Re: (DMARC) We've been here before, was Why mailing lists

"Murray S. Kucherawy" <superuser@gmail.com> Fri, 18 April 2014 15:21 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C27141A03AE for <ietf@ietfa.amsl.com>; Fri, 18 Apr 2014 08:21:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OaRpHv1Qmsm2 for <ietf@ietfa.amsl.com>; Fri, 18 Apr 2014 08:21:01 -0700 (PDT)
Received: from mail-wg0-x22f.google.com (mail-wg0-x22f.google.com [IPv6:2a00:1450:400c:c00::22f]) by ietfa.amsl.com (Postfix) with ESMTP id D7A8D1A01AF for <ietf@ietf.org>; Fri, 18 Apr 2014 08:21:00 -0700 (PDT)
Received: by mail-wg0-f47.google.com with SMTP id x12so602295wgg.18 for <ietf@ietf.org>; Fri, 18 Apr 2014 08:20:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=943BlK5Ui662Pz9WBkdc8NU/5X/23w7glEDp1THibRQ=; b=e4adGdUFxt08wdvzN6WdZ6RCbk/1CM60022FHGwMotwKWwLynenzyetL2bV3wIDDPl TbTqvgxjgGYBzqtHmOpi9um3cQINcJRonK3PnWxLpgd2C+8FtFNO2tdPK/2zBaPZHMqE qNskwzuHJSrXAGvM+oZ4LsqoAZZdMy5H6X5yWYoaVjkCrbX1td1P//Sd9Z3qbT1h1okh FgJN4o7LP4ooIcEjqb8flvXa7jQbKbUbzlPz5PguWuj6KU419f1Gb/VbNuA9bXAN6SmO uFOzkbJleQEaYs0fG9nKUGYSSTNTlMudWehjOb/hTuJvvZLANWqCoBCn70+lGe0Cv0XJ pIVQ==
MIME-Version: 1.0
X-Received: by 10.180.78.41 with SMTP id y9mr2808356wiw.26.1397834455431; Fri, 18 Apr 2014 08:20:55 -0700 (PDT)
Received: by 10.180.211.40 with HTTP; Fri, 18 Apr 2014 08:20:55 -0700 (PDT)
In-Reply-To: <9451.1397772992@sandelman.ca>
References: <20140417181815.8A5871ACD1@ld9781.wdf.sap.corp> <9451.1397772992@sandelman.ca>
Date: Fri, 18 Apr 2014 08:20:55 -0700
Message-ID: <CAL0qLwa0a4nDAdCHkkMJdeemsj+cezcmH3+59CvhF8q7B72ryg@mail.gmail.com>
Subject: Re: (DMARC) We've been here before, was Why mailing lists
From: "Murray S. Kucherawy" <superuser@gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Content-Type: multipart/alternative; boundary=f46d043894772bc3bb04f752b230
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/y2WWjlfUfupKQl1FFV7q8FsZyp8
Cc: Pete Resnick <presnick@qti.qualcomm.com>, John R Levine <johnl@taugh.com>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Apr 2014 15:21:06 -0000

On Thu, Apr 17, 2014 at 3:16 PM, Michael Richardson
<mcr+ietf@sandelman.ca>wrote;wrote:

> So, the bug is that Yahoo/DMARC/ are authenticating the From:, when it
> should
> really be authenticating the Sender:. DMARC should key it's policy from
> Sender: rather than From, and if it did that then:
>   1) we could leave the From: intact, which is what's good for the end
>      users.
>   2) the list would change the Sender:, which is what we would establish
>      the reputation of the list, not the From:
>   3) MUAs would compare the From: and Sender:, and if they differed,
>      could say useful things like:
>
>      "From: Mrex@sap.com via ietf@ietf.org"quot;.
>
> (I was also wondering this morning on my commute if a layer of
> message/rfc822
> added by the mailing list might be a useful interim hack)
>

http://tools.ietf.org/html/draft-kucherawy-dmarc-base-04#section-15.1

One of the key points about DMARC's design is that it's concerned
specifically with From:.  The reason is that the content of From: is what's
typically shown to the recipient by MUAs.  If DMARC keyed off Sender:
instead, then this would work:

MAIL FROM: haha@badguy.example.com

From: security@paypal.com
Sender: haha@badguy.example.com
DKIM-Signature: v=1; d=badguy.example.com; ...

If DMARC pays attention to Sender: in favor of From:, then this passes, but
what the user is shown that the message is from security@paypal.com with a
DMARC pass.  Not good.

Using Sender: as the authentication key was suggested and ultimately
abandoned during both DomainKeys (RFC 4870, the predecessor to DKIM) and
Sender-ID (RFC 4406, pretty much never implemented) for this sort of reason.

    > MUAs which are not implementing the rfc822/2822/5322 "on behalf of"
>     > semantics of a message that carries both From: and Sender: header
>     > fields ought to be FIXED.  Standards that build on rfc822/2822/5322
>     > and do not respect "on behalf of" semantics of messages with
>     > both "Sender:" and "From:" also need to be FIXED.
>

I don't believe that's standardized.  I'm also not sure we (the IETF) want
to enter into user space like MUAs, an area we have historically avoided
because we don't really have such expertise.

-MSK