Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
Jesse Thompson <jesse.thompson@wisc.edu> Wed, 22 July 2020 22:38 UTC
Return-Path: <jesse.thompson@wisc.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0860E3A0896 for <dmarc@ietfa.amsl.com>; Wed, 22 Jul 2020 15:38:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wisc.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gd7ceE1vi4Bj for <dmarc@ietfa.amsl.com>; Wed, 22 Jul 2020 15:38:30 -0700 (PDT)
Received: from wmauth4.doit.wisc.edu (wmauth4.doit.wisc.edu [144.92.197.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56A373A0895 for <dmarc@ietf.org>; Wed, 22 Jul 2020 15:38:29 -0700 (PDT)
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (mail-bn3nam04lp2055.outbound.protection.outlook.com [104.47.46.55]) by smtpauth4.wiscmail.wisc.edu (Oracle Communications Messaging Server 8.0.2.4.20190812 64bit (built Aug 12 2019)) with ESMTPS id <0QDW05H7A6W41S40@smtpauth4.wiscmail.wisc.edu> for dmarc@ietf.org; Wed, 22 Jul 2020 17:38:28 -0500 (CDT)
X-Wisc-Env-From-B64: amVzc2UudGhvbXBzb25Ad2lzYy5lZHU=
X-Spam-PmxInfo: Server=avs-4, Version=6.4.7.2805085, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.7.22.223317, AntiVirus-Engine: 5.74.0, AntiVirus-Data: 2020.6.18.5740001, SenderIP=[104.47.46.55]
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IOC/mDtI9CFZLuEHOdurhfIAnIL8Pun0PWx4r1400FniECE9JPgrzG0JddzuEf4ac7qj2GdPWXaXuaS7EOSW+n/ft4aE7RdUJIjVnBrvOc3W6uzEglbV2LkE6ZbfvYLS+ZfpuqDFjdbISlNh7DN2ctx2MjG9JrTpt2ZVA1cReHVsj9n9sQg//Pq2JoqDTTiY83MC+9j8qCdIdOJ9GCiS4sMzIehFv6mDibIPs9j5tatNEWIiuIuLJM8GOKBjPLR35NuExMRd2UXt8f1ejYisQaiB4ss/2naG+CO2PED0MuMjAsdnjUhkz4LAP+nzDI761bsw52blCm2+VZnTfVqz4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s5Poe1hKrqBBK/DEZztHSDYUGWwCETQnVaTBSrLyTpE=; b=Q0sB/BSjpLZ9s4pRQcyyCl438Pj0m/HJnYs4Qgm/Y074MzOG8+YxKhztzTo4Jpk5exVDu9TawRZ9pk33BmyP5nliC4X+OQc3DUpK29R6NzjAa/3U+42F3g3PfTRMhuUR2bWZqXXgo4GB+aPHC+yCkXaIjt2ySt+3hj4wPR4jkFoY2YlaURnoZizwvfGXF3G5/5ODlQlXzKtQZg3cZYZFe8xJB+BoH203AYg0S7V47OVn1ls1f3hE9vyURqEe2UWlwTAVXQUDYmvDPr869gZmWoBATK2Pvrrztqgb5TC/s3rfudvxPQem+IaWsR4PCvvmEi3VAs0xE9e/powD6ehUkA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wisc.edu; dmarc=pass action=none header.from=wisc.edu; dkim=pass header.d=wisc.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisc.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s5Poe1hKrqBBK/DEZztHSDYUGWwCETQnVaTBSrLyTpE=; b=mo/I1tkhqOkiwwKYkfiQIg5aZ5fkrRpfNeTV8OCqo3GPXRAyIMAWRWDpg5SkuCSRpDWP4Z0qrBF4d4s4/wPO3XSlaOe7SjCIhAl6NsgZ4+GRYxoFY+4bOr3NExITYrxceXKlwOiTa7CpFGFFSsOkmuYCCG4yz0X+injvAOicmvM=
Received: from CY4PR0601MB3668.namprd06.prod.outlook.com (2603:10b6:910:91::31) by CY4PR06MB2309.namprd06.prod.outlook.com (2603:10b6:903:12::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.20; Wed, 22 Jul 2020 22:38:27 +0000
Received: from CY4PR0601MB3668.namprd06.prod.outlook.com ([fe80::3d8e:1435:a4df:c400]) by CY4PR0601MB3668.namprd06.prod.outlook.com ([fe80::3d8e:1435:a4df:c400%7]) with mapi id 15.20.3216.021; Wed, 22 Jul 2020 22:38:27 +0000
To: dmarc@ietf.org
References: <20200722170514.911F21D61BDE@ary.qy>
From: Jesse Thompson <jesse.thompson@wisc.edu>
Message-id: <f887ce72-815c-c501-2552-de59fafe9380@wisc.edu>
Date: Wed, 22 Jul 2020 17:38:25 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Thunderbird/80.0a1
In-reply-to: <20200722170514.911F21D61BDE@ary.qy>
Content-type: text/plain; charset="utf-8"
Content-language: en-US
Content-transfer-encoding: 7bit
X-ClientProxiedBy: CH2PR10CA0025.namprd10.prod.outlook.com (2603:10b6:610:4c::35) To CY4PR0601MB3668.namprd06.prod.outlook.com (2603:10b6:910:91::31)
