Re: [ietf-822] Expires header field
Keith Moore <moore@network-heretics.com> Fri, 02 December 2022 15:50 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf-822@ietfa.amsl.com
Delivered-To: ietf-822@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 933BFC14F73A for <ietf-822@ietfa.amsl.com>; Fri, 2 Dec 2022 07:50:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RC7W-ouXjclW for <ietf-822@ietfa.amsl.com>; Fri, 2 Dec 2022 07:50:29 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFC03C14CEE0 for <ietf-822@ietf.org>; Fri, 2 Dec 2022 07:50:29 -0800 (PST)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id D39233200976 for <ietf-822@ietf.org>; Fri, 2 Dec 2022 10:50:26 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Fri, 02 Dec 2022 10:50:26 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1669996226; x=1670082626; bh=M ffWjr4+SDluOjbDteJMaUSdPQw9DtTk9s5SpiMczfE=; b=J1V787V1AqJiA0YER lI1RCohmm+NIzXmaHWQaP6Qv5zHk2RdSaNgJEp45wOJEvx8wlQnEKyZ9AMs63J/j i6LH5j02ZP2wrMHeQrMIC21cXO7nwPmXrVPvXtFkzc81Dl3+RkT+XGEeHUfAbrky QVDdyQcgLOLYzQ0prFglkARbdD8MRrzyPvb+GM+mfZeSb3iTls/vCKWISHLZRMKt H23WIOiwijT3XNVW/pNkARSG5jNowwrw5UN1LeqhrYNdEfvga7eVOvAITQDP665V ruwGBztHRRliL1c5NFFC7WU8Z0EIeNMwxm5c0NI9bM8TlmQnuIcoIauhSghGqAr4 LRmHw==
X-ME-Sender: <xms:wh6KY7Q7RrTuIQuxH0JzgBzTfzNLSCpON5-LdCo0rdEyPZ_44pd26g> <xme:wh6KY8w_cUVlZh3VSO4UPtIsbYPB3YtIy01ANZxJZLhyvu25dnQDqWfarDY1g8qRM yAub6Wa99NZhg>
X-ME-Received: <xmr:wh6KYw3K-f_QcUrTPLqb8oHGrZ6OnuEOq6FudF7h9tEvrG_PLc0M6L9Ybcx1S8Wltax71ddvaBNn2iqLxpk4jFPrShuLaKevYc_Xruq2yzfMyBdLbRjPJg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrtdekgdehjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepkfffgggfuffvfhfhjggtgfesthekre dttdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvghtfiho rhhkqdhhvghrvghtihgtshdrtghomheqnecuggftrfgrthhtvghrnhepudffffehhfetke eiheduudfggfehgfdvffduudejleetjeetleeggeduiefggfelnecuffhomhgrihhnpehi vghtfhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:wh6KY7AhwjeKx7o1HWMfEELqkaIKvqaOs2ePL_9EIU5w4PBy3ZWHiw> <xmx:wh6KY0g8cBLzBfTD62th7wOZz0avQrJb4SHgQmXlEivAGad4v9TJRQ> <xmx:wh6KY_r2ODMifa10LrnEqvOm21vya3e31KRPDnmFcyvo4ResJKFDrA> <xmx:wh6KY_vodtWNS6VXSv6TkDASfGfKImbLy4J1Oq6YoEnVSy-sMr3HYg>
Feedback-ID: i5d8c41f0:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <ietf-822@ietf.org>; Fri, 2 Dec 2022 10:50:25 -0500 (EST)
Message-ID: <3395508e-cefa-a974-2ecc-f52d3aba8883@network-heretics.com>
Date: Fri, 02 Dec 2022 10:50:25 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2
Content-Language: en-US
To: ietf-822@ietf.org
References: <CAL0qLwa+yJkczF3TqepSVEvjMABzc0HR9-LLS3ejAUPt2A83vQ@mail.gmail.com>
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <CAL0qLwa+yJkczF3TqepSVEvjMABzc0HR9-LLS3ejAUPt2A83vQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-822/Gv2q7z_-coD45XQlV1hXkqUUrhs>
Subject: Re: [ietf-822] Expires header field
X-BeenThere: ietf-822@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of issues related to Internet Message Format \[RFC 822, RFC 2822, RFC 5322\]" <ietf-822.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-822/>
List-Post: <mailto:ietf-822@ietf.org>
List-Help: <mailto:ietf-822-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Dec 2022 15:50:34 -0000
