Re: [Ietf-dkim] Rechartering
Dave Crocker <dcrocker@bbiw.net> Mon, 28 November 2022 16:34 UTC
Return-Path: <dcrocker@bbiw.net>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEE98C152596 for <ietf-dkim@ietfa.amsl.com>; Mon, 28 Nov 2022 08:34:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bbiw.net header.b=A0QdOm00; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=m81MpV5G
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KhsRrRRQc8Mp for <ietf-dkim@ietfa.amsl.com>; Mon, 28 Nov 2022 08:34:39 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F170C15258C for <Ietf-dkim@ietf.org>; Mon, 28 Nov 2022 08:34:39 -0800 (PST)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id B13B25C01AE; Mon, 28 Nov 2022 11:34:36 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Mon, 28 Nov 2022 11:34:36 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bbiw.net; h=cc :cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1669653276; x=1669739676; bh=1uEAFBdPxq uYzTh8GSBgrfPU1NkaHjbybeOPJi8mGZE=; b=A0QdOm008bimGeJKgBN+YXNug4 sHfg2slFRLsw3222E9443+BI45mSMsUCcVeJHNcF+7qIa53mR4b0KlzD9IMVCbcF 7nqkEuZ8x1u+PP0hBGruOFbWVfTd7tIYUEDZAy2sQjY4w3ZkMlHWnDEkII1LePku gxIzffkwcIkU4xwbyK37FIJ/pbdE8VcNLtsT+Wyy8pHKcbD/17CTNtGgbIpOmTYl OqwH9m2eCjzDYB6rWW0vWz03mVDJnDICXohZqv0d3H3Y6+zVThvIisXaxemxi5I3 YmOPYJFuzPLgma+7/Fbln4a1+KBij2l6N41KZFq//aSapKJtw+afSm9M6gmA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1669653276; x=1669739676; bh=1uEAFBdPxquYzTh8GSBgrfPU1Nka HjbybeOPJi8mGZE=; b=m81MpV5GCJeVWBemQUuhPK8gTtgkWteDr1DugzMFq+4q pctIo967lIwVUtGA8DMovKtfQESULy0HoZwUHc+slyuC6T2DATQ9tDgArlIEbDet XwM8AFayQMOOmZvABRDc9D3MtuBBDFU84K2hdPQMk+pHKaXhViX/18NeVtbh6lYk FeZNldI67ijkG2dwim1f0FVUoqha3dok6Ui0gddGBOLC7EtsTIgF31k1HazT3sWE KssqZSGIuFnpAd5TU9EiAykO/VZHo57DM6DjKaA/p2KcLwycH0ZszBRIl2rsvCqm CIUKFs3RGE5j+MGVAFNlz3XESIlm8yaYRNLmnksWTg==
X-ME-Sender: <xms:G-OEY4eFpjWjNDHvzMxdF80lXVAEv6qYIG5WMOcw8E6IOQ6LhVMUBg> <xme:G-OEY6NASOaJvYZbbBv-g-UkSTfLxlOIIi8nKULSm2nDNiCZ8fx1KpqdPBxfo2f5D z1BkaSjRGKIRil6FA>
X-ME-Received: <xmr:G-OEY5hPet7QqpMBW0d98CRXaRGMkzYjOGVj1Z2dYQITr8e5N7fhsO2p-XWUbpCKVCMOy7ydbWnHqqcHhXA8qcfMw2GYn-yMDKq63R3g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvgedrjedvgdeludcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurheptgfkffggfgfuvfevfhfhohgjsegrtd erredtfeejnecuhfhrohhmpeffrghvvgcuvehrohgtkhgvrhcuoegutghrohgtkhgvrhes sggsihifrdhnvghtqeenucggtffrrghtthgvrhhnpeetffffueegvdfhgeegudejvdeuhf fguddtvdeujeffudfgvddvkeejffeludeifeenucffohhmrghinhepsggsihifrdhnvght necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepuggtrh hotghkvghrsegssghifidrnhgvth
X-ME-Proxy: <xmx:HOOEY9_fmRKiDZLJnEDyu9wJcRarCWp28cdINlXPVH6lXRWFpsUaPg> <xmx:HOOEY0twfirJ2utho1Pq8_XYkFhHep3jus7ofF8eNtCigJJoOqaqXg> <xmx:HOOEY0HOw8BBb5DRzyShj9gnjZV1Q72mnLwg30DjMjjNezMU5bgRoA> <xmx:HOOEY63HeLbzS39woxE7RAM__9H8UKKqST8WI8fWHMvbkxImNpmv1A>
Feedback-ID: i16d9478d:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 28 Nov 2022 11:34:35 -0500 (EST)
Content-Type: multipart/alternative; boundary="------------d3mveqIjgt09vxSsQtz8BdKP"
Message-ID: <8be10cb2-d0ba-f3f2-9d2c-8890746d2eff@bbiw.net>
Date: Mon, 28 Nov 2022 08:34:34 -0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: Ietf-dkim@ietf.org
References: <CAL0qLwZQAtLyDoAXgFoaNmsm3CCrLESr=P8foWe_YybWmC=PjA@mail.gmail.com> <3d7deffe-3ace-6411-417f-541f383d1892@dcrocker.net> <CAL0qLwZiSm8iCHG590voh4d6n6KBj1rFT9PWCvVM8hjXRv76Ng@mail.gmail.com>
Content-Language: en-US
From: Dave Crocker <dcrocker@bbiw.net>
Organization: Brandenburg InternetWorking
In-Reply-To: <CAL0qLwZiSm8iCHG590voh4d6n6KBj1rFT9PWCvVM8hjXRv76Ng@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/GWPydGuV8prxkGF5iTkEOxvXMF4>
Subject: Re: [Ietf-dkim] Rechartering
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2022 16:34:44 -0000