MIME-version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.0.2.111] (47.12.96.133) by CH2PR10CA0025.namprd10.prod.outlook.com (2603:10b6:610:4c::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.22 via Frontend Transport; Wed, 22 Jul 2020 22:38:27 +0000
X-Originating-IP: [47.12.96.133]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: c8d53fc8-82a9-43d7-b8d2-08d82e8ff372
X-MS-TrafficTypeDiagnostic: CY4PR06MB2309:
X-Microsoft-Antispam-PRVS: <CY4PR06MB23090DF65CABA095D14FB425F6790@CY4PR06MB2309.namprd06.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: zKiedLKR98oit1NYPBAlB3zE3Ox/+04gXp8EdyUrBR3WZvRDTUAB+RuemNVoe71oH1Y+FGScCuOx2FG5EvTGMSYIOEPph126GF3yJO0cXE4ObnTvK8LFsFQYCBYrQK5rvTEvCRlqAPJil9llkH/PDHvdXQ0hFm+67ZpmYYOKBWwZI+aBP/OOXlQO/AeJ4HVDCY9Us3yT2n+9slME8BRNirUepaVigl2I+yEiGTmooZWu/a9XLq/CiHWr8IU0jE9KNAMQ7mgjBLUxLgDAhZUEyW7jjLRRDkYeWHViKDaKft3LWcHcn4PKwp8eQvstJ0J9gyXydorfZm48DXscQhTmEZCJ6UCO0lJV44dnL23/IkQlQcMsF60cOAEMVueevcVywqMRQ5mqMw8UBWFuHq21LnZOxD5Cgig8W2KeDOTTcFBfFZgTkVrhRjG3myPwVtG9JLYJBKzvtiG0/UJPI31RMg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CY4PR0601MB3668.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(376002)(396003)(136003)(366004)(346002)(39860400002)(36756003)(83380400001)(2616005)(956004)(16526019)(478600001)(31696002)(5660300002)(186003)(26005)(8936002)(75432002)(83080400001)(6916009)(86362001)(53546011)(4744005)(44832011)(316002)(966005)(2906002)(66476007)(8676002)(66946007)(786003)(16576012)(66556008)(6486002)(15650500001)(31686004)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: G+8M/cj+OIhG23MYWwlMMqhIiQc3Umd1nrdegV2IXJwLzTiDJCfkxVz0wl02oAdSuXG/FuNYM34BaNtTxmIyo2Mq2tTQZg9eVIYPYaY6O3Td75S4AaelQA2uhNdBNtUZ/bu/Xtq5wMzwcKSv9KiXKB8Y41mP+J7Jv7lZt9fHrPExBgfn5c26p/Y4RvcKuN9/B2Q61P/HNSNVsy6RFt6YAuE0hmduTNHeXyePWyW6YwVirKftPETMxMFAY0vIGFVldAg7vNe3cpF/LzG4U6+ebisIO1OZnR+na5IzDsKKtuvdUiAq99PsrZ9yaeRkEgEm7/eoBmHk0iGKw6fl6o3hGo5WsjnogjFbTZ9+aZtrUyLIusBeZhbUEnQ4AsP/MnBHCsBZvZI8ujSYIjzY49CBUAxRaMVxhJM9TBjz8ChDgprHjtzXjEK6NZzI5JI2Iv2Cqkn21AO75FeBPremnRk966Xa/miPGGZucNxQ2YFAqJ8=
X-OriginatorOrg: wisc.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: c8d53fc8-82a9-43d7-b8d2-08d82e8ff372
X-MS-Exchange-CrossTenant-AuthSource: CY4PR0601MB3668.namprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jul 2020 22:38:27.4157 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 2ca68321-0eda-4908-88b2-424a8cb4b0f9
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 3v7+bOb00KDX10yx84bfu/Tz8IIWeyF4FX5mVwZFnhmLvRNG3E6SrVxe0Jqcjec0KXHOKwvwjh3EfsHjPoSuNQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR06MB2309
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/yNB8gJSwWeErmGzB4yKWUcaTDuU>
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 22:38:32 -0000
On 7/22/20 12:05 PM, John Levine wrote: > I don't believe we have a charter to tell mailing list operators what > to do, even if we believed, against all experience, that they would > take our advice. https://cyber.dhs.gov/bod/18-01/ references https://dmarc.org/wiki/FAQ#I_operate_a_mailing_list_and_I_want_to_interoperate_with_DMARC.2C_what_should_I_do.3F Who should be giving them advice? > As may have been pointed out a few times, mailing lists had been > serving their users perfectly well for decades before AOL and Yahoo made them > DMARC roadkill. Given that the email security industry's marketing now shames domain owners for not adopting DMARC, I think that the statute of limitations for AOL and Yahoo has passed. Jesse
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- [dmarc-ietf] Response to a claim in draft-crocker… Kurt Andersen (IETF)
