IETF Logo Mail Archive

Re: Will mailing lists survive DMARC?

"Murray S. Kucherawy" <superuser@gmail.com> Tue, 29 April 2014 23:54 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7CE81A0953 for <ietf@ietfa.amsl.com>; Tue, 29 Apr 2014 16:54:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jvfcfaZjbo3f for <ietf@ietfa.amsl.com>; Tue, 29 Apr 2014 16:54:37 -0700 (PDT)
Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 25D021A0948 for <ietf@ietf.org>; Tue, 29 Apr 2014 16:54:36 -0700 (PDT)
Received: by mail-we0-f172.google.com with SMTP id u57so949641wes.31 for <ietf@ietf.org>; Tue, 29 Apr 2014 16:54:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=oqUprYaS6orHYSQjFJVoeBe15jLKUmZks2fbBH7Enzs=; b=ZqbJ803517ctQeeinJH3kuJuMTWgu9BcCpvQIOcqtGYRKApnQT3E4IfL4vv997Ry+c 1YqJnfH73n427tmcT2kkgAM+LBVlZ6Mxb9bkbdSo9eeztLGFGmsWv9vZ2NrGf8Fd1fBm ea6634LAeJfFplAsW8Jn59yZ1eu1VMws+iVzGM/Wjfmvzz8I1F83ivJD57lAb8pa4OnB UWVGwH0kT/m4UMpTizRo0aN11+zkdksUXZJqcr5/ZjAk9u1OlJOhsi8tPEyZ0fbCLdMl kOfAHrF1kK+kNCnIPVmCvlzbDimzNFAHcTuMacIAm55Hg5smhgj4V1WbnviB+xV5G6Wm Xcxw==
MIME-Version: 1.0
X-Received: by 10.194.109.227 with SMTP id hv3mr874000wjb.10.1398815675338; Tue, 29 Apr 2014 16:54:35 -0700 (PDT)
Received: by 10.180.210.194 with HTTP; Tue, 29 Apr 2014 16:54:35 -0700 (PDT)
In-Reply-To: <0A46725A-D80C-4F64-BACE-B2C73A04782D@gmail.com>
References: <20140429175606.2856.qmail@joyce.lan> <0A46725A-D80C-4F64-BACE-B2C73A04782D@gmail.com>
Date: Tue, 29 Apr 2014 16:54:35 -0700
Message-ID: <CAL0qLwaNcFHq0bpZaN3FUibo+EK1cRggRqZrtgJbEOKQSG+Evg@mail.gmail.com>
Subject: Re: Will mailing lists survive DMARC?
From: "Murray S. Kucherawy" <superuser@gmail.com>
To: Douglas Otis <doug.mtview@gmail.com>
Content-Type: multipart/alternative; boundary="089e0102ee286f5d4f04f837278b"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/o7wiE6BJmZWw4CZQtOlTd3bAKLs
Cc: John Levine <johnl@taugh.com>, ietf <ietf@ietf.org>, Patrik Fältström <paf@frobbit.se>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2014 23:54:39 -0000

On Tue, Apr 29, 2014 at 3:00 PM, Douglas Otis <doug.mtview@gmail.com> wrote:

> There will be an effort made to better generalize the TPA expired draft.
> http://tools.ietf.org/html/rfc6541 (ATPS) was hostile to existing
> mailing-list services and, as such, could not be deployed.  Nor was it more
> suitable for high volume email services.  An effort to change From header
> fields will have users guessing which field indicates who authored the
> message and in the end will provide no benefit.
>

ATPS was deployed as part of an open source package since before it was
published.  It has seen negligible use, and I suspect that's because there
has not to date been any demand for third-party signing mechanisms of any
kind.  In particular, nobody has said anything even a little bit like "I
would use ATPS if only it were changed in the following way(s): ...",
including (and especilaly) the large messaging providers that use that open
source package.

To me, this may lend credence to John Levine's claim that the list signing
the message is as good or better than the author signing the message.

In any case, ATPS, TPA, and its variants all run up against a whitelisting
scaling problem.  I think that's the more interesting thing to discuss.

-MSK

v2.23.0 | Report a Bug | By Email