IETF Logo Mail Archive

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

"Murray S. Kucherawy" <superuser@gmail.com> Sun, 13 August 2023 02:00 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22CC4C14CE47 for <ietf-dkim@ietfa.amsl.com>; Sat, 12 Aug 2023 19:00:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hxexBRrj9l1r for <ietf-dkim@ietfa.amsl.com>; Sat, 12 Aug 2023 19:00:51 -0700 (PDT)
Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 422CAC14CEFE for <ietf-dkim@ietf.org>; Sat, 12 Aug 2023 19:00:51 -0700 (PDT)
Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-99bded9d93dso74108066b.1 for <ietf-dkim@ietf.org>; Sat, 12 Aug 2023 19:00:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691892049; x=1692496849; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=+LyVEz2zGRT2s/K8XeYZfzo6CRjiKYEXRDEOnB128jQ=; b=XeUMlZGMCQWZLsG+8eBvfDTOdZ9vzjDtOHhiKqIHoA99Q/+NiApietFiDmbdrsHxpR 27IVkTdnhEsqUkB2t5GoWXX4dPx4FtFGXdkwrgs/id7hBcRRCVGQ6/VCubg2HsHkp13w 6SAMPkYUDWak+uGKuhQP4OLvmyKH6hLhupCi2oLZK12T/44HavzJ6jkxMJw1fcgKa0vG 1XCjSHiK75TV/L+TikVmVVyoj+BRq+mHE+ZVqp5ysox+80dDSNe54AgV4fCMZ6kCpBu+ 8fmYMIHVTXe9ck5D72yMZ8oww4p+pjQriWRxsE2YvAx1jbhUuPvK+ceSwTOI5YSKXdOc AY/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691892049; x=1692496849; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+LyVEz2zGRT2s/K8XeYZfzo6CRjiKYEXRDEOnB128jQ=; b=QWOKQFGAbGMKEsEfqC0n2ZoTpJnnJJ53DDz0y03AUWKSN4RDpky/l2kSClGw/aT6KQ K3rIq7Apr4yL9cL6jk7cTcvmvF/MQUG8NZTFp1t3fyyETZ/JHvybrjBNAezKXK1T4Kpy 3n/H9+0ZhkWFzXMx87it0KD8u3zVsij2D0gGAKxT/Zusv4wf70kFzYjpYPk4h2brlzzh BNVVXDmazG+r8DnfbGeoz9IKo0oZZI5I6uwLuBDWwnIC4k0CCzPT92ZX97ZMrLZfCv/y pOALM2uCq+NCOgk7ajcNLxI8p6tBhZwSgDmO/O9HO4VcnbL0I/ZEekevl9PrIM7VE4jC CtJg==
X-Gm-Message-State: AOJu0YziQIpzscj7KrezftDH/yJZL6IIu58s0DLEFK2bf1vWM3xISoz4 IO2nVRM0dA5x0MjNzD0d616Emb0AugxOQIlgTY1Is2EONfs=
X-Google-Smtp-Source: AGHT+IHI3R7xv/7NQbk0AgV99FPBJFdv3u4lF5Wke7sxPjFOJ7hFIbzySdzWWOgJw9dqGorA8IMt0weytMTzwDFaHjs=
X-Received: by 2002:a17:906:7394:b0:99b:d682:f306 with SMTP id f20-20020a170906739400b0099bd682f306mr4155270ejl.4.1691892049207; Sat, 12 Aug 2023 19:00:49 -0700 (PDT)
MIME-Version: 1.0
References: <66CF1130-1BF9-40F2-BBAF-F3A49A5BC1C8@wordtothewise.com> <95c9c13c-de13-5688-abcc-531d58f8598d@dcrocker.net> <CALaySJ+jDUGw5y6Lnb7cSfcM+ESD8CFCyOq2cFB5YkDC8BYK+A@mail.gmail.com> <2063DBB7-10F9-4B05-8B60-023DAC0808AA@wordtothewise.com> <0bdf58a4-84a9-437a-b6e9-66910ebffb9b@app.fastmail.com> <B550D53E-25B2-468D-94CD-2C1333E2B186@wordtothewise.com> <CAAFsWK1zzH35NB5BiEJm+Hkqk0WdMgy2PH0hoRXRQJ=GJTGiLQ@mail.gmail.com> <CAFcYR_XVMBqGKppLhJFakYdJNUSManfh2ESjxc9JnWnKKJ38GA@mail.gmail.com> <0b06252d-73f5-4a8f-a830-25761ab7f063@app.fastmail.com> <CAFcYR_UORPD3NsYjVS9k6bOjX-AXDRaXSBQG3oNim0ApKiiGOg@mail.gmail.com> <CAL0qLwaNE8rWFLXjRk6yUVqmY9nzTNQ9JdeQE7-SR29cvWQ3NA@mail.gmail.com> <a506581d-56c8-4440-a2d9-7d045a7ab650@app.fastmail.com> <CAL0qLwYY=7LSyF4bcRCOWk6TCkdW+G63QatZJG5pFE-hB6FfpA@mail.gmail.com> <0526343d-0b31-4fce-b92a-3f44de19b150@app.fastmail.com> <31FEC684-2161-47D5-B022-9CF134AB8767@wordtothewise.com> <CAL0qLwatb6-egZ8+-LxE=4wc5q1xfr3xRwAjV=95vHgzwgX7fQ@mail.gmail.com> <20230809160632.VgxW6%steffen@sdaoden.eu> <CAL0qLwYJf2WyZ4jbDtFptkOghpAF7GPYkkCNnvHOqEkV_Sv4zw@mail.gmail.com> <9bbf617b-13c6-4be5-841f-2a36b702de51@app.fastmail.com> <20230811213456.hA9TD%steffen@sdaoden.eu> <5859b14f-64d3-4ad1-a322-c2ed927e64b4@app.fastmail.com> <20230812193147._ESNc%steffen@sdaoden.eu>
In-Reply-To: <20230812193147._ESNc%steffen@sdaoden.eu>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Sat, 12 Aug 2023 19:00:36 -0700
Message-ID: <CAL0qLwYxw9ax899KdfO4W+6O7+3mSEbkbJoab6TxzcNJzSL_wQ@mail.gmail.com>
To: ietf-dkim@ietf.org
Content-Type: multipart/alternative; boundary="0000000000009765420602c450a1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/JZOHlvL13Ith3SdF0bAJL3288H4>
Subject: Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Aug 2023 02:00:55 -0000

