Re: (DMARC) Why mailing lists are only sort of special

"John Levine" <johnl@taugh.com> Fri, 18 April 2014 01:30 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7234E1A0079 for <ietf@ietfa.amsl.com>; Thu, 17 Apr 2014 18:30:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.357
X-Spam-Level:
X-Spam-Status: No, score=-0.357 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8qAgfSxXesSK for <ietf@ietfa.amsl.com>; Thu, 17 Apr 2014 18:30:02 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id B0D6B1A0057 for <ietf@ietf.org>; Thu, 17 Apr 2014 18:30:01 -0700 (PDT)
Received: (qmail 20953 invoked from network); 18 Apr 2014 01:29:57 -0000
Received: from miucha.iecc.com (64.57.183.18) by mail1.iecc.com with QMQP; 18 Apr 2014 01:29:57 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=aa9.53508015.k1404; i=johnl@user.iecc.com; bh=h+tupGPWa5/+gO2TJ1j9l3Pm3TOwZkiUpUqGos4KLjw=; b=TDyjLEX5fVBFgIStYH7e/K0Z+xL5h3t4AJ0wYcqvScRRWe5U6ii2C1tZs36SJRsTeK/ZtlNj5jX/eICctmScC/ZmauzBnHgQtxK5NwWjfK8LfTI4yFG0oCIBcAnS1CAxeMOHcb9mx665+kfliCGCGV6hOl7ujDcvPCx++jKQlv/m9GBCy48Cte65j7oSaccti/ay/ylYGBNqFV1xpV4s6QsOp9oPO7fufoICuFyqZWVWeXK0AJDTVrLpAUQFWLrW
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=aa9.53508015.k1404; olt=johnl@user.iecc.com; bh=h+tupGPWa5/+gO2TJ1j9l3Pm3TOwZkiUpUqGos4KLjw=; b=Fs2iLVtYI9G1AE0q2ZIJAnNf9cG+5Ntt+0w6SzhYdk7gb/TIAHPTf8+ua+6zQjrByxoT2zNojSBfFmXlCgip+BLA8Bn8edCgvmb4qDkilsJQCxnFn/+/Zm30Re5UXzOTRyhVJvj4rWJ4f5bgKzrbfr2tH8rZCDZDPXZSWFtUmPwUMpG2WrnoS5fn2jeUfPHdeJT64FdL05a5OPuulwp9seB9J3cDoA4puq2+6oXiY+YLEIYpcyWL6Y0Oyv41OQaY
Date: 18 Apr 2014 01:29:34 -0000
Message-ID: <20140418012934.2728.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: ietf-822@ietf.org
Subject: Re: (DMARC) Why mailing lists are only sort of special
In-Reply-To: <534F1183.6060702@qti.qualcomm.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/Vq7K_JPDUsjoFGMdlun4QE5o76I
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Apr 2014 01:30:07 -0000

>At least in the back-of-the-envelope scheme I suggested, the receiver 
>doesn't need to distinguish mailing lists: The originator's system finds 
>out where the mail is going, gets some information from the destination, 
>and signs that and sends it with the message. The mailing list sends 
>that along to the recipients. When my (one of the recipient's) server 
>looks at that info, it determines that the originator sent the message 
>directly to the mailing list, and I can tell that the mailing list sent 
>it to me.

I still think it has security holes but it's worth arguing about, so
I'll follow up on ietf-822, which seems relevant and hasn't been very
busy.

R's,
John