Re: [ietf-dkim] [dmarc-ietf] a slightly less kludge alternative to draft-kucherawy-dmarc-rcpts
Michael Storz <Michael.Storz@lrz.de> Wed, 23 November 2016 16:37 UTC
Return-Path: <ietf-dkim-bounces@mipassoc.org>
X-Original-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Delivered-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58D02129F46 for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Wed, 23 Nov 2016 08:37:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.791
X-Spam-Level:
X-Spam-Status: No, score=-1.791 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=lrz.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Z8NSLdN-YCv for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Wed, 23 Nov 2016 08:37:20 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAFC7129F44 for <ietf-dkim-archive@ietf.org>; Wed, 23 Nov 2016 08:37:20 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [127.0.0.1]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id uANGbIE5004867; Wed, 23 Nov 2016 08:37:20 -0800
Authentication-Results: simon.songbird.com; dkim=fail reason="verification failed; unprotected key" header.d=lrz.de header.i=@lrz.de header.b=Gp8eCX+t; dkim-adsp=none (unprotected policy); dkim-atps=neutral
Received: from postout2.mail.lrz.de (postout2.mail.lrz.de [129.187.255.138]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id uANGbEnU004863 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <ietf-dkim@mipassoc.org>; Wed, 23 Nov 2016 08:37:16 -0800
Received: from lxmhs52.srv.lrz.de (localhost [127.0.0.1]) by postout2.mail.lrz.de (Postfix) with ESMTP id 3tP7JF6hQhzyjv for <ietf-dkim@mipassoc.org>; Wed, 23 Nov 2016 17:36:13 +0100 (CET)
Authentication-Results: postout.lrz.de (amavisd-new); dkim=pass (2048-bit key) reason="pass (just generated, assumed good)" header.d=lrz.de
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lrz.de; h= user-agent:message-id:references:in-reply-to:subject:subject :from:from:date:date:content-transfer-encoding:content-type :content-type:mime-version:received:received:received; s= postout; t=1479918973; bh=xHzUADNRMYDBz/xcmVbPKzZMtZLgpcE8PNJJvO 7xnGU=; b=Gp8eCX+t13QOG0YRmyGlj9Sw65wlgN1wlFoBHxDbKzBcROcfm9SPgp AL901VQKXvuxyka+FYK9jZca/lHnjdPN0vabFBZkULOS4u5RZ14EYhPCZR18QHT1 5/fF0Io8Fl4ZKk8bYqgOLCz/zFRiZ98pShz4Spp2lGaQBdvHxa8P7flQs83a0vHi wtuM0GH63V/71PpnlLLh/9V13YxwQTaBuw+ar4O7m14bN0L6MVzcYKM4RtZKHEfD Os0C7pKO3prxL8ab2MMHDsMGmJ3EFWpI/+0YqWEFgjuKhYCyNqdZ+wWEhtNS2itq RFaLLS4ediIRTJ/ZCmKbzF+1i4LpiTSQ==
X-Virus-Scanned: by amavisd-new at lrz.de in lxmhs52.srv.lrz.de
Received: from postout2.mail.lrz.de ([127.0.0.1]) by lxmhs52.srv.lrz.de (lxmhs52.srv.lrz.de [127.0.0.1]) (amavisd-new, port 20024) with LMTP id PHiOeQmmZTNQ for <ietf-dkim@mipassoc.org>; Wed, 23 Nov 2016 17:36:13 +0100 (CET)
Received: from roundcube.lrz.de (roundcube.lrz.de [IPv6:2001:4ca0:0:103::81bb:ff93]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by postout2.mail.lrz.de (Postfix) with ESMTPSA id 3tP7JF0BsVzyjh for <ietf-dkim@mipassoc.org>; Wed, 23 Nov 2016 17:36:13 +0100 (CET)
Received: from badwlrz-clmst04.ws.lrz.de ([129.187.15.169]) by roundcube.lrz.de with HTTP (HTTP/1.1 POST); Wed, 23 Nov 2016 17:36:12 +0100
MIME-Version: 1.0
Date: Wed, 23 Nov 2016 17:36:12 +0100
From: Michael Storz <Michael.Storz@lrz.de>
To: Ietf Dkim <ietf-dkim@mipassoc.org>
In-Reply-To: <alpine.OSX.2.11.1611221112240.31864@ary.qy>
References: <alpine.OSX.2.11.1611142158000.21738@ary.local> <CAL0qLwazAg2UJvGAr+nx8R_xEbc4xV0ttPEWFKUD69u6xXaMhA@mail.gmail.com> <CAL0qLwaMzy=qeW5XYZ_txPaiYE27Oof+C5V1uRANvv-_cayOcQ@mail.gmail.com> <CY1PR00MB0107389F8FE73F140849A19996BE0@CY1PR00MB0107.namprd00.prod.outlook.com> <2736ea21-69e6-83b1-3b59-377c032290b5@dcrocker.net> <CY1PR00MB01072F4EB32969888104C45196BE0@CY1PR00MB0107.namprd00.prod.outlook.com> <CAL0qLwbdNVwT-xiCmxyhSqKcp4-hCA1COHKh0wdYrYEekzZ=XA@mail.gmail.com> <3009defcc6dc9043823618dbc338460d@xmail.mwn.de> <CAL0qLwbvqABZGsm2Hp20y8wgvQTKvPn+EBKiS37eMrp+9NemjA@mail.gmail.com> <da2e49df90980fe460d1effd7734ef42@xmail.mwn.de> <CAL0qLwbA6Vjqpi5hGOtbpLV9FwgDO3VVA=Q5GgAU9F0qOsQCNQ@mail.gmail.com> <63a2bfc52a81eb569a0af5e1699390d9@xmail.mwn.de> <CAL0qLwZ42=GFDRm7H0qQ_7bczY8CPQaEuSUfgFEbO_Y5+5YvqA@mail.gmail.com> <b92d042d6be905ffd4bc43ea510571c2@xmail.mwn.de> <alpine.OSX.2.11.1611190918490.1508@ary.qy> <4dca1c28f61e89a1f5c2690e4786a38b@xmail.mwn.de> <alpine.OSX.2.11.1611221112240.31864@ary.qy>
