Re: [Extra] Ben Campbell's Discuss on draft-ietf-extra-sieve-fcc-08: (with DISCUSS and COMMENT)
Alexey Melnikov <aamelnikov@fastmail.fm> Thu, 10 January 2019 16:23 UTC
Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08D7B130E73; Thu, 10 Jan 2019 08:23:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=BRaA9Dnd; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=LIKOECuy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hFJmsk2yTFYQ; Thu, 10 Jan 2019 08:23:18 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3CFB130E71; Thu, 10 Jan 2019 08:23:17 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 2DA42233AB; Thu, 10 Jan 2019 11:23:17 -0500 (EST)
Received: from web5 ([10.202.2.215]) by compute7.internal (MEProxy); Thu, 10 Jan 2019 11:23:17 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= message-id:from:to:cc:mime-version:content-transfer-encoding :content-type:references:subject:date:in-reply-to; s=fm2; bh=Y1l rSgf4gOj6fsnnHjLdQf5wfJGI+NQ4Pht+WO1A5FQ=; b=BRaA9DndoNLqHLeYzZL iRVCI+wDyjIOObZpblaato9ppFBxbSkQ7jSlTwXM1zXd40q8rk65TAc3qOttlKZa sB6m55bnTDQ2Y47NHrOaFwKSvL5VidLttqjQLqJF+rgPTfWiLTSOzxBP7mXdgP4D PURJ63S+Q6vVljKNPsLrgiUfOiEpqM+uD5Sq1awTc6C3jJ5UIPewGp8vjYESumcu j6RlP4NAyOmhd98G9CBg6thu2AEy3lLoWK10Q5z96/J15yUBsDwKxe1aprmkKSCZ OXO+HiQZgllqO59C9Q/dd/2N8qicBfWbSdME2PRCm0Oa8d7TJIrAJsLv9jaREXi3 fqw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=Y1lrSgf4gOj6fsnnHjLdQf5wfJGI+NQ4Pht+WO1A5 FQ=; b=LIKOECuy4sE39YnsMsXqIKaWPwP5wl2Ahe05XxrYC5OSPXk4CN6hVeBGH /9CIwWxz+pQB1wNx0TkuTiQDE2QSrc1tAoRNZJH6MrJjpVFXYMxnVeZpar7CKmyt b73hm6mCtnRFsEn6jI7qeUWmdIYyN8g+WM6tF8TosIypngXEd9H7iHie85kMXahF TadD7VTxzm/4/gCdIZ9DpnS7bcnBTkrFIiHbl77u4dlVz4fbgikwSPkA3fo0CM7v NIPxAfhaqgoBiVfwVYfA3ZiHiqQISsQPcrkgmWmtqRTozEbGboYl5wikQft4GG46 hNYTZQEJGfMUQZYNGMEdIT2/hBmjg==
X-ME-Sender: <xms:cXE3XE2ZQvNx4DdSwlXFFgNjLcw5GJFoF7RwS_wgC9O_3bQ2oKRArg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrfeefgdekjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthenuceurghilhhouhhtmecufedt tdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhepkffhvfgggfgtof hfufffjgesrgejreerredtjeenucfhrhhomheptehlvgigvgihucfovghlnhhikhhovhcu oegrrghmvghlnhhikhhovhesfhgrshhtmhgrihhlrdhfmheqnecurfgrrhgrmhepmhgrih hlfhhrohhmpegrrghmvghlnhhikhhovhesfhgrshhtmhgrihhlrdhfmhenucevlhhushht vghrufhiiigvpedt
X-ME-Proxy: <xmx:cXE3XJ995e-EoHlIh4M4iwPDpkMh53208j8kKnjIhec6oRkXwzZfbg> <xmx:cXE3XEsXVmeaXkSgUaApGWr5zZXWk__pHHZYGjwhHlbg3n6dX4cLCw> <xmx:cXE3XMBao0kTm2Xr8sMDhqTkdoymCKuURF7mA4pqtAKj1-zVVM6WeA> <xmx:dXE3XMzFZLh1mMs3xb9_wuM_tpKnRuOrXPFq2pV15YdGrRsAMBU9IQ>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id AB15C9E1EC; Thu, 10 Jan 2019 11:23:13 -0500 (EST)
Message-Id: <1547137393.3825651.1631025328.2D213854@webmail.messagingengine.com>
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: Ben Campbell <ben@nostrum.com>
Cc: extra@ietf.org, yaojk@cnnic.cn, draft-ietf-extra-sieve-fcc@ietf.org, The IESG <iesg@ietf.org>, extra-chairs@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="_----------=_154713739338256510"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-5ae1f753
References: <154707068927.5028.9965727374137648132.idtracker@ietfa.amsl.com> <553C69A0-9D9F-45F7-9586-B0BD71DF2661@fastmail.fm> <9DF727DF-068E-437D-B8E1-D3A71A087DE3@nostrum.com> <1547133299.3806739.1630945640.44BE5606@webmail.messagingengine.com> <1C3A8600-2EF7-4339-BD05-5C642476C0D7@nostrum.com>
Date: Thu, 10 Jan 2019 16:23:13 +0000
