IETF Logo Mail Archive

Re: [ietf-822] WSJ/gmail/ML, was a permission to...

Hector Santos <hsantos@isdg.net> Mon, 05 May 2014 12:55 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: ietf-822@ietfa.amsl.com
Delivered-To: ietf-822@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E7AE1A0079 for <ietf-822@ietfa.amsl.com>; Mon, 5 May 2014 05:55:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.502
X-Spam-Level:
X-Spam-Status: No, score=-99.502 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_46=0.6, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MfBmVIv4rM2l for <ietf-822@ietfa.amsl.com>; Mon, 5 May 2014 05:55:34 -0700 (PDT)
Received: from pop3.winserver.com (mail.santronics.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 7D35F1A031E for <ietf-822@ietf.org>; Mon, 5 May 2014 05:55:25 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=1666; t=1399294518; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=8W3J6JQNyQj0a9CuDGvVvJ/EG80=; b=OCsoyVpZqmscWpd32kAn nCjM19WueCrRJQ0TC7ZW4r9zzyuwB4Fsw21FjozOXEhrHlOZZu7deaPLbNLJ4zBW eqEH1MUfs8Pp693PDcrhuEq61TH50ePL/MtxJF5xaDfZrwcUsozuQbQTCVfDte6q dJ8mc24RgS06d8edxJSDLXg=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf-822@ietf.org; Mon, 05 May 2014 08:55:18 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from opensite.winserver.com (beta.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2403075811.3.2752; Mon, 05 May 2014 08:55:18 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=1666; t=1399294418; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=uxYzRCa 9JE6mZ9rEXJpSzQhPdYIBJ5775q1v/P1Z2js=; b=nI8+QThe9x+hR8dFYd+acrR 13njGQMYg3Awj5HW9abwuIOL2CHwjwb44mO4RcdRvISFxwt2SiUA8OVVsFmPvoFZ MOFeeBpa2+djxBVwoceeYn3ytEokSQ7j6yeKE14z2PC8sI0meiKRKWw9rEDEu//N Gt4PeMLPGF5ukPnPiFE0=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf-822@ietf.org; Mon, 05 May 2014 08:53:38 -0400
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2422594187.9.12888; Mon, 05 May 2014 08:53:37 -0400
Message-ID: <53678A34.5050003@isdg.net>
Date: Mon, 05 May 2014 08:55:16 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Russ Allbery <eagle@eyrie.org>, ietf-822@ietf.org
References: <5da0fca6-7eb3-4db6-8a71-16fce69e67e6@gulbrandsen.priv.no> <20140504140818.1545.qmail@joyce.lan> <01P7EMAI2KGG000052@mauve.mrochek.com> <alpine.BSF.2.00.1405041130500.1550@joyce.lan> <01P7EX4Z9V3U000052@mauve.mrochek.com> <87bnvcrkho.fsf@windlord.stanford.edu>
In-Reply-To: <87bnvcrkho.fsf@windlord.stanford.edu>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-822/O6d73Ml2lFDxIdzqMieSp9xR4hM
Subject: Re: [ietf-822] WSJ/gmail/ML, was a permission to...
X-BeenThere: ietf-822@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of issues related to Internet Message Format \[RFC 822, RFC 2822, RFC 5322\]" <ietf-822.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-822/>
List-Post: <mailto:ietf-822@ietf.org>
List-Help: <mailto:ietf-822-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 12:55:37 -0000

On 5/4/2014 11:07 PM, Russ Allbery wrote:
> Ned Freed <ned.freed@mrochek.com> writes:
>
>> Now, it's entirely possible that it will be done in a way that leaves
>> DMARC intact. But it is also possible that it will be done in ways that
>> leave DMARC in tatters.
>
>> And I for one am having a lot of trouble mustering up any sympathy if we
>> end up with the latter.
>
> +1
>
> Right now, I consider breaking DMARC signatures to be a feature, not a
> bug, and am acting accordingly in the maintenance of my mailing lists.
> Users who want reliable mailing list service can use a non-broken email
> provider.
>
> If we come up with something better, I'm happy to consider it.  But I'm
> not going to jump through hoops, or rewrite messages in broken and
> deceptive ways, just because Yahoo and AOL had a security problem that
> they want to externalize to the rest of the Internet.

But its everyone's security problem, Russ.  The List Service Provider 
(LSP) just felt it more now when the high volume of DKIM+POLICY usage 
switched was finally enabled.  It was always a known possibility by 
design to offer strong filtering for self-signing 
exclusive/restrictive policies. The LSP has refused to adjust to a 
long time mail integration change need.  It wanted to add raw 
DKIM-BASE for resigning, but it didn't want the baggage that it came 
with with author domain policy lookups or for any signer domain lookup 
methodology for that matter. This second layer simply hasn't 
materialize.  No one (other mail software vendors) wants to add the 
logic to Check Signing Practices from either the AUTHOR or the SIGNER.

Go figure.

-- 
HLS

v2.23.0 | Report a Bug | By Email