IETF Logo Mail Archive

Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)x

Dave Crocker <dhc@dcrocker.net> Thu, 17 July 2014 20:28 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9E071A020B for <ietf@ietfa.amsl.com>; Thu, 17 Jul 2014 13:28:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HYIOkD18CCYG for <ietf@ietfa.amsl.com>; Thu, 17 Jul 2014 13:28:46 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 931FF1A0023 for <ietf@ietf.org>; Thu, 17 Jul 2014 13:28:46 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net [76.218.8.156]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s6HKSgmC011179 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 17 Jul 2014 13:28:46 -0700
Message-ID: <53C83191.5@dcrocker.net>
Date: Thu, 17 Jul 2014 13:26:57 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: John C Klensin <john-ietf@jck.com>, ietf@ietf.org
Subject: Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)x
References: <20140717024645.1605.qmail@joyce.lan> <EAC6F6031A4AF95070AF35C5@JcK-HP8200.jck.com> <53C7E02B.9050405@dcrocker.net> <1C6468F6C7AB38FC3996C8E2@JcK-HP8200.jck.com>
In-Reply-To: <1C6468F6C7AB38FC3996C8E2@JcK-HP8200.jck.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Thu, 17 Jul 2014 13:28:46 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/YZ4cjru3Tf49CYgo2nGnzzE_aJw
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jul 2014 20:28:49 -0000

On 7/17/2014 11:15 AM, John C Klensin wrote:
>>> To me, that makes decisions about damage-mitigation work for a
>>> non-essential protocol complicated because one way to
>>> eliminate the damage is to not support the protocol at all,
>>> possibly including stripping its headers whenever they are
>>> encountered.
>>
>> What 'headers' are you referring to?
> 
> Perhaps it would have been more precise to say "delete all
> DMARC-related headers", i.e., DKIM and/or SPF ones.  While that

SPF has no 'headers'.

At first blush, dictating deletion of a DKIM-Signature field sounds like
a layer violation.

At second blush it won't do anything useful.  (Really!)

At third blush, it starts to look as if the current details of the DMARC
specification need to be better understood before suggested remedies to
the collateral damage of its use are considered.


> would be pretty drastic in some respects, whether it is
> justifiable depends on perceptions of the damage that DMARC can

It is not a matter of 'perception'.  It needs to be a matter of utility.


> cause.  I think that is a topic for WG discussion.

Unfortunately, I still can't tell what that discussion would be about or
would be intended to accomplish.




On 7/17/2014 11:06 AM, John C Klensin wrote:>
> I just want to be absolutely sure that the charter doesn't
> constrain any of those options and that the WG is on notice that
> it will be accountable for, and required to explain, the choices
> it makes.

1. You want to be 'absolutely sure' of the way an IETF charter will be
interpreted?  You realize, I hope, that uttering such a statement mostly
means we can all be absolutely sure you are not the John Klensin who has
participated in the IETF for such a long time.

2. If you want to strengthen the charter's language towards whatever
specific protections you have in mind, then please suggest language to
that end.

3. What you have expressed so far is sufficiently vague, I still have no
idea what particulars might be responsive to those concerns.



d/


-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email