On 11/28/2022 12:14 AM, Murray S. Kucherawy wrote: > On Sun, Nov 27, 2022 at 6:50 PM Dave Crocker <dhc@dcrocker.net> wrote: > > This does not provide any real understanding of how replay is > accomplished. And since it's easy to explain and doesn't take much > text, I'll again encourage including that in the document that > defines > the nature of the problem we will be working on, namely the charter. > > > Doesn't the "A DKIM-signed message can be re-posted, ..." sentence do > that? I pulled it from your suggested text for that very reason. > Maybe add something to the second sentence making clear the roles in > the attack? Your text: A DKIM-signed message can be re-posted, to a different set of recipients, without disturbing the signature's validity. This can be used to confound the engines that identify abusive content. If a reader is sufficiently knowledgeable and thoughtful, this text is probably sufficient. However... While a charter typically should not do deep tutorials, it does have a goal of being useful for a wide audience, such as helping to convince a manager that their company should participate. To that end, a bit of hand-holding in the charter can be helpful. * What does it take to achieve malicious reposting? Collaborating recipient. * How does this differ from non-malicious re-posting? Mostly it doesn't, except in scale of repostings. (And if I have that wrong, we should make sure we have solid wg understanding of the differences. And if there is not clear and immediate consensus about it, then developing it should be explicitly part of the charter, IMO.) * How does it 'confound' analysis engines? By using the reputation of a good source site and therefore by looking like it is legitimate. (Same parenthetical comments as the previous bullet.) Hence my text: A DKIM-signed message can be re-posted, to additional recipients, in a fashion that retains the original signature. With an author and a recipient collaborating, this can "replay" the message, using the original signer's reputation to propagate email with problematic content -- spam, phishing, and the like. Generally, the technical characteristics of this form of abuse match that of legitimate mail, making its detection or prevention challenging. Timestamps and carefully-tailored message signing conventions are appealing approaches to replay mitigation. Each has significant limitations. > > The DKIM working group will produce one or more technical > > specifications that > > describe the abuse and propose replay-resistant mechanisms that are > > compatible > > with DKIM's broad deployment. The working group may produce > documents > > describing > > relevant experimental trials first. > > This draft doesn't include the 'preservation of installed base' cover > text that Barry's had and I forgot to include in mine. I think it's > important. > > > I had intended "compatible with DKIM's broad deployment" to cover > exactly this. Should I word it differently? Looking over it less quickly, your text looks reasonable. However... Since this type of text is often important for controlling wg activity, I'll raise the question about the possible problem of having the wg decide that a significant change (not just addition) is needed that is NOT 'compatible'. Imagine something that is permitted now, but isn't used much, and creates problems. Making it no longer permitted might be helpful for dealing with the current problem, but, obviously, is not compatible with what is deployed, although actually affecting few activities. The challenge, then, is to document the goal of compatibility, without absolutely requiring it. Yours: The DKIM working group will produce one or more technical specifications that describe the abuse and propose replay-resistant mechanisms that are compatible with DKIM's broad deployment. Perhaps: The DKIM working group will produce one or more technical specifications that describe the abuse and propose replay-resistant mechanisms. The working group will seek compatibility with DKIM's broad deployment. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net mast:@dcrocker@mastodon.social
- [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Stephen Farrell
- Re: [Ietf-dkim] Rechartering Jon Callas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Jon Callas
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Jim Fenton
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Barry Leiba
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Evan Burke
- Re: [Ietf-dkim] Rechartering Todd Herr
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Todd Herr
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas