Re: [Ietf-dkim] Rechartering
Dave Crocker <dhc@dcrocker.net> Mon, 28 November 2022 02:50 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDF4CC14CEEA for <ietf-dkim@ietfa.amsl.com>; Sun, 27 Nov 2022 18:50:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dcrocker.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g6T5iySkl8iW for <ietf-dkim@ietfa.amsl.com>; Sun, 27 Nov 2022 18:50:28 -0800 (PST)
Received: from hamster.birch.relay.mailchannels.net (hamster.birch.relay.mailchannels.net [23.83.209.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24FE8C14F607 for <Ietf-dkim@ietf.org>; Sun, 27 Nov 2022 18:50:27 -0800 (PST)
X-Sender-Id: hostingeremail|x-authsender|dhc@dcrocker.net
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id B147341324 for <Ietf-dkim@ietf.org>; Mon, 28 Nov 2022 02:50:26 +0000 (UTC)
Received: from gcp-us-central1-a-smtpout2.hostinger.io (unknown [127.0.0.6]) (Authenticated sender: hostingeremail) by relay.mailchannels.net (Postfix) with ESMTPA id 0783C41386 for <Ietf-dkim@ietf.org>; Mon, 28 Nov 2022 02:50:25 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1669603826; a=rsa-sha256; cv=none; b=PwGpGmvcCEdSiC9ycy4AWE34nNOA2zC62k18lrH6+YEjnaIZLc1BgYeVi3f7OPKAL33Qsd XPqPmz1QsF1MPmaZQHbx63fVP90lpczU0/0JCl/AJKqJOPUDJhWorkguLHCTUTAvvdRmCz XR2WISxjGA/5TEX04wMq5HhsQYGD5Iqk6W1x9Bl1D//JVTgeZIaz/0SJskRpMOCPb5cLZk EWpasQzNdMdcbyViaBCV1FKpACnVgykZg9SpdklzUGu26mOWxM2rdxP+66v/VBcRYP1F9d gIQeQg2MSkZevfTFSZ7siKs74hJNTuUssfrCg23jzEB79vFlgEClDIjIRmnTnQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1669603826; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=nAYbl1BTeaVp8blaHHL0ngkywKLZ1qdoo0gZBRwjQxM=; b=4CDFR+c7MPn5rL+1v8pont3HvdnJ3UDlyZ/bqfy3JihgygKR8E4H/PzgaaW+CjaeybxwU8 4uFvQqgfsyTzZlcjhUEZy4Vgw+ODugZXbZc4RfYbSyv0RIQpG4+D02kSwt3H/XLODnJlKm JlM5gr9oDMFP8P45pew1ncjDCqmjWDMR0AsmwFIINutkvbRSY0Ejkr1d1FQi9K5OcgHsIr 5r8caIH53eXaUxNoXGz6t6wKnTh6KrRhyy47sNs5xTnc8NamfayAF8+8ou22nqIIzXVIgg VARwP67O6sQBarkMRnTPrw0b0Kiel5vzlJEgkNUArMqaCnNKZa7sBN73YumNeQ==
ARC-Authentication-Results: i=1; rspamd-84789cff4b-5sz77; auth=pass smtp.auth=hostingeremail smtp.mailfrom=dhc@dcrocker.net
X-Sender-Id: hostingeremail|x-authsender|dhc@dcrocker.net
X-MC-Relay: Neutral
X-MailChannels-SenderId: hostingeremail|x-authsender|dhc@dcrocker.net
X-MailChannels-Auth-Id: hostingeremail
X-Illustrious-Battle: 06bdb2c60b15b2aa_1669603826371_502632286
X-MC-Loop-Signature: 1669603826371:3059503542
X-MC-Ingress-Time: 1669603826371
Received: from gcp-us-central1-a-smtpout2.hostinger.io (gcp-us-central1-a-smtpout2.hostinger.io [35.192.45.35]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.196.241 (trex/6.7.1); Mon, 28 Nov 2022 02:50:26 +0000
Received: from [192.168.0.109] (c-73-170-122-71.hsd1.ca.comcast.net [73.170.122.71]) (Authenticated sender: dhc@dcrocker.net) by smtp.hostinger.com (smtp.hostinger.com) with ESMTPSA id 4NL91k0LkHz7W9QY; Mon, 28 Nov 2022 02:50:17 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dcrocker.net; s=hostingermail-a; t=1669603818; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nAYbl1BTeaVp8blaHHL0ngkywKLZ1qdoo0gZBRwjQxM=; b=Y8i+oA2q/YjW1jql5xsmnSAnQhvlgFonTuM73XmSrEqV4a/bU/zkMJZTmrYRY40VrFje+Y 7CVeCax5jEZFK+XVOLxxhd1YRCf8/AZ79O/qpJ+Ocn0jnzsnnUOFgX3PEDGQNMR/zQkldI ms+8sXpVIuTMmPoHY8vL5IhCWQe31CcoIVWJle3+8mys+RKR1BO8h0qvY9t96+hRPcO3FD 26J9nsCtO59jdPAKpmo7/7h7ApBpnvTLxj+Ty+8e+LYlezg1snrQWrp5rkhCr7uS8kCUt2 4I/CHgZaf9J32/6h/q4h9RklwQh79SW7VgZfElWBhh8PihECy7yIp9wWI9Kcyg==
Message-ID: <3d7deffe-3ace-6411-417f-541f383d1892@dcrocker.net>
Date: Sun, 27 Nov 2022 18:50:16 -0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0
Reply-To: dcrocker@bbiw.net
Content-Language: en-US
To: "Murray S. Kucherawy" <superuser@gmail.com>, Ietf-dkim@ietf.org
References: <CAL0qLwZQAtLyDoAXgFoaNmsm3CCrLESr=P8foWe_YybWmC=PjA@mail.gmail.com>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
