Re: [DNSOP] Tell me about tree walks

"Brotman, Alex" <Alex_Brotman@comcast.com> Thu, 12 November 2020 17:26 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C06FA3A142F for <dnsop@ietfa.amsl.com>; Thu, 12 Nov 2020 09:26:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NVxs3qFEfQ9A for <dnsop@ietfa.amsl.com>; Thu, 12 Nov 2020 09:26:09 -0800 (PST)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA2ED3A142B for <dnsop@ietf.org>; Thu, 12 Nov 2020 09:26:09 -0800 (PST)
Received: from pps.filterd (m0184892.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 0ACHNdMY023172; Thu, 12 Nov 2020 12:26:09 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=J28hTtp/C5ZobNs7p326TzraAHFT0Ub6PoIDPRQC8tU=; b=yvIylS1umaj3Yl1Tp9z4F25GJ+FQjGzYvZRSgoYcviWzXk9vEMZZn7rWwbTEHIMyazgL ZB/IHJETX8HqMuD1NhluXtpRWcQD+KMm4nrVQTprArWUMRS8OJHkN7URAD9RBtPku0Ff v3cHJk8C+X7/iOpi3Zn2yhyY3ll6HlqmKLobKlgg+oNjQ2Ct+WNzGzRXhvL4XbRHLWxj iPcpqE/3O58rKO3r8QnNpS2YsDyBcI4aAzFVGYv3HkouwEflT4qdEOqUime1b066uBlq jF/gyTQKQziA6axG0WON+Nz/woSU8vquQEW0iGxvmltGvZBkrrqtBsr8+NJe+xmDB1XE Og==
Received: from pacdcex51.cable.comcast.com (dlppfpt-wc-1p.slb.comcast.com [96.99.226.136]) by mx0a-00143702.pphosted.com with ESMTP id 34rpc5x7hg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 12 Nov 2020 12:26:09 -0500
Received: from PACDCEX41.cable.comcast.com (24.40.2.140) by PACDCEX51.cable.comcast.com (24.40.2.150) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 12 Nov 2020 12:26:07 -0500
Received: from PACDCEXEDGE01.cable.comcast.com (76.96.78.71) by PACDCEX41.cable.comcast.com (24.40.2.140) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 12 Nov 2020 12:26:07 -0500
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.107) by webmail.comcast.com (76.96.78.71) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 12 Nov 2020 12:26:03 -0500
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by MN2PR11MB4519.namprd11.prod.outlook.com (2603:10b6:208:26c::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3541.24; Thu, 12 Nov 2020 17:26:02 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::d4a7:d9e:d031:c24c]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::d4a7:d9e:d031:c24c%6]) with mapi id 15.20.3541.026; Thu, 12 Nov 2020 17:26:02 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: John R Levine <johnl@taugh.com>
CC: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] Tell me about tree walks
Thread-Index: AQHWuFbgJfJx5XuC+0SsG24LL9bh/anDdaEAgAAIBwCAAAp6AIAAcKuAgACj0oCAACKLkA==
Date: Thu, 12 Nov 2020 17:26:02 +0000
Message-ID: <MN2PR11MB43510B32E60B8F1269F20079F7E70@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <20201111181423.7B1A9262936D@ary.qy> <alpine.DEB.2.20.2011112128510.17264@grey.csi.cam.ac.uk> <20201111220822.34bia6nagfnimwuw@family.redbarn.org> <8D01ED99-7F80-4D0E-A791-7DFF84E0F75C@hopcount.ca> <20201112052907.77ws4glvt6l5f4zr@family.redbarn.org> <cf314ffb-73f8-3699-ddca-2ee2e288244@taugh.com>
In-Reply-To: <cf314ffb-73f8-3699-ddca-2ee2e288244@taugh.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: taugh.com; dkim=none (message not signed) header.d=none;taugh.com; dmarc=none action=none header.from=comcast.com;
x-originating-ip: [2601:43:101:380:81ae:5c27:50dc:c6f4]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2a20a27d-ff2b-49df-b145-08d887300777
x-ms-traffictypediagnostic: MN2PR11MB4519:
x-microsoft-antispam-prvs: <MN2PR11MB4519DBB686526285A15786F7F7E70@MN2PR11MB4519.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: mIvJqEGz5FBm2LeJaCPsWA25KmlxW9b5041BnYUAR8XvXcnpi0gM6srfzrgJOP6Dl+CCAADK62CeWr2BhSTsRk268ju+5QdJ0oHrru+IhTy+DnxBHDJONdvPxeDSer4aGDFfWqgWaEeki12ujtMxrynZmlNdhvn9DHJlTB97XoKdXSWXpdcMaXMASWzgtvcs1uOmNJm6wRBgDAEg6oDkom5bWngPNFnkRWJ8kTI4DJB/Wbm0Wyhy6iQcUxzV6oAKXg/eUz6oXs+WWTtWcGSnv85ofCa7Y7GjFjZNX+0z7WdVnqCbXg+wM5A3rQu9q8wSamcQh9MHttOvnZz8TnlIyRRq5KaFXW/nQijW2WFP1JVX+E4qOQXa5NDvCAG8VUqnAZgvWkYaaVVVmLzTFhMh/Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(366004)(136003)(396003)(39860400002)(71200400001)(8676002)(53546011)(4326008)(66446008)(66946007)(66476007)(76116006)(9686003)(6916009)(66556008)(64756008)(6506007)(8936002)(7696005)(33656002)(316002)(5660300002)(186003)(478600001)(55016002)(83380400001)(86362001)(966005)(52536014)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: CuV5ZHl8ppD/kY4GN4EF6HHHXXODugZhhxwrYEt0p0q+KTxC+NGqG1CzakBRkEoD83QDipro+WBW6+LVO0BZHBCCK8IHQHGeu7gDplPoE0n7d9ECy3N0wwm6SJE5aqF4YbFOEE80K9nuA35JGGfluNAHENhxqb1VEdAj1YytULVzthpTo8IvtwPAiKdYa/CWy34bBvChWqFCBR6b+84odv+ATmbh8h5GgAnG7+prTDRUO8vsjOIG9GCX/Gb2pUHDXPnW0ETOXcnSCgzmXLnqvNQk29Jt0lH1e44/RwXof6ve/MPuoimn4zRzxouoRYE3S4nX0C/vGzeT7gbebqV0FEe1XbDVlfFFzWKqtED7xLYj7QiHYBSrTN6dOFCvGq+LhLaq9eCH34L12PCIq5gik3mOdE65BYDcMZBj7U0bLL83aLZCNVo7O+EL4d9E2VbAWm0A+WbUGMt5dliGD6FJbS8VxKBCZ/3z3ciUJh/z31oHpW4H7KGljrE6BgU45as231l7J2JR5ha9KKrgca1dkseNT0wVBzi/tm+7GpEhgPgbisW89MkMEpBt+2mOdl0jfsruEeaQr5PSIMwC1XnvUWvc5fUQhne/AWjLvRYpmAW0RIcz3iUHtrPZOYdtW7mqiwuHczG86owNiUC1K+vrpNi8t6F8vIZguzmJXNq3rqVNJD9/N+N+Y5GXMwp8JGtcKqWmDTIYIXLCxLfzbvYn/A==
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F36hcFy60MiYp5S9I5UrhT+DQ/Hvd2gmok9iiHth9TdXV5/Uvi/Oy6+mGOdJ7EhxrAU5Ti8G5mUgt/BBflEbvAVcJHLEZjQJ1Mqq2rsldTzVJ3vRbMgJoQ1c+8900M3TegvAFMVx3o+IAWOx3kdOgPm4URpnmdFAqYsmwcf1+iKs4bH5DEVh7MzZO35D5CbYli1fYw8rqU3Xpi0/p7c9nSlrpmPBPeRa17Vi8Bh+XK3CN/1WkLR4RXKRJzfMmVNE3hHjoofdcUjKpkkNGsZn85b7gK7dFPJl0rZFWlyj8AhMKozFWW2qhBE93Ia16/vQScJ8UFY79ijfs9k2jT9prw==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LPaw39h1hgMU0as7zA6kMVbG2kUXa4+tlyFnhAXrsdM=; b=c7978jcIwgPR8fAermZolkrhgcgogMobg/X3gyqY0kzkWlqpAYBaZ/GFy/YufhkwC26On3KCoVIEAqwWjQPWW6rtbcYEND63a3UtqjfJ7QfrvHOpXdA5YoacD0pC8yuzkDVMwhcnHzXYX8v/cJqzyg+3qN6Emtfo5dtxjAsPJgCX8Pzsp4PhWpeaGDDo9lVSj1oioa+di6jfFDsgdLLN2OESiTJKG1NGPL8MNfK8eKyjGxcn672nUymwURdY0s1FZDgRt3yOMlmCsswR2swjGxBWQNXOtW9R9sZa6X6CyAy5nl80BDoqGXhGU792wRyuZoSMDSPE1id/PvxPLMYM6g==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 2a20a27d-ff2b-49df-b145-08d887300777
x-ms-exchange-crosstenant-originalarrivaltime: 12 Nov 2020 17:26:02.5610 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: jdpeCC6SL7hoa5fGMXSWgwO+YbYTVHPu5eQfOmOi9KPTuIxVGcZwDR5vPysgZhm6JDtf5deb1s85LWK/MLd/ioSIg9H0qEm5VHI/gAJVT88=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4519
x-originatororg: comcast.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWQ
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-11-12_08:2020-11-12, 2020-11-12 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/XGaNH_slfcVlV-2upNk9c4tzPF4>
Subject: Re: [DNSOP] Tell me about tree walks
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2020 17:26:14 -0000

