Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)
Scott Kitterman <scott@kitterman.com> Mon, 14 July 2014 20:47 UTC
Return-Path: <scott@kitterman.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C5481B2791; Mon, 14 Jul 2014 13:47:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.298
X-Spam-Level:
X-Spam-Status: No, score=0.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MANGLED_TOOL=2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CKt50aRnb-bQ; Mon, 14 Jul 2014 13:47:22 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [IPv6:2607:f0d0:3001:aa::2]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BA9A1B278B; Mon, 14 Jul 2014 13:47:22 -0700 (PDT)
Received: from mailout03.controlledmail.com (localhost [127.0.0.1]) by mailout03.controlledmail.com (Postfix) with ESMTP id 6ED9AD04533; Mon, 14 Jul 2014 16:47:21 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2014-01; t=1405370841; bh=SnbzuYiV2QDGyvzSqv0roW8sYGrJGtIBjlnD6RqpVJI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IQdVflyXIlSpjgT3AEE1y9qqbkNoK0RrBQcNZayNUe/lYO0QF417+q8GyofYoOpJe bNrD5Tr9ij4JdI+NJnCzaSKe6kyC02r1AcABAi9z4Y/d383ftlr2yNJRCGFB8R4I8j pB28y5K6SFIfE8GPJ/NXvJSz8TuCIRK9gbd1Upho=
Received: from scott-latitude-e6320.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 35BC2D043F1; Mon, 14 Jul 2014 16:47:21 -0400 (EDT)
From: Scott Kitterman <scott@kitterman.com>
To: ietf@ietf.org, Pete Resnick <presnick@qti.qualcomm.com>, iesg@ietf.org
Subject: Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)
Date: Mon, 14 Jul 2014 16:47:19 -0400
Message-ID: <4450964.7UmRiHm4KW@scott-latitude-e6320>
User-Agent: KMail/4.13.2 (Linux/3.13.0-30-generic; KDE/4.13.2; x86_64; ; )
In-Reply-To: <53C413EB.5060408@dcrocker.net>
References: <20140714164212.22974.20340.idtracker@ietfa.amsl.com> <53C413EB.5060408@dcrocker.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/8G4s6a5UpKj17uKTHywP4Xvue50
Cc: dmarc WG <dmarc@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jul 2014 20:47:24 -0000
On Monday, July 14, 2014 10:31:23 Dave Crocker wrote: > On 7/14/2014 9:42 AM, The IESG wrote: > > A new IETF working group has been proposed in the Applications Area. The > > IESG has not made any determination yet. The following draft charter was > > submitted, and is provided for informational purposes only. Please send > > your comments to the IESG mailing list (iesg at ietf.org) by 2014-07-24. > > The first paragraph of a charter is circulated independently of the > rest, such as when announcing the working group. > > As such, it needs to serve as a kind of abstract. This is why there is > a requirement, specified in RFC 2418 (WG Guidelines & Procedures), > "Description of working group: > > "The first > paragraph must give a brief summary of the problem area, basis, > goal(s) and approach(es) planned for the working group.. > > > Charter: > > Domain-based Message Authentication, Reporting & Conformance (DMARC) > > uses existing mail authentication technologies (SPF and DKIM) to > > extend validation to the RFC5322.From field. DMARC uses DNS records > > to add policy-related requests for receivers and defines a feedback > > mechanism from receivers back to domain owners. This allows a domain > > owner to advertise that mail can safely receive differential > > handling, such as rejection, when the use of the domain name in the > > From field is not authenticated. Existing deployment of DMARC has > > demonstrated utility at internet scale, in dealing with significant > > email abuse, and has permitted simplifying some mail handling > > processes. > > > > The existing base specification is being submitted as an Independent > > Submission to become an Informational RFC. > > > > However, DMARC is problematic for mail that does not flow from > > operators having a relationship with the domain owner, directly to > > receivers operating the destination mailbox. Examples of such > > "indirect" flows are mailing lists, publish-to-friend functionality, > > mailbox forwarding (".forward"), and third-party services that send > > on behalf of clients. The working group will explore possible updates > > and extensions to the specifications in order to address limitations > > and/or add capabilities. It will also provide technical > > implementation guidance and review possible enhancements elsewhere in > > the mail handling sequence that could improve could DMARC > > compatibility. > > The DMARC draft charter's first paragraph does not state any goals. > This can be fixed by moving the last two sentences of the third > paragraph, to the end of the first. > > That is, end the first descriptive paragraph with: > > "The working group will explore possible updates > and extensions to the specifications in order to address limitations > and/or add capabilities. It will also provide technical > implementation guidance and review possible enhancements elsewhere in > the mail handling sequence that could improve could DMARC > compatibility. > > and delete it from it's current position. > > > References > > ---------- > > > > DMARC - http://dmarc.org > > SPF - RFC7208 > > DKIM - RFC6376 > > Internet Message Format - RFC5322 > > OAR / Original Authentication Results - > > draft-kucherawy-original-authres > > Using DMARC - draft-crocker-dmarc-bcp-03 > > This is missing two citations that I thought were supposed to be > included, since they touch on indirect email flows: > > Delegating DKIM Signing Authority - draft-kucherawy-dkim-delegate-00 > DKIM Third-Party Authorization Label - draft-otis-dkim-tpa-label-03 If we're adding references, I think RFC 7001, Message Header Field for Indicating Message Authentication Status, should be included as well. It's, I think a matter for the WG to decide if RFC 7001 provides enough or if an extension like OAR is needed. Scott K
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- Re: WG Review: Domain-based Message Authenticatio… Viktor Dukhovni
- Re: WG Review: Domain-based Message Authenticatio… Douglas Otis
- Re: WG Review: Domain-based Message Authenticatio… Viktor Dukhovni
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- Re: WG Review: Domain-based Message Authenticatio… Viktor Dukhovni
- not really to do with Re: WG Review: Domain-based… t.p.