In-Reply-To: <1C3A8600-2EF7-4339-BD05-5C642476C0D7@nostrum.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/Y8FqNplsroBgtZsvAfMH33R1AH4>
Subject: Re: [Extra] Ben Campbell's Discuss on draft-ietf-extra-sieve-fcc-08: (with DISCUSS and COMMENT)
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jan 2019 16:23:20 -0000
On Thu, Jan 10, 2019, at 3:29 PM, Ben Campbell wrote: >> On Jan 10, 2019, at 9:14 AM, Alexey Melnikov >> <aamelnikov@fastmail.fm> wrote:>> >> Hi Ben, >> >> On Thu, Jan 10, 2019, at 2:56 PM, Ben Campbell wrote: >>> >>> >>>> On Jan 10, 2019, at 2:42 AM, Alexey Melnikov >>>> <aamelnikov@fastmail.fm> wrote:>>>> >>>> Hi Ben, >>>> >>>>> On 9 Jan 2019, at 21:51, Ben Campbell <ben@nostrum.com> wrote: >>>>> >>>>> ------------------------------------------------------------------ >>>>> ---->>>>> DISCUSS: >>>>> ------------------------------------------------------------------ >>>>> ---->>>>> >>>>> Thanks for the work on this. I plan to ballot "yes", but have one >>>>> item I think>>>>> needs to be discussed first: >>>>> >>>>> The security considerations say that this extension adds no new >>>>> considerations>>>>> not already present in [RFC5228], [RFC5230], [RFC5435], and >>>>> [RFC6131]. I'm not>>>>> sure that that is true. >>>>> >>>>> It seems like the ability to insert a copy of message into a >>>>> mailbox might have>>>>> security and/or privacy considerations. >>>> >>>> Can you give me an idea of what you have in mind here, other than >>>> putting the user (Sieve script owner) over quota?>>> >>> I can’t say that I know what the security considerations might >>> be; I’m>>> just skeptical that the answer is “no new considerations." The >>> authors>>> of 5228 thought “fileinto” could be dangerous. Do we know why? >> >> I don't remember now, even though I participated in the discussion. >> >>>> In particular, what are the possible privacy implications? >>> >>> Could there be issues with, say, shared mailboxes? >> >> Possibly. I can write something about this. >> >>> Or storing cleartext for mail that would be sent encrypted? >> >> I can't think of how this is going to be possible. Sieve >> notifications/vacation replies can disclose private information from >> Sieve script owner, but storing such messages doesn't leak any more >> information (ignore shared folders, I agree this might be an issue), >> because such messages will be stored in one of owner's mailboxes .> > Doesn’t that make the safety of storing the message dependent on > having reasonable protections for the owner’s mailboxes?IMAP access already requires TLS, so all message retrieval is already over encrypted channel. If you meant something else, can you please elaborate? >> >>> I suspect the answers may be more IMAP related than sieve >>> related, but>>> even that might suggest citing something IMAP related. >> >> Best Regards, >> Alexey >
- [Extra] Ben Campbell's Discuss on draft-ietf-extr… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Alexey Melnikov
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Alexey Melnikov
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Alexey Melnikov
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Alexey Melnikov
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ned Freed
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ned Freed
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ben Campbell
- Re: [Extra] Ben Campbell's Discuss on draft-ietf-… Ken Murchison