On Sat, Aug 12, 2023 at 12:31 PM Steffen Nurpmeso <steffen@sdaoden.eu>
wrote:

>  |> The aspect of DKIM-subsignatures revealing Bcc: presence (of 1+
>  |> recipients of a domain) if a Bcc: recipient replies to a message
>  |> that Murray Kucherawy adduced i obviously have not fully addressed
>  |> with my response.
>  |
>  |If I reply to a message that contains no Bcc header I am revealing \
>  |the fact that I received the message. I don't understand this issue. \
>
> So it is.  If you are the member of the blind carbon copy list,
> noone will know you have received the message until you reveal
> this yourself by replying to it.
>
> It is just that *if* per-recipient-host DKIM subsignatures would
> be used those subsignatures *could* be a vivid part of the
> message.  And despite all the trace fields which do exist they
> would add onto "that privacy issue".
>
> [...]
>

If I'm able to follow your "subsignatures" idea, this is a different
approach to what is ultimately the same method proposed in my draft(s)*,
namely binding the signature to the envelope recipient list.  It has the
same limitations, such as inability to tolerate any sort of envelope
rewriting, which includes simple aliasing/forwarding, and splitting of the
envelope if it had more than one recipient.

It seems to me that the notion of a subsignature per receiving domain
doesn't scale well to a single message that goes to hundreds or thousands
of domains, and a subsignature per recipient doesn't scale well to a single
message that goes to hundreds or thousands of recipients irrespective of
their domains.  In either case, it won't be long before we run into MTA
limitationsThe optimal case is generation of a single message, and
corresponding signatures, per recipient, but that means we fail to take
advantage of the "common factoring" feature of SMTP, with unknown aggregate
costs.  It's been argued that most email these days is single-recipient
anyway, so maybe some of this isn't a big deal, but we should collect some
data about that before proceeding with that as a general assumption.

You could sign a message such that it binds the message to a particular
sender domain and receiver domain, but in a target-rich environment like
Gmail or Yahoo, all I need is one such pair and I can replay to a pretty
huge number of users.

Lastly, I suggest that we've wandered pretty far afield from talking about
the problem statement document.

-MSK, participating

[*] I discovered that it seems we went through this exercise once before
about seven years ago, and the same idea came up then as now:
https://datatracker.ietf.org/doc/html/draft-kucherawy-dkim-rcpts-01

v2.23.0 | Report a Bug | By Email