Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)
Hector Santos <hsantos@isdg.net> Wed, 16 July 2014 15:30 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E2C61B29A4 for <ietf@ietfa.amsl.com>; Wed, 16 Jul 2014 08:30:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.002
X-Spam-Level:
X-Spam-Status: No, score=-102.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LiL5Tg2K3NzA for <ietf@ietfa.amsl.com>; Wed, 16 Jul 2014 08:30:31 -0700 (PDT)
Received: from mail.winserver.com (dkim.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 789941B29AF for <ietf@ietf.org>; Wed, 16 Jul 2014 08:30:31 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=2904; t=1405524622; h=Received:Received: Subject:From:Message-Id:Date:To:Organization:List-ID; bh=sAjojdN 5C/6Xy/Ig/QYjqQuoaCc=; b=Z1cOlBz8DHnt00nPJXvmTbZZQjS6SNznHrAHDsU 2edvxpxiglk3fjMC3qtUVUXrKvRrtnsuwmOWylZLFpXMYbVj5+wSIE0+TE35+w17 Mk66OOllDMPOLZd7xihSQJ/slBfFhZKd0/rf/7LL0ZtS0eEdgk/cqMu2u7p6WSWd 3tDY=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Wed, 16 Jul 2014 11:30:22 -0400
Received: from [192.168.1.221] (99-72-160-212.lightspeed.miamfl.sbcglobal.net [99.72.160.212]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 709741931.65.5424; Wed, 16 Jul 2014 11:30:21 -0400
Subject: Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)
References: <20140714164212.22974.20340.idtracker@ietfa.amsl.com> <01PA7DC3IFS0007ZXF@mauve.mrochek.com> <53C592C8.6050506@dcrocker.net> <2055119.KbR20u4qsL@scott-latitude-e6320> <53C605A4.4060102@dcrocker.net> <65905ba3-b0d3-4394-9d4d-5797a8b6150b@email.android.com>
From: Hector Santos <hsantos@isdg.net>
Content-Type: text/plain; charset="us-ascii"
X-Mailer: iPad Mail (11B651)
In-Reply-To: <65905ba3-b0d3-4394-9d4d-5797a8b6150b@email.android.com>
Message-Id: <8A833775-A46C-4E28-A369-1E4AFB468E5C@isdg.net>
Date: Wed, 16 Jul 2014 11:30:18 -0400
Cc: "ietf@ietf.org" <ietf@ietf.org>
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
X-Comment: Missing recipient address appended by wcSMTP router.
To: ietf@ietf.org
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/3ERsfTC4p36W6xVzDTBlfnPpnhs
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jul 2014 15:30:34 -0000
> On Jul 16, 2014, at 7:49 AM, Scott Kitterman <scott@kitterman.com> wrote: > >> On July 16, 2014 12:55:00 AM EDT, Dave Crocker <dhc@dcrocker.net> wrote: >>> On 7/15/2014 8:55 PM, Scott Kitterman wrote: >>> I think, despite all your assertion by distant authorities, it may be >> that >>> something involving U/I requirements (not design, I agree that's out >> of scope) >>> may be part of the least bad solution we have to the problems the WG >> is going >>> to be chartered to solve. >> >> >> 1. What sort of 'proximity' do you require, before you can be swayed by >> authoritative information? >> >> 2. By 'least bad', it appears that you mean it is ok to standardize >> something that is known not to work, to the extent that the end user is >> expected to be part of the decision process.s > DMARC is already fielded and being standardized. Much of the work of this WG is about mitigating the side effects of this. So in this case, least bad solution still wins (which may be write a BCP and declare victory, I don't know). > > DMARC itself is already known not to work for common standard mail flows. This is an effort that is devoid of solutions that don't have at least some significant downside. The working group is going to have to figure out which downside hurts the least. > -1. The simplest solution has always been the policy lookup with the language to support all the boundary conditions. This is the most feasible protocol complete solution. The policy themselves, which must be all honored for this to work, will vary in effectiveness, it's payoff. The more relaxed, the greater the redundancy and waste you have in the process. The higher the strength, the higher the payoff, including the pains of restricting the resigner who wishes to continue to exist in the blind. The problem is not in the concept, but that DMARC was never protocol complete. Its reporting offered the "confirmation" for the proof of concept, but it was done on the basis that "no one" will ever enforce this stuff. The resistance seems to be a learning and "big data" problem among the fewer but larger ESP. This should be a separate WG or DKIM data work. This small group already seems to have lost the focus of what the problem always was and the 9 years of vested R&D. Work thrown out by a very unpopular rough consensus was wrong in their mail operations presumptions. At the very least, the charter should revisit the threat analysis RFC and the functional requirement RFC to see where it went wrong and corrections are made. I maintained the 1st vs 3rd party corollary added in rfc5016, section 5.3 item 10, created the genesis of the conflict we have today. This problem will not go away until we confront this conflict. -- Hector Santos http://www.santronics.com
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- Re: WG Review: Domain-based Message Authenticatio… Viktor Dukhovni
- Re: WG Review: Domain-based Message Authenticatio… Douglas Otis
- Re: WG Review: Domain-based Message Authenticatio… Viktor Dukhovni
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- Re: WG Review: Domain-based Message Authenticatio… Viktor Dukhovni
- not really to do with Re: WG Review: Domain-based… t.p.
- Re: not really to do with Re: WG Review: Domain-b… Viktor Dukhovni
- Re: WG Review: Domain-based Message Authenticatio… John Levine
- Re: not really to do with Re: WG Review: Domain-b… ned+ietf
- Re: not really to do with Re: WG Review: Domain-b… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- RE: not really to do with Re: WG Review: Domain-b… Christian Huitema
- Re: not really to do with Re: WG Review: Domain-b… ned+ietf
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: not really to do with Re: WG Review: Domain-b… John Levine
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- Re: not really to do with Re: WG Review: Domain-b… Dave Crocker
- Re: not really to do with Re: WG Review: Domain-b… Viktor Dukhovni
- Re: not really to do with Re: WG Review: Domain-b… Douglas Otis
- Re: not really to do with Re: WG Review: Domain-b… John Levine
- Re: not really to do with Re: WG Review: Domain-b… Scott Kitterman
- Re: not really to do with Re: WG Review: Domain-b… Dave Crocker
- Re: not really to do with Re: WG Review: Domain-b… Viktor Dukhovni
- Re: not really to do with Re: WG Review: Domain-b… Niels Dettenbach (Syndicat IT&Internet)
- Re: really to do with Re: WG Review: Domain-based… Alessandro Vesely
- Re: not really to do with Re: WG Review: Domain-b… Scott Kitterman
- Re: not really to do with Re: WG Review: Domain-b… t.p.
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: not really to do with Re: WG Review: Domain-b… Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Pete Resnick
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: WG Review: Domain-based Message Authenticatio… Randy Bush
- Re: WG Review: Domain-based Message Authenticatio… John Levine
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… Barry Leiba
- Re: WG Review: Domain-based Message Authenticatio… John C Klensin
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… John C Klensin
- Re: WG Review: Domain-based Message Authenticatio… John C Klensin
- Re: WG Review: Domain-based Message Authenticatio… Barry Leiba
- Re: WG Review: Domain-based Message Authenticatio… John R Levine
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Registration policies (was: WG Review: Domain-bas… S Moonesamy
- Re: Registration policies (was: WG Review: Domain… Barry Leiba
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Pete Resnick
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: WG Review: Domain-based Message Authenticatio… Pete Resnick
- Re: Registration policies (was: WG Review: Domain… S Moonesamy
- Re: Registration policies (was: WG Review: Domain… Barry Leiba
- Re: Registration policies (was: WG Review: Domain… Murray S. Kucherawy
- Re: Registration policies (was: WG Review: Domain… Barry Leiba
- Re: Registration policies (was: WG Review: Domain… Murray S. Kucherawy
- [***SPAM***] Re: Registration policies (was: WG R… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… ned+ietf
- Re: WG Review: Domain-based Message Authenticatio… Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: WG Review: Domain-based Message Authenticatio… Stuart Barkley
- Re: WG Review: Domain-based Message Authenticatio… Randy Bush
- Re: WG Review: Domain-based Message Authenticatio… John Levine
- DMARC and ietf.org Michael Richardson
- Re: WG Review: Domain-based Message Authenticatio… Douglas Otis
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: DMARC and ietf.org Brian E Carpenter
- Re: [***SPAM***] Re: Registration policies (was: … Barry Leiba
- Re: DMARC and ietf.org John C Klensin
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Hector Santos
- Re: DMARC and ietf.org Miles Fidelman
- Re: WG Review: Domain-based Message Authenticatio… Eric Burger
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Miles Fidelman
- Re: DMARC and ietf.org Pete Resnick
- Re: DMARC and ietf.org Dave Crocker
- Re: [dmarc-ietf] WG Review: Domain-based Message … Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: DMARC and ietf.org Martin Rex
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org Hector Santos
- RE: DMARC and ietf.org MH Michael Hammer (5304)
- Re: DMARC and ietf.org Hector Santos
- RE: DMARC and ietf.org MH Michael Hammer (5304)
- Re: DMARC and ietf.org Hector Santos
- Re: DMARC and ietf.org Viktor Dukhovni
- Re: DMARC and ietf.org Hector Santos
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org Rich Kulawiec
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org Alessandro Vesely
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org ned+ietf
- Re: DMARC and ietf.org Russ Housley
- Re: DMARC and ietf.org ned+ietf
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Andrew G. Malis
- Re: DMARC and ietf.org Russ Housley
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Russ Housley
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org John Payne
- Re: DMARC and ietf.org John Levine