Re: [secdir] [taugh.com-standards] Secdir last call review of draft-ietf-dmarc-eaiauth-03

"John R Levine" <johnl@taugh.com> Mon, 25 March 2019 10:57 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BAD012039D for <secdir@ietfa.amsl.com>; Mon, 25 Mar 2019 03:57:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=yJiL7U8K; dkim=pass (1536-bit key) header.d=taugh.com header.b=eQW5jnU3
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9UeKolBaeudv for <secdir@ietfa.amsl.com>; Mon, 25 Mar 2019 03:57:55 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54EBB1203A4 for <secdir@ietf.org>; Mon, 25 Mar 2019 03:57:55 -0700 (PDT)
Received: (qmail 28700 invoked from network); 25 Mar 2019 10:57:52 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=701a.5c98b430.k1903; bh=ZQffTIX3WZyloAzFprOPBBSO++oiTCMQb4K2nAU3C14=; b=yJiL7U8KOlItfUCZLryxqBaLPzXAPuchYoQ3mQ3OqCO9uD+95oPNG8Ich1TVKT45vCz7uRoKhbE5U0IbySNPZyl4t7oLRTlYgHZ2Kpb6MWpSMrVZQXO7dkv7uqPVQBazdPuX6+Kk/0TFgX6X0M1vpg7bUX/KxlzMb69tAJ0dIW0D/gQvEIZxFvw9v0IXmhGn7px+0jeaX36iyBpY85kyvZv8wPnPzMMISqPjbtX184dxsdo0j8TkQxu5vh/eiwpW
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=701a.5c98b430.k1903; bh=ZQffTIX3WZyloAzFprOPBBSO++oiTCMQb4K2nAU3C14=; b=eQW5jnU3ZdwTCutK5rhRs4fvxVS5zQOKkj4KyjUorN5Hd7vusCIbg/MtuzqMYxnvprXxmM8Zl4KXyvVst5Z8YyN/JtNLXCPlVNhyjLPx+hp/xvHpnpN2bI8CDfrP9lHH4JK5OYWHXK8ir3M5t2VPPurq4/51UYXRaly+Dk4x77czsqUqz+2cJyEOfoSgwD8XQDKmWQVFMPgVd0UgNc/MqAVlBy41L/1fq0rv2ATOQyUHj3ellWguuiqrDGMtbcoe
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 25 Mar 2019 10:57:52 -0000
Date: 25 Mar 2019 10:57:49 +0000
Message-ID: <alpine.OSX.2.21.1903251056350.93990@ary.local>
From: "John R Levine" <johnl@taugh.com>
To: "Leif Johansson" <leifj@sunet.se>
Cc: secdir@ietf.org, dmarc@ietf.org, "Tim Wicinski" <tjw.ietf@gmail.com>, "Murray Kucherawy" <superuser@gmail.com>, alexey.melnikov@isode.com, ben@nostrum.com, "Barry Leiba" <barryleiba@computer.org>, adam@nostrum.com, "Kurt Andersen" <kurta@drkurt.com>
In-Reply-To: <155350506670.22297.2525928721965597003@ietfa.amsl.com>
References: <155350506670.22297.2525928721965597003@ietfa.amsl.com>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/lVTCuFWIzy9L0XdXWaxDhFym06U>
Subject: Re: [secdir] [taugh.com-standards] Secdir last call review of draft-ietf-dmarc-eaiauth-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 10:57:57 -0000

On Mon, 25 Mar 2019, Leif Johansson via Datatracker wrote:
> The one issue I have is that the security considerations section claims
> that the proposed changes attempts to mitigate some security issues
> in email involving SPF, DMARC and/or DKIM but it is not obvious (at
> least not to me) exactly what this amounts to.
>
> Additional text in the document to clarify this point seems like a good idea.

Maybe I should just take that out.  The only issue it mitigates is that 
it makes DKIM and DMARC checks on EAI mail more reliable.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly