IETF Logo Mail Archive

Re: [dmarc-ietf] UNCOL and Reversing modifications from mailing lists

Alessandro Vesely <vesely@tana.it> Wed, 24 November 2021 19:05 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DD823A0A51 for <dmarc@ietfa.amsl.com>; Wed, 24 Nov 2021 11:05:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.95
X-Spam-Level:
X-Spam-Status: No, score=-3.95 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.852, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=tana.it header.b=OI3zlNbh; dkim=pass (1152-bit key) header.d=tana.it header.b=C5I3yS8u
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3bOsHIAye0F8 for <dmarc@ietfa.amsl.com>; Wed, 24 Nov 2021 11:05:12 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 413C23A0A5E for <dmarc@ietf.org>; Wed, 24 Nov 2021 11:05:10 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=tana.it; s=epsilon; t=1637780705; bh=/9DkEaduozikRJhm3y8mKgh4bozC9/lEj4ZZ0wAAuNQ=; l=1192; h=Subject:To:References:From:Date:In-Reply-To; b=OI3zlNbhyV0sMRk5sK2ho58T/XH2pS2jTGjoMjnzaIE04EIHvvYych7g58iSaJ2lK JC92ZGf0xo8+Stcqlo5BA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1637780705; bh=/9DkEaduozikRJhm3y8mKgh4bozC9/lEj4ZZ0wAAuNQ=; l=1192; h=To:References:From:Date:In-Reply-To; b=C5I3yS8uIWAkHONlYjTXDdSo+y0eLMJUgq1ulpdiPgTsSf5D0oHQj/pdmnCRf5gs4 yoOdDqaddH9wRjNKXRdA26pMBO6rf6f7ONTgLNGR7gzqWC3kQL4oTaUnDfLpjdCxVL eJzGt7/pivTZVWDfnMzvfl26Nc+/gWGK/XwxpyL0FGkGzjfNhQQ4863eC2OvR
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0CF.00000000619E8CE1.00004003; Wed, 24 Nov 2021 20:05:05 +0100
To: John Levine <johnl@taugh.com>, dmarc@ietf.org
References: <20211124162252.2F92F30880E5@ary.qy>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <3436c7d8-9783-7091-209f-f33bf01c2d5f@tana.it>
Date: Wed, 24 Nov 2021 20:05:04 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <20211124162252.2F92F30880E5@ary.qy>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/sssx2apaJZnHV0_TVllbrnpvr3M>
Subject: Re: [dmarc-ietf] UNCOL and Reversing modifications from mailing lists
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Nov 2021 19:05:19 -0000

On Wed 24/Nov/2021 17:22:51 +0100 John Levine wrote:
> It appears that Alessandro Vesely  <vesely@tana.it> said:
> 
>>> This proposal is UNCOL for mailing lists. ...
>> 
>>Without going beyond Mailman lists, some of them remove DKIM signatures 
>>altogether, so there is no chance to recover anything.
> 
> I don't understand that comment unless you're pointing out another reason that
> your proposal is not worth working on.


Why?  DKIM says signatures SHOULD NOT be removed, so a MLM may opt for not 
letting existing signatures through.  They may also anonymize posters.

Likewise, users may opt to sign in such a way as to grant that MLM-transformed 
messages won't verify by any means.

Reversibility is an opt-in.  However, people who don't want indirect mail flows 
to be authenticable, should not complain that DMARC disrupted the end-to-end 
nature of the From: identifier.  They can choose.


>>ARC implies a reliable global reputation system, ...
> 
> No, it does not.  You know better than that.


Yet, the proposal to accept and validate any possibly faked message as if it 
passed DMARC is not acceptable.  It completely voids DMARC's meaning.


Best
Ale
--

v2.23.0 | Report a Bug | By Email