John,

If the concern is a string of period-separated gibberish, why not create some artificial/sane limit where the receivers stop at N steps?

I can't say I'm personally a huge fan of tree-walks, only because I feel like the responsible party should have the ability to manage their DMARC properly through TXT or CNAME records, though, I do understand it makes many things easier in DMARC.  I would like to suggest also suggest that if the tree-walk becomes the method that it should include a method by which a receiver can be told that it should stop.  Message arrives from a.b.c.d.example.com, and at d.example.com, there would be a record like "v=DMARCv2 tw=0".

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

> -----Original Message-----
> From: DNSOP <dnsop-bounces@ietf.org> On Behalf Of John R Levine
> Sent: Thursday, November 12, 2020 10:15 AM
> To: Paul Vixie <paul@redbarn.org>rg>; Joe Abley <jabley@hopcount.ca>
> Cc: dnsop@ietf.org
> Subject: Re: [DNSOP] Tell me about tree walks
>
> >> I understand the reason why being able to identify the registrar for
> >> a particular domain is useful (or "necessary" depending on your perspective).
> >> I don't understand the overlap between this problem and the problem
> >> that John is trying to solve, though. Could you explain?
> >
> > i'm happy to try. otherwise i'll just be sheltering in place.
>
> I read all your stuff and it's clear to me that it has nothing to do with my
> question about DNS tree walks.
>
> R's,
> John
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dnsop__;!!
> CQl3mcHX2A!VakA9j7sulgmHrfAPEgF4lehHbylfRiLw1UIVO-
> f38uYVtIx70hYga8j4P2AxpNk296BNdY$