Message-ID: <247ab64ac04ee698d4c5099a0f0c4820@xmail.mwn.de>
X-Sender: Michael.Storz@lrz.de
User-Agent: Roundcube Webmail/1.2.0
Subject: Re: [ietf-dkim] [dmarc-ietf] a slightly less kludge alternative to draft-kucherawy-dmarc-rcpts
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim/>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Transfer-Encoding: base64
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Errors-To: ietf-dkim-bounces@mipassoc.org
Sender: ietf-dkim <ietf-dkim-bounces@mipassoc.org>
Am 2016-11-22 17:14, schrieb John R. Levine: >>> I'm with Murray -- why is this a problem? Single recipient has been >>> the de-facto standard for years, and unless you are extremely >>> bandwidth constrained, it's faster. >> >> No, it's not faster, see my answer to Murray. It's wasting a lot of >> ressources. > > People who've measured say the elapsed time is faster, and the extra > bytes on the wire don't matter. This is an old argument, and not one > you're going to win. Could it be, that we are talking about different things? I have no idea what these people measured. I can only talk for my site. Splitting all my internal traffic into single-recipient emails would mean an increase of 55%. If our mail servers would receive only single-recipient emails from the internet the traffic would increase by 13%. The processing of an email generates directly real cost in form of electricity and cooling etc. which has to be payed with real money. Processing all these additional traffic will give me no advantage but cost me real money. We try to avoid wasting ressources, Green IT is an important thing at our site, see http://www.lrz.de/wir/green-it_en/ > >> John, did you read my email? The whole text is about how the leakage >> of the BCCs can be prevented and the feature of a multi-recipient >> email be preserved. If you see an error in the algorithm, please >> explain. > > See previous messages, particularly the ones from Ned Freed. Any sort > of multi-recipient signing is subject to guessing attacks. Since this approach uses Neds alternative 0) b) for the BCC recipients no information about BCCs is leaked. This is the part where single-recipient emails are needed. But all other recipients can be put together into one email because their addresses are already recorded in the various header fields. > > This isn't saying that signing the recipient is a good idea, but > signing them individually is no worse than signing them together and > avoids the leakage. > > Regards, > John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for > Dummies", > Please consider the environment before reading this e-mail. > https://jl.ly Michael _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… ned+dkim
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Rolf E. Sonneveld
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Martijn Grooten
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Scott Kitterman
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… John R. Levine
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Alessandro Vesely
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Hector Santos
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Alessandro Vesely
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Alessandro Vesely
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… MH Michael Hammer (5304)
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Hector Santos
- [ietf-dkim] Intended status (was: Re: [dmarc-ietf… Rolf E. Sonneveld
- Re: [ietf-dkim] Intended status (was: Re: [dmarc-… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… MH Michael Hammer (5304)
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Scott Kitterman
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Hector Santos
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… John R. Levine
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Brandon Long
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… John R. Levine
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Brandon Long
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… John R. Levine
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Michael Storz
- Re: [ietf-dkim] [dmarc-ietf] a slightly less klud… Murray S. Kucherawy