Re: [Ietf-dkim] Rechartering
"Murray S. Kucherawy" <superuser@gmail.com> Mon, 28 November 2022 08:14 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98D22C14CE57 for <ietf-dkim@ietfa.amsl.com>; Mon, 28 Nov 2022 00:14:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1B_Zws6gH9BE for <ietf-dkim@ietfa.amsl.com>; Mon, 28 Nov 2022 00:14:31 -0800 (PST)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80E54C14CEED for <Ietf-dkim@ietf.org>; Mon, 28 Nov 2022 00:14:31 -0800 (PST)
Received: by mail-ed1-x534.google.com with SMTP id z20so14316314edc.13 for <Ietf-dkim@ietf.org>; Mon, 28 Nov 2022 00:14:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ip/Oa63cKulQWamxJAD7bE/F1qiAMOTSOiy+gW8p4ME=; b=CVKZ3oMuy/ruAFPtD+VlfsIUGnIAm2ycTWWGjlaqrRVyHw5XnC97H/VGfnj07CBLhk beM2y4lEmxD9Il+9KP6E88JSTmEh1Pj4eRDgUuKmOcwC5qwdreMC//48OARXl7x2hjQF wOgfGMFLvu71I7SfndQbAe2TadFzUSgBWGLmLQI0zPQQkxEhag0nm5/ST16ytlWaIf7d iBsgoZHg5zGu0Ew7ZTlX4MgnHhjy9Mw9n6r1Npx1CsRNIpNq/ZyurUOElApFe6ZBaXow BvzUHC4bDgieNMlwVfGS/NIjpwz63wq34ouQUgaVFDnYd9DZkJKp11K9U38WhAbPydoX 7SYg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ip/Oa63cKulQWamxJAD7bE/F1qiAMOTSOiy+gW8p4ME=; b=MXwDJOhfzVivEI2CbhPIesLrJwOmRKFjCs7SU2/JJQn7DX/MIAMB3wWhm+XnABYayx +VnIwZ5mBS9krvCGmkN9P86yCJZinHXD3WJ+Xura6eZhjnn7xN8p4K4v4hPz5XpqQ5g3 6YL7JFmcrH+1OEYRxO8TSst71x6dwjlWOF5g88EnPoxHgWi3rOUF0J5hl47WE4riRqrH YCnGkAB6CJ0Q7PXua8hSbxRQS5955iMifh+vDymUC70Q/RhSzNSFyqErPgxtE06qNSFS y1VCASZx9jrAJK6wm1tkNerIoaJ5MYkZZJ4PXpGLzTryZYNMQZ5uvEhFzXyda2vrIyDc 0NFA==
X-Gm-Message-State: ANoB5pk2uMWb/YYXg1O36c5yuTJdcGtMxQz/tkAQmQw8odzIdgIYLgg8 R1k+Cw2drmBHsrRW4FzQpxAYLQ1pkBm5B6ymr1/aohOK
X-Google-Smtp-Source: AA0mqf7Ap4yP0c0XsqZPm+cXkN67px2g3g+IJJr5Enkm6NyI8qtNmUB0e7ycZrpATUsGlL6/sySA6+5J2At+3Z3OKj8=
X-Received: by 2002:aa7:cd99:0:b0:462:719:3372 with SMTP id x25-20020aa7cd99000000b0046207193372mr46586133edv.361.1669623269596; Mon, 28 Nov 2022 00:14:29 -0800 (PST)
MIME-Version: 1.0
References: <CAL0qLwZQAtLyDoAXgFoaNmsm3CCrLESr=P8foWe_YybWmC=PjA@mail.gmail.com> <3d7deffe-3ace-6411-417f-541f383d1892@dcrocker.net>
In-Reply-To: <3d7deffe-3ace-6411-417f-541f383d1892@dcrocker.net>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Mon, 28 Nov 2022 00:14:17 -0800
Message-ID: <CAL0qLwZiSm8iCHG590voh4d6n6KBj1rFT9PWCvVM8hjXRv76Ng@mail.gmail.com>
To: dcrocker@bbiw.net
Cc: Ietf-dkim@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e4a15105ee837503"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/Qi9sJwgA12mTWbdo9H9pqRucJao>
Subject: Re: [Ietf-dkim] Rechartering
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2022 08:14:33 -0000
On Sun, Nov 27, 2022 at 6:50 PM Dave Crocker <dhc@dcrocker.net> wrote: > On 11/27/2022 6:30 PM, Murray S. Kucherawy wrote: > > Domain Keys Identified Mail (DKIM, RFC 6376) defines a mechanism for > > using a digital signature to associate a domain identity with an email > > message in a secure way, and to assure receiving domains that the > > message has > > not been altered since the signature was created. Receiving systems > > Again: DKIM does not assure that the message has not been altered. It > assures only the covered portions of the message. > > That's not a small difference in data integrity protection. > OK, I'll add that in. > > A DKIM-signed message can be re-posted, to a different set of > > recipients, without > > disturbing the signature's validity. This can be used to confound the > > engines that > > identify abusive content. RFC 6376 identified a risk of these > > "replay" attacks, but > > at the time did not consider this to be a problem in need of a > > solution. Recently, > > the community has decided that it has become enough of a problem to > > warrant being revisited. > > This does not provide any real understanding of how replay is > accomplished. And since it's easy to explain and doesn't take much > text, I'll again encourage including that in the document that defines > the nature of the problem we will be working on, namely the charter. > Doesn't the "A DKIM-signed message can be re-posted, ..." sentence do that? I pulled it from your suggested text for that very reason. Maybe add something to the second sentence making clear the roles in the attack? > > The DKIM working group will produce one or more technical > > specifications that > > describe the abuse and propose replay-resistant mechanisms that are > > compatible > > with DKIM's broad deployment. The working group may produce documents > > describing > > relevant experimental trials first. > > This draft doesn't include the 'preservation of installed base' cover > text that Barry's had and I forgot to include in mine. I think it's > important. > I had intended "compatible with DKIM's broad deployment" to cover exactly this. Should I word it differently? -MSK
- [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Stephen Farrell
- Re: [Ietf-dkim] Rechartering Jon Callas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Jon Callas
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Jim Fenton
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Barry Leiba
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Evan Burke
- Re: [Ietf-dkim] Rechartering Todd Herr
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Todd Herr
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas