Re: [dmarc-ietf] Identification of an email author (was - Re: IETF Mailing Lists and DMARC)

Dave Crocker <dcrocker@gmail.com> Mon, 07 November 2016 22:47 UTC

Return-Path: <dcrocker@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FA6D129855; Mon, 7 Nov 2016 14:47:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1rX2djnvpZZz; Mon, 7 Nov 2016 14:47:02 -0800 (PST)
Received: from mail-pf0-x236.google.com (mail-pf0-x236.google.com [IPv6:2607:f8b0:400e:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 262221296DE; Mon, 7 Nov 2016 14:47:02 -0800 (PST)
Received: by mail-pf0-x236.google.com with SMTP id n85so96792451pfi.1; Mon, 07 Nov 2016 14:47:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:references:cc:organization:reply-to:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=r7K/IiLBQJVRFJkoRnu1S7u3uq24hM28ia2BoSi9Ze8=; b=jOOkPL+FtqXkNtxttzeu8nLVYHRBA4RxIzqv1pvPqRbbohKzfPMumvrBJCFzXh+7Zw rWKkUjaQjrdqeN8AGP7OSh2uPCj/84Tap7LDjRFsrZ0e53TyYN2B4VCuxasx8cOn+45X wzZp23KTjc/129/mIC8aRgoAh5Rdhgchhqg3E29c+7ithqjxvrQlNHrnLScpdCgqOZc1 MQinForRmUXmEw7dvDOG9JnF0BuRK2thwVJj5bTwtKx6Ykd/Eh1CbIcFpd14TJzAikkW D9L148MbQwJQtnYzIQkcMNjKxWslClQUIcztEhvslYOiQW3lSX9Da80Khct2Jt78iE1Z Y7bA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:to:references:cc:organization :reply-to:message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=r7K/IiLBQJVRFJkoRnu1S7u3uq24hM28ia2BoSi9Ze8=; b=VRrQ83a3kmHtDlKvSTOcFtTBSogsJIBtfO7VcUzCmMvdI6LshMdxJWu1Yb+6Og0vZE riFp2exje3PPu2s8ZY7Awn4a1f4yO1imJ1AZRz2AcAdqCexrrQm3qossfk7+JKZb+OiB CdKPzWjukoDxMygeCn2t9lR3tEzn/Nck6YGQ9NbT0rHo2dIuyffOjM5Q/806sRCiFype BMmuvP5bRD/rYsCpgY8+yBfWx2DiGwjxfWjSp8N54oljqNVIZWs2k6lmw1fDBdWxli+C TSqicdxSeVZNA++HNvclZdf+Zl615gJBrEf6q/BrOOyp2UaMGRhFNCgMfGoWhKXXOkxc ZorQ==
X-Gm-Message-State: ABUngve9cJSwTfHiqy6xNRfVf9ltqMoXujZYCjTkS6bvk9wsmc39iVBpHjBR0mqtSV3Bjw==
X-Received: by 10.98.208.131 with SMTP id p125mr17545060pfg.168.1478558821772; Mon, 07 Nov 2016 14:47:01 -0800 (PST)
Received: from ?IPv6:2602:304:cda0:8800:3c9f:b94c:7e47:7e87? ([2602:304:cda0:8800:3c9f:b94c:7e47:7e87]) by smtp.gmail.com with ESMTPSA id s3sm42925581pfe.27.2016.11.07.14.47.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Nov 2016 14:47:01 -0800 (PST)
From: Dave Crocker <dcrocker@gmail.com>
X-Google-Original-From: Dave Crocker <dhc@dcrocker.net>
Subject: Re: [dmarc-ietf] Identification of an email author (was - Re: IETF Mailing Lists and DMARC)
To: Franck Martin <franck@peachymango.org>, Terry Zink <tzink@exchange.microsoft.com>
References: <678C2FBA-A661-4556-A300-5C08562B5F8A@iii.ca> <CABa8R6vHdt75NFKW3s6xOzLcq=jmVAHDPX0tjLRdGpYSTP2cYA@mail.gmail.com> <33b100ac-c035-8b49-22e1-edbe47f41919@dcrocker.net> <CABa8R6u7WbbeXzkhkNM46RYtMSw7V9FT2m_LvKLHaFDvF3cw3A@mail.gmail.com> <CO2PR00MB0103566D260F9BFEC7166C9B96A20@CO2PR00MB0103.namprd00.prod.outlook.com> <5FA03832-D38F-47F2-B974-7C903C7513FD@fugue.com> <CO2PR00MB01034350A8C90A1E039336F796A20@CO2PR00MB0103.namprd00.prod.outlook.com> <WM!9664810c615567bf070fc649d954183e561aaa67977ebde37433238a98da7930f34ca08db8c430e48500f1e63f6d7622!@mailstronghold-1.zmailcloud.com> <713098835.18678872.1478547678821.JavaMail.zimbra@peachymango.org>
Organization: Brandenburg InternetWorking
Message-ID: <969d43d4-78c9-6e44-e186-ca6ed6fa3445@dcrocker.net>
Date: Mon, 07 Nov 2016 14:46:54 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <713098835.18678872.1478547678821.JavaMail.zimbra@peachymango.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/BQAbglbS75JSS3csprePKpznIj0>
Cc: dmarc@ietf.org, IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2016 22:47:03 -0000

On 11/7/2016 11:41 AM, Franck Martin wrote:
> The EAI WG found it was fine to remove the obligation to have an email
> address part in the mandatory RFC5322.From header, leaving only the
> display part to assert the original author.

We had that relaxed permission for From:, in the original 
From/Sender/Reply-to specification of rfc733, with the requirement that 
there be a Sender: email address.  It looks like we removed it for rfc822.

And while I recall something of the EAI discussion, I'm not recalling 
this permission's being returned.  Nor am I finding it in rfc6854:

      https://tools.ietf.org/html/rfc6854#section-2

So, please point to the formal specification that permits a From: field 
to have no email address.

Absent that, there's the small question about how the EAI group would 
have the authority to make such a major change to such a basic email 
feature...


d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net