc2GgUbG8hcD PQOhTvRKq11iglBiBcn0x0BB882E4jSMrda/NuVfoNpD34BWcHu6GnuojJ84HCTAft2Y rd4KP1eaGSV458tOlHpVNuk6/lqjArGq9UBDMtv1j/k7PlQN1S3Ibwq5lG+BrqK11WNx ytHea2hv75jl/3CouskvJWZ6lf8djL5bqxKU3AGiTl981Q5iajO0s6cPST75n+tM48SU GLNXQ2KZtMpwtUxj9ayG+LpXtYajmTdvSRBk4Hi5soNT6A1/lKBAWQYd/PfihhHQniD9 GvCg==
X-Gm-Message-State: AHYfb5h0Lm8/4ecYX9/ri4iHovICWCrJi8cxfEjddvaLu47dybjem0JX tHd8cpXgFBrc7pVff9CeR6vUT+OSUQ==
X-Received: by 10.55.73.135 with SMTP id w129mr15175300qka.249.1503119832201; Fri, 18 Aug 2017 22:17:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.57.34 with HTTP; Fri, 18 Aug 2017 22:17:11 -0700 (PDT)
In-Reply-To: <1503107244.2691235.1078169016.1D12AE95@webmail.messagingengine.com>
References: <1502083287.2191248.1065195288.7CDC7FF3@webmail.messagingengine.com> <CABuGu1oTMbuLd4yTwecu5sKFnsmH+HiwT1FG=JpySYHzpMTx_w@mail.gmail.com> <1502200759.3946686.1066841264.607B4D0B@webmail.messagingengine.com> <2720431.u3G7bbkkxK@kitterma-e6430> <1502317564.1935379.1068588344.040173AF@webmail.messagingengine.com> <a08c7590-ded3-1642-4ffc-07848b3c6cd2@gmail.com> <e14f2130-6f00-4ef1-485b-850a4cc1c48c@gmail.com> <1502495646.4099176.1070896040.2B09B1F8@webmail.messagingengine.com> <166070f0-4ba1-70da-1f73-885b4a7f7640@gmail.com> <1502497178.4103451.1070917304.23DD466D@webmail.messagingengine.com> <598F9484.7020700@isdg.net> <CABuGu1p=oLfLRkuoaDHoz3Cv3_FrURdsFPzkac7jNzBpqBmiSg@mail.gmail.com> <599484FB.9050908@isdg.net> <1502929303.4038704.1075868960.5D80A788@webmail.messagingengine.com> <CAD2i3WN_bmDgmQBw3pnyu7vWJJM2Kzwgru87VhK=NA_H91B+og@mail.gmail.com> <1502930858.4042926.1075890568.5069945B@webmail.messagingengine.com> <CABa8R6uhV9Bs42rgUGTSetBDDFmFPOhiYa6Yuqny0gv6dT3-Kg@mail.gmail.com> <1503006397.1306110.1076933224.154E25D6@webmail.messagingengine.com> <CABa8R6tE7E=eEnyzfhw-veD__O4FG1s8Xf7aokjfwTFmSEzTaQ@mail.gmail.com> <CAL0qLwbOZ2VPYG=MLhSnHWZmbhZSuN0gU2E4rcQeL2ZfRSqdYg@mail.gmail.com> <1503107244.2691235.1078169016.1D12AE95@webmail.messagingengine.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Fri, 18 Aug 2017 22:17:11 -0700
Message-ID: <CAL0qLwaoX9mS+TW1WR6Og4KW2maaNuUxybZMmxpzr_udxxmaNQ@mail.gmail.com>
To: Bron Gondwana <brong@fastmailteam.com>
Cc: Brandon Long <blong@fiction.net>, "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="001a114a8562a741520557145b6c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/sP7CaiLMnciekZ77zl-zfErbo0M>
Subject: Re: [dmarc-ietf] ARC-Seal is meaningless security theatre
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Aug 2017 05:17:15 -0000
On Fri, Aug 18, 2017 at 6:47 PM, Bron Gondwana <brong@fastmailteam.com> wrote: > On Sat, 19 Aug 2017, at 11:43, Murray S. Kucherawy wrote: > > On Thu, Aug 17, 2017 at 5:22 PM, Brandon Long <blong@fiction.net> wrote: > > We went down the path of including a diff of the message in the headers, > but you run up against more complicated changes that make that > challenging. Ie, mailing lists which strip attachments. If all we cared > about were subject munging and footers, there probably would have been a > practical solution there. > > > I wrote a draft a while ago that would allow a DKIM-Signature to include > an annotation indicating that the signing ADMD did one or more of a > specific set of small but well-defined message changes (e.g., add a footer, > add a Subject tag). Knowing what those are, a verifier could undo them and > attempt validation of earlier signatures in the handling chain. Presumably > if no other modifications were made, the original content is thus > discoverable, and you could then produce a chain of custody of the actual > content before you that makes sense. > > If that's worthy of consideration now I could certainly revivify it. > > > That seems really valuable to me. Being able to track the provenance on > individual parts of the message payload is a much stronger way to determine > who is at fault when bad content is being injected than just knowing some > bits of the message handling chain. > https://tools.ietf.org/html/draft-kucherawy-dkim-transform-00 The notion of tracking provenance is secondary to being able to recover and evaluate the original content signed by the originating ADMD. You could in theory get that signature to pass again, which would satisfy DMARC. The transformations it covers could easily be augmented to include Subject tagging, or even non-MIME footer attachment using the "--" delimiter. -MSK
- [dmarc-ietf] ARC-Seal is meaningless security the… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Tim Draegen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… John Levine
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Scott Kitterman
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… MH Michael Hammer (5304)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen (b)
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… mhammer@americangreetings.com
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Kurt Andersen
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Seth Blank
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Brandon Long
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Dave Crocker
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Bron Gondwana
- Re: [dmarc-ietf] ARC-Seal is meaningless security… Hector Santos