On 11/8/22 05:36, Murray S. Kucherawy wrote: > Hi all, > > I have received a request to sponsor and publish this document: > > https://datatracker.ietf.org/doc/draft-billon-expires/ > > This is mostly just a change of state for this header field. > > Before I send it to an extended Last Call, I wanted to prompt here for > any feedback, support, etc. Please have at it. > I missed the earlier announcement but saw it on the last-call list. If memory serves, similar proposals have been discussed many times in the past and always been rejected in the email context, due to several problems: mostly, lack of reliable authentication in email, but also concerns about tricks that could be used to make it seem like a recipient had received a message that they never actually were able to read. IMO automatic expiration of email messages is a Bad Idea as it damages the transparency of the email system (especially when it leaves no trace of the deletion that's visible to the recipient), and reduces the level of consistency between implementations (if some message stores or MUAs expire and others don't). This seems problematic especially if the differences in such behavior are detectable, in that it could be exploited by someone who wished to send a message to several recipients (perhaps also arranging for some kind of proof of delivery to each), but also arranging that only some of those recipients could actually read the message. (Sure, anyone can craft a message that includes recipients in the To or CC fields that aren't actually sent copies of the message, but being able to have those deliveries logged or acknowledged but still unavailable to recipients adds another wrinkle.) Having a way to say "this message is no longer relevant after <date>" could be useful to MUAs so they could use this information to affect how they present such messages to recipients. But automatic expiration of messages based on Expires header with no indication to the recipient, seems at least as dubious as automatic deletion of (suspected) spam. I also have very strong concerns about the way this draft is currently worded, especially that it doesn't make a clean separation between the recipient's MUA's role vs. the "mailbox provider"'s role. That much could be fixed with some judicious editing. I have even more concerns that this draft seems to envision a role for the "mailbox provider" in implementing government surveillance. I don't think this is something that IETF should be lending any kind of legitimacy to. And sure, I realize this is pretty much what Usenet did, but: Usenet mostly existed in a much more benign world than we have today, and even then many admins turned off automatic expiration. Also, Usenet discussions differed in character in many ways from email. In short: PLEASE give this proposal a VERY careful (re)look, as IMO it's quite dangerous and not receiving enough scrutiny. Keith
- [ietf-822] Expires header field Murray S. Kucherawy
- Re: [ietf-822] Expires header field Pete Resnick
- Re: [ietf-822] Expires header field Bill McQuillan
- Re: [ietf-822] Expires header field Russ Allbery
- Re: [ietf-822] Expires header field Alessandro Vesely
- Re: [ietf-822] Expires header field Michael Richardson
- Re: [ietf-822] Expires header field John Levine
- Re: [ietf-822] Expires header field Jasper Spaans
- Re: [ietf-822] Expires header field Russ Allbery
- Re: [ietf-822] Expires header field John Levine
- Re: [ietf-822] IMAP $expires, Expires header field John Levine
- Re: [ietf-822] Expires header field John Levine
- Re: [ietf-822] Expires header field Keith Moore
- Re: [ietf-822] Expires header field Dave Crocker
- Re: [ietf-822] Expires header field Keith Moore
- Re: [ietf-822] Expires header field Dave Crocker
- Re: [ietf-822] Expires header field Keith Moore
- Re: [ietf-822] Expires header field Dave Crocker
- Re: [ietf-822] Expires header field * draft-billo… John C Klensin