IETF Logo Mail Archive

Re: [dmarc-ietf] SPF follies, WGLC editorial review of draft-ietf-dmarc-dmarcbis-30

"Murray S. Kucherawy" <superuser@gmail.com> Mon, 01 April 2024 20:01 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCE1FC1519AC for <dmarc@ietfa.amsl.com>; Mon, 1 Apr 2024 13:01:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u5VlLNx3yWUJ for <dmarc@ietfa.amsl.com>; Mon, 1 Apr 2024 13:01:38 -0700 (PDT)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FFDDC1519A6 for <dmarc@ietf.org>; Mon, 1 Apr 2024 13:01:38 -0700 (PDT)
Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a469dffbdfeso169844966b.0 for <dmarc@ietf.org>; Mon, 01 Apr 2024 13:01:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712001696; x=1712606496; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=tLlZGfIP4dswuw1CpGNdRonxSX1U02UYvUl5p4yhhyE=; b=jtZx6TuOQgQjSBKdvGDwxW2F3LkcpkUrcjFfNRR0YEtmktL9DqpxTB8NU1OzjLqx5w dEtZE8N84mf5TI5EGIG8WhIWhRd6sbj2YVv0qn9lA3qTi3PLoliDAjnVH1NXFSrS5ngz CzWXGUlMyqtgU75iEIBOe//aP8vlReX7VErs/WVC4HrB7bhBv1aIq5G+CcX6rv1mwsV3 f13c0g8ZHG5dHBo1Q+LDpQQamWU5Fvv8blyN3NwbniJzyDWMy7khiHav16mz7ocVJIjV 47wI94CuVrORQS+MmXdXT/nCT447g0GhYFf7LkqFJ7sIiNnBHEIR0bGTz9cGP8RGU1Ea miZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712001696; x=1712606496; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=tLlZGfIP4dswuw1CpGNdRonxSX1U02UYvUl5p4yhhyE=; b=E75c0i159cXf+E9sropI9wv1xprqgLwe8kbH+Rv8D0wlJItGwwwCfcACWE5VOipO5E g3T5HOQERDsrP+rIEfXPog1ovHKA8Ou/XUf3aeS4A1VssAf/SmMiclEryYwy37cTR4RA oIERIujjCjr4GWfifc8xWtmFWk2gGtUBaFGDF8bQV3YhO1AbrcDIvTJwyg7iITbL51LO fGqB2ZTn8ML2N+2uQscnb77rtt8fTkcx3BXkHMW0DeGbrcS0x9QSmNA+rwegVnWNootp 7ORp8x069fJe5E9kSyhpfp/rJDckPLder5EzeBgDRzHydLRpa3Qtvh1bBo1PI6fk7gHO cShQ==
X-Gm-Message-State: AOJu0YzVqZ0fovfYjpo9qZ9Xb1Cwmf8YxGMhNKceYQyUOGjvsESuPbpK M5k4q0GWJFiDOL1qUumHJYMjig/sVdEYl6irHeCeMHDzQLLmBz6zAy3iZMUVPZ8X321VkUMowxH Yi10erKc5xsYvI7Lm3FGZ/KKzqKJuqK3oBBo=
X-Google-Smtp-Source: AGHT+IGR+HSvV15PmLLmXYTThHJdnLaNYrFqF3itidBUeY2zhQzyS4XlAltmoyZIkOsojEmVpE6QSQNxYsTXf9vYiTY=
X-Received: by 2002:a17:906:b815:b0:a4e:6abd:96a1 with SMTP id dv21-20020a170906b81500b00a4e6abd96a1mr2223036ejb.7.1712001695554; Mon, 01 Apr 2024 13:01:35 -0700 (PDT)
MIME-Version: 1.0
References: <eda55c54-c149-475c-8117-bfdf3885a883@tekmarc.com> <20240331180009.F36CD8687B50@ary.qy> <CAOZAAfP9tXi80Fi=ZkgPpGwHo1fDbdSOZwVcnuPDbbc2xQd-7A@mail.gmail.com> <lIU60SB3NeCmFAG+@highwayman.com> <CAL0qLwZt+bo4ydCVOQbfg6bQEv-ufXrrwr8Aege9Wsv7LgH=kA@mail.gmail.com> <CAOZAAfPtxdBwEthN26cgvAnAbQ70wym+2k0WjtKqNVf44=-vMg@mail.gmail.com> <MN2PR11MB435115B7428C63C1B1058D9EF73F2@MN2PR11MB4351.namprd11.prod.outlook.com> <CAJ4XoYfmyDykZGm9Gb1bxjz=pW_scqon3pDv-DRGHjFrnyCLoQ@mail.gmail.com> <CADyWQ+HbfegU=07gNyR-5Dby_71GNim4Nq-LyFerKHk1dV0=Nw@mail.gmail.com> <CAHej_8=OxfPySzx0p2xR7iRmfai=CdU6iADECUCZoHXr6qvxcg@mail.gmail.com> <CB1B38EF-70FF-44D7-81B3-20211E4BCBDF@bluepopcorn.net> <CAHej_8=7kNoqXkBkcqoou=c4VLgspfvRbjGsPn0BnkohwqiD9w@mail.gmail.com>
In-Reply-To: <CAHej_8=7kNoqXkBkcqoou=c4VLgspfvRbjGsPn0BnkohwqiD9w@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Mon, 01 Apr 2024 13:01:22 -0700
Message-ID: <CAL0qLwZsX5Zr4ibMrzYrOTGn8RM32zFdhaVORB6E3WoUp9ByFQ@mail.gmail.com>
To: dmarc@ietf.org
Content-Type: multipart/alternative; boundary="000000000000eb25d606150e749c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/v5NMVIZqvRuEfopf7gc0Q1i4Ywo>
Subject: Re: [dmarc-ietf] SPF follies, WGLC editorial review of draft-ietf-dmarc-dmarcbis-30
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2024 20:01:40 -0000

On Mon, Apr 1, 2024 at 11:33 AM Todd Herr <todd.herr=
40valimail.com@dmarc.ietf.org> wrote:

> The second document also recommends that receivers "Make use of ARC
> headers", but I do not believe that ARC header consumption is yet
> widespread enough to consider that recommendation to be commonly
> implemented. I myself am not a receiver, but I've been in enough
> conversations on the topic, including a present M3AAWG initiative, to
> understand the the long poles in that tent don't involve consumption of the
> headers per se, but rather knowing or deciding which ARC signers to trust
> and what to do when the message passes through multiple intermediaries and
> not all of them ARC sign the message.
>
> Should DMARC-bis reference ARC? I don't know; can it? What I mean by that
> is that some of us have an interest in DMARC-bis being published as
> Standards track, and ARC is Experimental, and I don't fully understand the
> rules regarding down-referencing (is that the right term?).
>

This would be fine:

"One possible mitigation to problem X is [ARC], which provides for a
mechanism to demonstrate 'chain-of-custody' of a message.  However, use of
ARC is nascent, as is industry experience with it in connection with DMARC."

There's no intimation that DMARC won't work without ARC here.  That's an
informative downard reference, and it's fine to do that across levels of
document maturity.

This would not be fine:

"DMARC requires [ARC] to operate properly."

Now to implement DMARC (ostensibly a proposed standard), you also need to
implement ARC (experimental).  That's a no-no.  The WG would have to
successfully elevate ARC to a proposed standard first.

-MSK

v2.23.0 | Report a Bug | By Email