IETF Logo Mail Archive

Re: [Ietf-dkim] Tolerating Mailing-List Modifications I-D

Grant Taylor <gtaylor@tnetconsulting.net> Thu, 13 July 2023 03:33 UTC

Return-Path: <gtaylor@tnetconsulting.net>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 306FEC13AE35 for <ietf-dkim@ietfa.amsl.com>; Wed, 12 Jul 2023 20:33:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tnetconsulting.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ANppxt8coJ9T for <ietf-dkim@ietfa.amsl.com>; Wed, 12 Jul 2023 20:33:51 -0700 (PDT)
Received: from tncsrv06.tnetconsulting.net (tncsrv06.tnetconsulting.net [IPv6:2600:3c00:e000:1e9::8849]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B33B9C13AE32 for <ietf-dkim@ietf.org>; Wed, 12 Jul 2023 20:33:49 -0700 (PDT)
Received: from Contact-TNet-Consulting-Abuse-for-assistance by tncsrv06.tnetconsulting.net (8.15.2/8.15.2/Debian-3) with ESMTPSA id 36D3Xln4015648 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <ietf-dkim@ietf.org>; Wed, 12 Jul 2023 22:33:48 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tnetconsulting.net; s=2019; t=1689219228; bh=GinHpWTelTSTemz0PkhcLaV9E/2LCUOP+CQW3DXXFZI=; h=Message-ID:Date:MIME-Version:User-Agent:Subject:Content-Language: To:References:From:In-Reply-To:Content-Type: Content-Transfer-Encoding:Cc:Content-Disposition:Content-Language: Content-Transfer-Encoding:Content-Type:Date:From:In-Reply-To: Message-ID:MIME-Version:References:Reply-To:Resent-Date: Resent-From:Resent-To:Resent-Cc:Sender:Subject:To:User-Agent; b=ushZUMALipeIF0rh7diCDISIZd3sZdm3gXfwF5Cnfxbkx5e1f/1rvy6Oa2ELvQjNW 35eQEuL+umNAlvcTyhpl0C9TIzEV2cDVWRovoAYq8nh4wwTS2rcrPMlWLkn/jXutbN rLWqhL2biWVNjkosW4RBz/TdKW/1z/J8GX8DAYKE=
Message-ID: <f666878f-9825-bc82-6ec4-2ea491e4f702@tnetconsulting.net>
Date: Wed, 12 Jul 2023 22:33:44 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0
Content-Language: en-US
To: ietf-dkim@ietf.org
References: <CAAFsWK20SojKgKjQB2MEuPh42ac5ta5bOhnHL8xPsidAigSOhQ@mail.gmail.com>
From: Grant Taylor <gtaylor@tnetconsulting.net>
In-Reply-To: <CAAFsWK20SojKgKjQB2MEuPh42ac5ta5bOhnHL8xPsidAigSOhQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/dr7J1NVNXknKGxk2IS_zY_iBhh4>
Subject: Re: [Ietf-dkim] Tolerating Mailing-List Modifications I-D
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jul 2023 03:33:56 -0000

On 7/12/23 9:26 AM, Wei Chuang wrote:
> Hi folks,

Hi Wei,

> Being able to reverse mailing-list message modifications to repair 
> the message and enable digital signature verification, would resolve 
> a significant roadblock for further DMARC deployment.  Potentially it 
> would allow better attribution of which party contributed which 
> content in the message.  I propose some ideas around reversible 
> mailing-list message modifications in: 
> https://datatracker.ietf.org/doc/html/draft-chuang-mailing-list-modifications-00. 
>  These modifications are: 1) prepending a description string to the 
> Subject header, 2) rewriting the From header, 3) removing the 
> original DKIM-Signature and 4) appending a footer to the message 
> body.  (Apologies that -00 draft is still in a rough form)

N.B. I've not read draft-chuang-replay-resistant-arc yet.

I have some questions:

1)  Why limit the supported modifications to the four listed above?

2)  What if we turned the problem on it's head and instead of recording 
old values along with the new values, instead we record the new values 
and the permutation used to derive the new values.

Consider:

    2 + 3 = 5

to be:

    O + C = N

Instead of recording O and N as headers, what if we recorded C and N?

Would recording the Change method -- dare I say -- regular expression -- 
for want of a better example for discussion -- make reverting the change 
simpler?

Old:

    Subject:  This is a test

Change:

    s/^Subject:\s+\(.*\)$/Subject:  [ietf-dkim] \1/

New:

    Subject:  [ietf-dkim] This is a test

I would think that it would be possible to mutate the RE to reverse the 
change.  E.g.:

New:

    Subject:  [ietf-dkim] This is a test

Change-Back:

    s/^Subject:  [ietf-dkim]  \(.*\)/Subject:  \1/

Original:

    Subject:  This is a test

I absolutely agree that regular expressions have problems and may open 
up a can of worms.  I'm mostly using them as a place holder for 
something, maybe a dialect of BNF, to describe the change.

I would think that such descriptions of 1) what was changed and 2) how 
the change was made would be more flexible than specifying specific 
things supported.

I'm going to assume that you have thought of this and have a perfectly 
valid reason to not do it that I'm ignorant of.  If you can, please 
enlighten me as to why such delta descriptions might not work.



Thank you and have a good day,

Grant. . . .

v2.23.0 | Report a Bug | By Email