- Re: not really to do with Re: WG Review: Domain-b… Viktor Dukhovni
- Re: WG Review: Domain-based Message Authenticatio… John Levine
- Re: not really to do with Re: WG Review: Domain-b… ned+ietf
- Re: not really to do with Re: WG Review: Domain-b… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- RE: not really to do with Re: WG Review: Domain-b… Christian Huitema
- Re: not really to do with Re: WG Review: Domain-b… ned+ietf
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: not really to do with Re: WG Review: Domain-b… John Levine
- Re: WG Review: Domain-based Message Authenticatio… Scott Kitterman
- Re: not really to do with Re: WG Review: Domain-b… Dave Crocker
- Re: not really to do with Re: WG Review: Domain-b… Viktor Dukhovni
- Re: not really to do with Re: WG Review: Domain-b… Douglas Otis
- Re: not really to do with Re: WG Review: Domain-b… John Levine
- Re: not really to do with Re: WG Review: Domain-b… Scott Kitterman
- Re: not really to do with Re: WG Review: Domain-b… Dave Crocker
- Re: not really to do with Re: WG Review: Domain-b… Viktor Dukhovni
- Re: not really to do with Re: WG Review: Domain-b… Niels Dettenbach (Syndicat IT&Internet)
- Re: really to do with Re: WG Review: Domain-based… Alessandro Vesely
- Re: not really to do with Re: WG Review: Domain-b… Scott Kitterman
- Re: not really to do with Re: WG Review: Domain-b… t.p.
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: not really to do with Re: WG Review: Domain-b… Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Pete Resnick
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: WG Review: Domain-based Message Authenticatio… Randy Bush
- Re: WG Review: Domain-based Message Authenticatio… John Levine
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… Barry Leiba
- Re: WG Review: Domain-based Message Authenticatio… John C Klensin
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… John C Klensin
- Re: WG Review: Domain-based Message Authenticatio… John C Klensin
- Re: WG Review: Domain-based Message Authenticatio… Barry Leiba
- Re: WG Review: Domain-based Message Authenticatio… John R Levine
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Registration policies (was: WG Review: Domain-bas… S Moonesamy
- Re: Registration policies (was: WG Review: Domain… Barry Leiba
- Re: WG Review: Domain-based Message Authenticatio… Dave Crocker
- Re: WG Review: Domain-based Message Authenticatio… Pete Resnick
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: WG Review: Domain-based Message Authenticatio… Pete Resnick
- Re: Registration policies (was: WG Review: Domain… S Moonesamy
- Re: Registration policies (was: WG Review: Domain… Barry Leiba
- Re: Registration policies (was: WG Review: Domain… Murray S. Kucherawy
- Re: Registration policies (was: WG Review: Domain… Barry Leiba
- Re: Registration policies (was: WG Review: Domain… Murray S. Kucherawy
- [***SPAM***] Re: Registration policies (was: WG R… S Moonesamy
- Re: WG Review: Domain-based Message Authenticatio… ned+ietf
- Re: WG Review: Domain-based Message Authenticatio… Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: WG Review: Domain-based Message Authenticatio… Murray S. Kucherawy
- Re: WG Review: Domain-based Message Authenticatio… Stuart Barkley
- Re: WG Review: Domain-based Message Authenticatio… Randy Bush
- Re: WG Review: Domain-based Message Authenticatio… John Levine
- DMARC and ietf.org Michael Richardson
- Re: WG Review: Domain-based Message Authenticatio… Douglas Otis
- Re: WG Review: Domain-based Message Authenticatio… S Moonesamy
- Re: DMARC and ietf.org Brian E Carpenter
- Re: [***SPAM***] Re: Registration policies (was: … Barry Leiba
- Re: DMARC and ietf.org John C Klensin
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Hector Santos
- Re: DMARC and ietf.org Miles Fidelman
- Re: WG Review: Domain-based Message Authenticatio… Eric Burger
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Miles Fidelman
- Re: DMARC and ietf.org Pete Resnick
- Re: DMARC and ietf.org Dave Crocker
- Re: [dmarc-ietf] WG Review: Domain-based Message … Hector Santos
- Re: WG Review: Domain-based Message Authenticatio… Martin Rex
- Re: DMARC and ietf.org Martin Rex
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org Hector Santos
- RE: DMARC and ietf.org MH Michael Hammer (5304)
- Re: DMARC and ietf.org Hector Santos
- RE: DMARC and ietf.org MH Michael Hammer (5304)
- Re: DMARC and ietf.org Hector Santos
- Re: DMARC and ietf.org Viktor Dukhovni
- Re: DMARC and ietf.org Hector Santos
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org Rich Kulawiec
- Re: DMARC and ietf.org John Levine
- Re: DMARC and ietf.org Alessandro Vesely
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org ned+ietf
- Re: DMARC and ietf.org Russ Housley
- Re: DMARC and ietf.org ned+ietf
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Andrew G. Malis
- Re: DMARC and ietf.org Russ Housley
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Brian E Carpenter
- Re: DMARC and ietf.org Dave Crocker
- Re: DMARC and ietf.org Russ Housley
- Re: DMARC and ietf.org Michael Richardson
- Re: DMARC and ietf.org John Payne
- Re: DMARC and ietf.org John Levine