In-Reply-To: <CAL0qLwZQAtLyDoAXgFoaNmsm3CCrLESr=P8foWe_YybWmC=PjA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-CM-Analysis: v=2.4 cv=HP7Qq6hv c=1 sm=1 tr=0 ts=638421ea a=RWeyNHkVnTTD7ejqcR0qZA==:117 a=RWeyNHkVnTTD7ejqcR0qZA==:17 a=IkcTkHD0fZMA:10 a=k7Ga1wGzAAAA:8 a=EIJ4esZPYy6E_daqBV4A:9 a=QEXdDO2ut3YA:10 a=ijMaxGghyylP-n2pFjDB:22
X-CM-Envelope: MS4xfDbu8/7Znm2trWqaJK3sT9ADg1BT6aDI86zk57Z7zTJ5olvPh+Ju67xbEURCg0CH/sP2aZ9LYawxy8w20NWvXsHdVw5sShSRErTBeOT2bi6yTWunQzi/ nbIcP2+ay6aZqm8Lx6Z77znFN+EXtsZpgXm67VEamL7AxHKtMCvUfWQgL00Vb3003YpUcJfjF1ZvRtDWjoER2CWCTMp5FL/HUEw=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/ru_FgO8cq6Ldzex5E8Rs348B4HQ>
Subject: Re: [Ietf-dkim] Rechartering
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2022 02:50:32 -0000
On 11/27/2022 6:30 PM, Murray S. Kucherawy wrote: > Domain Keys Identified Mail (DKIM, RFC 6376) defines a mechanism for > using a digital signature to associate a domain identity with an email > message in a secure way, and to assure receiving domains that the > message has > not been altered since the signature was created. Receiving systems Again: DKIM does not assure that the message has not been altered. It assures only the covered portions of the message. That's not a small difference in data integrity protection. > can use this information as part of their message-handling decision. > This can help reduce spam, phishing, and other unwanted or malicious > email. > > A DKIM-signed message can be re-posted, to a different set of > recipients, without > disturbing the signature's validity. This can be used to confound the > engines that > identify abusive content. RFC 6376 identified a risk of these > "replay" attacks, but > at the time did not consider this to be a problem in need of a > solution. Recently, > the community has decided that it has become enough of a problem to > warrant being revisited. This does not provide any real understanding of how replay is accomplished. And since it's easy to explain and doesn't take much text, I'll again encourage including that in the document that defines the nature of the problem we will be working on, namely the charter. Really, it's not asking a lot to identify the role of the collaborating recipient and possibly a bit more. This makes the charter more directly useful to circulate widely and be understand in substance, without requiring the reader to either already know the topic or to forage for other documents. > The DKIM working group will produce one or more technical > specifications that > describe the abuse and propose replay-resistant mechanisms that are > compatible > with DKIM's broad deployment. The working group may produce documents > describing > relevant experimental trials first. This draft doesn't include the 'preservation of installed base' cover text that Barry's had and I forgot to include in mine. I think it's important. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net mast:@dcrocker@mastodon.social
- [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Stephen Farrell
- Re: [Ietf-dkim] Rechartering Jon Callas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Jon Callas
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Laura Atkins
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Jim Fenton
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Scott Kitterman
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Barry Leiba
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Evan Burke
- Re: [Ietf-dkim] Rechartering Todd Herr
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Todd Herr
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Wei Chuang
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Michael Thomas
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Alessandro Vesely
- Re: [Ietf-dkim] Rechartering Dave Crocker
- Re: [Ietf-dkim] Rechartering Murray S. Kucherawy
- Re: [Ietf-dkim] Rechartering Michael Thomas