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker on behalf of Kurt Andersen
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Alessandro Vesely
- Re: [dmarc-ietf] Response to a claim in draft-cro… Jim Fenton
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Murray S. Kucherawy
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Murray S. Kucherawy
- Re: [dmarc-ietf] Response to a claim in draft-cro… Alessandro Vesely
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… John Levine
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] no from addresses nowhere, Respo… John Levine
- Re: [dmarc-ietf] Response to a claim in draft-cro… Murray S. Kucherawy
- Re: [dmarc-ietf] Response to a claim in draft-cro… Murray S. Kucherawy
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Murray S. Kucherawy
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Alessandro Vesely
- Re: [dmarc-ietf] Response to a claim in draft-cro… Laura Atkins
- Re: [dmarc-ietf] Response to a claim in draft-cro… Benny Lyne Amorsen
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dotzero
- Re: [dmarc-ietf] Response to a claim in draft-cro… Benny Lyne Amorsen
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Jesse Thompson
- Re: [dmarc-ietf] Response to a claim in draft-cro… Brandon Long
- Re: [dmarc-ietf] Response to a claim in draft-cro… Brandon Long
- Re: [dmarc-ietf] Response to a claim in draft-cro… Brandon Long
- Re: [dmarc-ietf] Response to a claim in draft-cro… Murray S. Kucherawy
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… John Levine
- Re: [dmarc-ietf] Response to a claim in draft-cro… Laura Atkins
- Re: [dmarc-ietf] Response to a claim in draft-cro… Laura Atkins
- Re: [dmarc-ietf] Response to a claim in draft-cro… Laura Atkins
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Jesse Thompson
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Brandon Long
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dotzero
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Hector Santos
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Joseph Brennan
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dotzero
- Re: [dmarc-ietf] Response to a claim in draft-cro… Joseph Brennan
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Brandon Long
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Jesse Thompson
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Doug Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… John Levine
- Re: [dmarc-ietf] Response to a claim in draft-cro… Jesse Thompson
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dotzero
- [dmarc-ietf] DMARC marketing Jim Fenton
- Re: [dmarc-ietf] Response to a claim in draft-cro… Joseph Brennan
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Joseph Brennan
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Benny Pedersen
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Joseph Brennan
- Re: [dmarc-ietf] Why are MUAs hiding or removing … Benny Pedersen
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Hector Santos
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Jim Fenton
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Hector Santos
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker
- Re: [dmarc-ietf] Response to a claim in draft-cro… Hector Santos
- Re: [dmarc-ietf] Response to a claim in draft-cro… Douglas E. Foster
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dotzero
- Re: [dmarc-ietf] DMARC marketing Jesse Thompson
- Re: [dmarc-ietf] Response to a claim in draft-cro… Jesse Thompson
- Re: [dmarc-ietf] Response to a claim in draft-cro… Dave Crocker