Re: [secdir] Review of draft-ietf-marf-dkim-reporting-11
"Murray S. Kucherawy" <msk@cloudmark.com> Fri, 09 March 2012 17:22 UTC
Return-Path: <msk@cloudmark.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26BC421F8682; Fri, 9 Mar 2012 09:22:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.603
X-Spam-Level:
X-Spam-Status: No, score=-102.603 tagged_above=-999 required=5 tests=[AWL=-0.004, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ay6ruUFc7NWH; Fri, 9 Mar 2012 09:22:11 -0800 (PST)
Received: from ht2-outbound.cloudmark.com (ht2-outbound.cloudmark.com [72.5.239.26]) by ietfa.amsl.com (Postfix) with ESMTP id 9F57C21F867E; Fri, 9 Mar 2012 09:22:11 -0800 (PST)
Received: from EXCH-MBX901.corp.cloudmark.com ([fe80::addf:849a:f71c:4a82]) by exch-htcas902.corp.cloudmark.com ([fe80::e82a:4f80:7f44:eaf7%12]) with mapi id 14.01.0355.002; Fri, 9 Mar 2012 09:22:11 -0800
From: "Murray S. Kucherawy" <msk@cloudmark.com>
To: Tero Kivinen <kivinen@iki.fi>
Thread-Topic: Review of draft-ietf-marf-dkim-reporting-11
Thread-Index: AQHM+7Jn5hDXdigsDk2cMOfl5q2RKJZd1I8ggAMhkID//73RAIABsP8A///U9FA=
Date: Fri, 09 Mar 2012 17:22:10 +0000
Message-ID: <9452079D1A51524AA5749AD23E0039280822FA@exch-mbx901.corp.cloudmark.com>
References: <20310.13509.461991.185885@fireball.kivinen.iki.fi> <9452079D1A51524AA5749AD23E00392807D2D5@exch-mbx901.corp.cloudmark.com> <20312.47947.44384.921886@fireball.kivinen.iki.fi> <9452079D1A51524AA5749AD23E003928080B06@exch-mbx901.corp.cloudmark.com> <20313.61184.568181.566675@fireball.kivinen.iki.fi>
In-Reply-To: <20313.61184.568181.566675@fireball.kivinen.iki.fi>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.20.2.121]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "draft-ietf-marf-dkim-reporting.all@tools.ietf.org" <draft-ietf-marf-dkim-reporting.all@tools.ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Review of draft-ietf-marf-dkim-reporting-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2012 17:22:12 -0000
> -----Original Message----- > From: Tero Kivinen [mailto:kivinen@iki.fi] > Sent: Friday, March 09, 2012 3:53 AM > To: Murray S. Kucherawy > Cc: iesg@ietf.org; secdir@ietf.org; draft-ietf-marf-dkim-reporting.all@tools.ietf.org > Subject: RE: Review of draft-ietf-marf-dkim-reporting-11 > > > How does that look? > > That looks very clear and good... OK, it's in the version I'll post when LC closes. > > 8.3. Unreported Fraud > > > > An attacker can craft fraudulent DKIM-Signature fields on messages, > > without using "r=" tags, and avoid having these reported. The > > procedure described in Section 3.3 does not permit the detection and > > reporting of such cases. > > I think it might be useful to point out here that this whole mechanism > does not really work agains attack, but is more useful detecting > misconfigurations or errors in setup, because of attacker can do what > is desribed above... It does work where there's an attack in progress, with the caveat that asking for reports about the attack could produce a huge amount of feedback. But I think the text we've landed on spells that out. > > It might be useful to some Signers to receive such reports, but the > > mechanism does not support it. To offer such support, a Verifier > > would have to violate the first step in the algorithm and continue > ^^^ > > Add reference to section 3.3 (i.e. ... in the algorithm described in > section 3.3 and continue ...). Or use single term (either procedure or > algorithm) describing it. Now you have first paragraph talking about > the procedure described in section 3.3, and then the next paragraph > talks about the algorithm with out specifying which algorithm... Right; changed the first one to "procedure". Thanks, -MSK
- [secdir] Review of draft-ietf-marf-dkim-reporting… Tero Kivinen
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Murray S. Kucherawy
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Tero Kivinen
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Murray S. Kucherawy
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Barry Leiba
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Murray S. Kucherawy
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Tero Kivinen
- Re: [secdir] Review of draft-ietf-marf-dkim-repor… Murray S. Kucherawy