Re: Last Call: <draft-melnikov-smtp-priority-tunneling-02.txt> (Tunneling of SMTP Message Transfer Priorities) to Experimental RFC
Alexey Melnikov <alexey.melnikov@isode.com> Thu, 12 July 2012 12:08 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4647121F85CD for <ietf@ietfa.amsl.com>; Thu, 12 Jul 2012 05:08:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.97
X-Spam-Level:
X-Spam-Status: No, score=-102.97 tagged_above=-999 required=5 tests=[AWL=-0.371, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UyWvEILuMrrA for <ietf@ietfa.amsl.com>; Thu, 12 Jul 2012 05:08:02 -0700 (PDT)
Received: from statler.isode.com (statler.isode.com [62.3.217.254]) by ietfa.amsl.com (Postfix) with ESMTP id 4AE9521F855B for <ietf@ietf.org>; Thu, 12 Jul 2012 05:08:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1342094914; d=isode.com; s=selector; i=@isode.com; bh=R2FI7GkDPMtvc/SOVXjzRx912BWIb9GfSb8IagcYKK4=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=surRj/6IsLzx8nOW89sJwcSUQ+MahrpvmhEUYiS7pd2gH5BJn2U1RP1+5myQz8xhMObFHA VPfQklOUjFAzWmamkliQ1/s2F2xDxGsAlzAnLGF1s9W5Mi2hC5uSZThRr7rrC9vtYWfP8K zcp6sNrHNsKu3P8tDzXN7ZwoZBQLIyA=;
Received: from [192.168.1.144] ((unknown) [62.3.217.253]) by statler.isode.com (submission channel) via TCP with ESMTPSA id <T=6-QQBcm3-y@statler.isode.com>; Thu, 12 Jul 2012 13:08:34 +0100
X-SMTP-Protocol-Errors: NORDNS PIPELINING
Message-ID: <4FFEBE5A.6080406@isode.com>
Date: Thu, 12 Jul 2012 13:08:58 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20120614 Thunderbird/13.0.1
To: SM <sm@resistor.net>
Subject: Re: Last Call: <draft-melnikov-smtp-priority-tunneling-02.txt> (Tunneling of SMTP Message Transfer Priorities) to Experimental RFC
References: <20120604200531.8859.1367.idtracker@ietfa.amsl.com> <6.2.5.6.2.20120605113303.0aa1b028@resistor.net>
In-Reply-To: <6.2.5.6.2.20120605113303.0aa1b028@resistor.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: draft-melnikov-smtp-priority-tunneling@tools.ietf.org, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2012 12:08:03 -0000
Hi SM, Thank you for the comments. On 06/06/2012 22:39, SM wrote: > At 13:05 04-06-2012, The IESG wrote: >> The IESG has received a request from an individual submitter to consider >> the following document: >> - 'Tunneling of SMTP Message Transfer Priorities' >> <draft-melnikov-smtp-priority-tunneling-02.txt> as Experimental RFC >> >> The IESG plans to make a decision in the next few weeks, and solicits >> final comments on this action. Please send substantive comments to the > > In the Introduction section: > > Typo: scenarious. Fixed, thanks. > In Section 3.1: > > "This specification inserts the following between steps 3 and 4 in > Section 4.1 of [SMTP-PRIORITY]:" > > The specification would be updating draft-melnikov-smtp-priority > according to the above. > > "3b. In absence of both the MT-PRIORITY MAIL FROM parameter and the > MT-Priority header field, other message header fields, such as > Priority [RFC2156] and X-Priority, MAY be used for determining > the priority under this "Priority Message Handling" SMTP > extension. But note that the Importance [RFC2156] header field > MUST NOT be used for determining the priority under this > "Priority Message Handling" SMTP extension, as it has different > semantics: the Importance header field is aimed at the user > recipient and not at the nodes responsible for transferring the > message." > > X-Priority, for example, is undocumented. Yes. Albeit widely used. > If I understood the above correctly, the MTA chooses some higher > priority when it sees any of these header fields. MT-Priority header field always takes precedence, but in its absence other header fields can be used. > In Section 7: > > "Thus it is important to ensure that an MTA receiving a message > containing the MT-Priority header field can trust that it > was set by an authorized agent. Such trust can be realized, for > example, by using DKIM Section 7.1 to sign the MT-Priority header > field value, S/MIME, or by keeping a list of trusted senders (e.g. > within a close environment)." > > I don't see how DKIM can be used to ensure that the header field was > set by an authorized agent. I assume that any SMTP client within the > (DKIM) signing domain could generate a MT-Priority header field as I > don't know the DKIM signing policy. As an example, I consider that > msg-id 3D9B1776-6DFD-4B80-97C6-FA8774DB7BA9@ietf.org as was generated > by an authorized agent on behalf of the IETF Chair but I would not > describe it as trusted. Ok, this text is wrong, I will try to rewrite it. DKIM enables binding between a priority value and a signer. Recipient still needs to have a policy for deciding which signers are to be trusted. > "Message Submission Agents MUST implement a policy that only allows" > > I suggest using the same text as in draft-melnikov-smtp-priority. Yes, I just updated my copy. The change will be in -03. > "To protect MT-Priority header field from modification or insertion, > MUAs, MSAs and MTAs inserting it into messages SHOULD use message > header protection mechanism such as DKIM [RFC6376]." > > I read Section 7.1 as a case for not following the above > recommendation. Any attempt to change priority means breaking the > DKIM signature. Correct. It is a trade-off. > I am not proposing text to avoid a significant rewrite of the proposal.