Re: [dmarc-ietf] Security Considerations in aggregate-reporting
"Brotman, Alex" <Alex_Brotman@comcast.com> Sat, 23 March 2024 16:15 UTC
Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8821C14E513; Sat, 23 Mar 2024 09:15:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b="ZUOXWVo4"; dkim=pass (1024-bit key) header.d=comcastcorp.onmicrosoft.com header.b="MC67okNf"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22z9QmHnj60m; Sat, 23 Mar 2024 09:15:56 -0700 (PDT)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEDC2C14F6F7; Sat, 23 Mar 2024 09:15:47 -0700 (PDT)
Received: from pps.filterd (m0184893.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 42NFwSd1009437; Sat, 23 Mar 2024 12:15:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=6A2Uc7UpDCQomyCFcyv9YZkGQ0m0U0Y/q3M7itnO1cM=; b=ZUOXWVo49Z6t6udtRMoMRDgGRX9YuEbn0gtKhDyxyIeOWIl6r4FV6fPDm8VbAwyy6MOE cDEm6JiQch+qzASf4dm/GTtUC3BgUneSxls9jZGCuQcfVqyVKuHp5o8gPrfzOhS1G01r yTzFS4d1q3nGhA78OMZkIulKxoSbsNbIOc0GrfIvRPUn+A7qGZKVAhN9uNnBDIYjJNlu a4j7z4qmEjmEUhUcuJSx0/3DtTAYNqUqYkLWfamRV/LQC0l3JASCXEA0c+EsV1JwTYqx lsI3djIG90eHmRbyNVyHKhLY09Z6yeun5/twNjrMJKgE+ifAz6Nc106FfKQwcZiV9PB2 wQ==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2100.outbound.protection.outlook.com [104.47.58.100]) by mx0a-00143702.pphosted.com (PPS) with ESMTPS id 3x1t8j4rbh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 23 Mar 2024 12:15:47 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Pxfj8zTPbONe28pIopIHHTvBcWh/aZVAtA+nYTLpz3ox6BUZBXd1u9WFkrtmJHjZu+ab5KFh8X80J8+MEp8Pt2cOgbrqUxo8OmrsvNGuHEZgFV9VpWly7Y6EKil2AEpFOBCWxVcC41tsextZQ2EnyTeRVRTYjeV+Fe133GxRuyWSTBZaXH6F52ynUEFe+ERCiUuhsEE/Y8pvkVXy3jjqmiunrLOGbTaUl/h5Tiujxj+K+YJuihVn7yrExEkyqZvETMm89hYgECADEFNHoHftU6mSQqaGFbOfCb0GoKFuVsYmgGR3eIpHlb5KkbIgy7bYh+jUMbYNPCn7Zvxj6ukZUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6A2Uc7UpDCQomyCFcyv9YZkGQ0m0U0Y/q3M7itnO1cM=; b=QxSEDK/Z3fKtHLWzmEHS984RrZwWQaxCK7EXxdVtrX1xIgJOH0kAV0PXYdHXgfwhL7zC0A4vB//agUQuP82iCdU9ABu8D52QTt72/tvzP+t5LwpxkvEg3UBFoWw+VMF45+w4ayuTmGS14m0AYNJC3XLrTO6Pwb1rZseKuWp1grWNYzMzwMR1sutt1CaTmK8n2WgTuP7n6GPjowPzY5FgcG4srirReW/R1aPbtyabYsYKWVQE1GPM8iChu+44oKhVJiQaIBsgKvcr1OFS6l49uZ+HJUE2GlsSmvX7WHY8OYdfoFkbUDIXbm/tofZXEm4xB1/VFbEbHfLUxOhhwgTlUQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6A2Uc7UpDCQomyCFcyv9YZkGQ0m0U0Y/q3M7itnO1cM=; b=MC67okNf2KjAuxnGDVW859ipokZQMyYt1Oe3UdM4SQ/nY/2hqyJOxsSDKyakbBaqIWqzVLqWePSPVc/QIRE7WfUESgrFNZ6ZJSfYKBk42waGBYQqXk/SuybCMepksoma9qM87LIRG47V3pQw3XMk70plexOgPLyZWCsBDvqzIts=
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by DS0PR11MB7261.namprd11.prod.outlook.com (2603:10b6:8:13d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.26; Sat, 23 Mar 2024 16:15:34 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::8948:2ea7:94b5:810c]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::8948:2ea7:94b5:810c%7]) with mapi id 15.20.7409.026; Sat, 23 Mar 2024 16:15:33 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: Matthäus Wander <mail=40wander.science@dmarc.ietf.org>, "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Security Considerations in aggregate-reporting
Thread-Index: AQHafK68z6xstDAHNUWROtU7to6717FFgTug
Date: Sat, 23 Mar 2024 16:15:33 +0000
Message-ID: <MN2PR11MB4351E2B0DA131ABE027582CDF7302@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <58c6791d-5597-40db-9a3c-f87d03a58674@wander.science>
In-Reply-To: <58c6791d-5597-40db-9a3c-f87d03a58674@wander.science>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_ActionId=2d3e043b-3240-4621-9c36-c4191096a624; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_ContentBits=0; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_Enabled=true; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_Method=Standard; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_Name=Confidential (C); MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_SetDate=2024-03-23T16:15:18Z; MSIP_Label_15652fe2-2b59-4d95-925c-ee86d789ff67_SiteId=906aefe9-76a7-4f65-b82d-5ec20775d5aa;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR11MB4351:EE_|DS0PR11MB7261:EE_
x-ms-office365-filtering-correlation-id: 51292b7c-57f9-4e40-afcd-08dc4b5477cd
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: OBmE1Zkmn5rkpIMrTCQmJ9LBTLRaEC6PVxQJ9ny4Ba/0WIOHhkobqEFHWdE/w1Onf2ef8pKqXMjRCe1gSJ4rTw+B3lsPm7FVzIZOQZuft0l5vzvDOURxHdw0enNnQwQfmtHRtscWdGFPGKzkoPWRUIvgV2X/lyPewfEapGkO2UwTghV3p3+F231ajOJA/RJ7ZToy+jbTGg/LlTleJoqZWNEg7BUbFXuUX8U5TuO1wNmiuJJs5/oerEdeoKDxp5jGcDpL80NktKPhx5doMTx82RKWrqkkG/w8WNNVLIDv1eVI1/5wQlX0xTK+owcR5TMzuTloVd2663QljqIgsk++FKj1eWp55qxxicl+YAWPH0nmP7vcUCvo3TPhVvlOvsonOiCtt73NWKaWxKhuXeWrsItrDyZVmB+xDxIocOJsftVx1aqyKkZxqFmMlwQb9xqd5/ZlRZrBAQCOWFzZ99bDTKuIoy4n64TATtTLEXbqjn5V/dRynh5Zjo6wEQ//aTZ2HlHK+JzF3ahre6cu3GR97vztRRh5kYy+L5EEwrlqbY5vSLJROmrh7mt02vZ6cU//f0o7fm4CJdBgxIidrL7dVw/AN1ph0vPX8yKgq5/5RWt4zrW+ig2847SPIbmZoUFLEvUv9CcMK+EifqLxJ5zhAGe87VqAEXDeK6VFxWDep0w=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(376005)(1800799015)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: xW33XK0EnNi1RHPInltlDcV3M9+fOcyXG50uawFCemomCLsBm1OumRPGvXJQL6EveTdRJFRWWj637NVoUTRTmz9zdCLLluwzLSD7pa/vUHTbD77Q9a6sfFvMzEoGArINmSttU1OtGCnCOH1lD/5FpUuh0DSzioKgJrFMaiJYUmET6zU/zYLHisnUzyDyhCrsLILATjpugJZHjVgAnjpR36qkNZNFhQbsPpF+YK8FsRcDPT55vWA7Bwdce2vZgjt15mcgwMNhYBKGygqMrlZ1e6l+lvSGLfr6GSQpUFc5H8UHoltLdyGcE18M09lgkcqY1b2E03YhgQmAgzB/i0xdZ0Sf6V9/h+vsGFLt5Ga5QKgsWv/t8QRIwhO5nK6NHzfA+zBpyAMBl2WdWIApTEhv3ZbruFWhwDQYy8fjEuetA+Mk5ZpuA2Ag2ifJZM31sMNnM9jf4uHNwKnl7xzcqNwj8Ht2tOgOOX5Lrv/Yo8MnQ7vCsgc94JoecO5z5M6lfb99WbDtqmwtqa2aQWF95yom3fOjhjIDRw/DoAAFuDfaHME0FyHymrKaNkbbQHCn0YbypFhtwmclzPRRQPF154QjXEvWU9POhFAzca+p3K0vgDcyOXzBSnDkEripxioHUiSnMJqa9ccriU7I4yLChG6DNEHx+4W8y9Aqn/V5D2WZMhILE4QMoicH1zvfnIquJenFNcu/puOO3RP4pQ95ipQxrsT5Bv8a5LKC5T2HJN6Eb8DBGOeKkwuorA06gRCGNGVcXiQbZVKM3cQBGxmyPh6VwXQq08A1lUHfsQIAp/ZNpHdxHsS3I/czaoNgfYQDmjGKSztV3Lgk5Aim0lc42Cq0AlQrvUwNehKszyoTGye5ERxadVTQRiAIlEiXCUoCUhdAPXybJYdtfo5HxKmRC0NJhBDtahgDBuHUofVcjg7m9UYX/MFrTn371DNhRtZIEEQn0aCDhOtNkuKcWmwMjjhuGjvhryT5deI5r4k+/9vFp/BoJqz6bQyAiD5Zk4vDVrqcNHHnbcBA0h7iWeiG0ZifF2KvtJcm9M0QtL3kB9TBMOXwv06vc/5AiGHCssETYjQPpjYHOnR8P4InF3uTtxAHxyClPlPy/Ap28npIIqUmJPjQqdpEWvCks9SZEFqydW8nKjU0xckWZq4AakcIpDwFSM+ChqFXnHYysSuN/MAwxDojb+d744J31+/fdtsy9IpFuI+1wcbeoNRcxpK7WYF7Uobnzm3iZ65QgkkReH56MdLaW/LaWT5DPOGimPl+XbhrtVVKD0UT/XHGKz0aXkJTV7450t1RXBKDXJ7yfDlv5HTQ2X9O1K8h67317lcDrISgno4TzR+o5Ayg/762mE/w6UDA0mSEHGYu7LzWX4+IzfYTCbn+f12NsbEdKX8NInVOwUNdXI5VBxiAnfF62HGxIlrMaE65TLwdSZiMIy1B5RyVjwjsYMTHOIXIxqP2R8r7q2n86SbCT+dxrIUB+IBiqtJCvJs7+59dsnKiKguN6Jc/hO3ZPf7PXZ5Uh2xdEHHH8Hu1AO3rWAd9QxQiUJ8P2f5iBq1IrBoPN+6F6mVjolIqXlU5UeNb50FSCypKl0SFHR6hJRTZgJSjAlMXMQyuTPjDP44oQc+YZfUfQRLEwUyTEImzZa46LqziAKY2N0+Szql8EictDXbvtdjIt53kpw==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: comcast.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4351.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 51292b7c-57f9-4e40-afcd-08dc4b5477cd
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Mar 2024 16:15:33.8551 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vPblaQUWLPBob6ZpnEsCibT9BsvZDc55XeU/1RZf9IeTAPhn8qqCkvUe/jGkV3xWAVZ0GezgQlVUh/o73pED5rEkTMYAkheJubyCDuyRzLQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR11MB7261
X-Proofpoint-ORIG-GUID: zLsid9tBVPAhNOVUGICl2GSFqYKb6--y
X-Proofpoint-GUID: zLsid9tBVPAhNOVUGICl2GSFqYKb6--y
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-23_10,2024-03-21_02,2023-05-22_02
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/wvJHnY9Au50hCDvLlWEUG94KK2w>
Subject: Re: [dmarc-ietf] Security Considerations in aggregate-reporting
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Mar 2024 16:16:00 -0000
Thanks, added as a list -- Alex Brotman Sr. Engineer, Anti-Abuse & Messaging Policy Comcast > -----Original Message----- > From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Matthäus Wander > Sent: Friday, March 22, 2024 7:15 PM > To: dmarc@ietf.org > Subject: [dmarc-ietf] Security Considerations in aggregate-reporting > > The Security Considerations section of aggregate-reporting-14 currently consists > of a placeholder. Suggested text follows. > > 7. Security Considerations > > Aggregate reports are supposed to be processed automatically. An attacker might > attempt to compromise the integrity or availability of the report processor by > sending ill-formed reports. In particular, the archive decompressor and XML > parser are at risk to resource exhaustion attacks (zip bomb or XML bomb). > > The data contained within aggregate reports may be forged. An attacker might > attempt to interfere by submitting false reports in masses. > > See also the security considerations of [dmarc-bis] (Section 11). > > Regards, > Matt > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmarc__;!!C > Ql3mcHX2A!DFefgrWpAI8yZl-vaXTMNo- > w25DyauJ5lIv7PgXtLK8GuOehfQXU0cRr94m41JRipIHn7C- > myd1B9T5zxeCUhXOszRZMN0b3Z6SfZIb4$
- [dmarc-ietf] Security Considerations in aggregate… Matthäus Wander
- Re: [dmarc-ietf] Security Considerations in aggre… Brotman, Alex