Re: [Secdispatch] Proposal for scantxt; scanning opt-in/out, identification, verification, notification, and reporting
Eric Rescorla <ekr@rtfm.com> Sat, 03 December 2022 13:52 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C368C14CEE2 for <secdispatch@ietfa.amsl.com>; Sat, 3 Dec 2022 05:52:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.893
X-Spam-Level:
X-Spam-Status: No, score=-6.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PIKpY_D2dF6c for <secdispatch@ietfa.amsl.com>; Sat, 3 Dec 2022 05:52:36 -0800 (PST)
Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33172C14F75F for <secdispatch@ietf.org>; Sat, 3 Dec 2022 05:52:36 -0800 (PST)
Received: by mail-pj1-x1033.google.com with SMTP id b11so7385650pjp.2 for <secdispatch@ietf.org>; Sat, 03 Dec 2022 05:52:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=OxQlXhuusElw5jZDud/d4DotedSC2xpcADOMWZ8QejI=; b=Cll5hrEYZTeKBXo9mf//6cywKA//735ILLhMxUkxj56FqzsDweCL5es4wHEjgpeS5+ sng7Pt7FHNPvx1TFPcNJG+4t44peK6P0sPNUsC5x2xvgzxBksaBEikT9bkwaH16Wqtx6 f/lBnoYCngTEye/5L/IZxvsiYQLi6SdGB1JNlIRZInbUHpWfxDT2z2lg7hpuI5GrMjxw MJS/2yXJd2j4z5hO8oiRt/wbNNLAhAiNOUv4XvlX8uLKZbiJpfL9IGNAK57ejygyOh50 TiPMHm916VL+VCtm9nbxcHrXjx34mHYkwkpc3rFa4SeKkaHvVk65dOh1EQO7/9pJJ+uq XgmA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OxQlXhuusElw5jZDud/d4DotedSC2xpcADOMWZ8QejI=; b=dPTPSkaZ0JMJgxxDa658ZNjrG4mm6hyITlx9uyhlF9bgbYChGUaq1FwxnCwFzshaLo KT0+xRfN/83ZYf3qTDm4UkmnKIFNZxDf6RUZjjSpsnHXAKp7XGXazmfreqH+ptUOrH7f 8U0Qbs6jKqyRv0pe5PAftfWBQPAATPwKVYaDAaCBgXSzuQmbXtFGVwcCTE6bPKHDpNev Nud18wOAPPTEYaEBwh6TOX2BwySYsL99SrYHR/jLSnrf388tMdrdm4tzuFRlMGrKuXoo eRLFBP1ZXO7a8ciYFYHUWulLCvMS1jrvZwZqJ590I1o8smQO9STNQMLL6vM0EF8AUnPm n77w==
X-Gm-Message-State: ANoB5pk3Z3+SdEUspR1cXNwBrnfQVRLhUAeE81GWj/8Vg1WWHHPSXxGe PVdTHk/Jh4hIbm/6WoCZk0JVWpj02wmtV/cWvRdU0fF3xL3NYQ==
X-Google-Smtp-Source: AA0mqf79R02wOPCyPBhDQdYn7N9GkRLp90pllaDUdl7k4sZHLNGZ8wxDSRXLy8KfpfFFqhX2PPRPSbjTZoIjfjL0ZXs=
X-Received: by 2002:a17:90b:1102:b0:212:d76f:b9e6 with SMTP id gi2-20020a17090b110200b00212d76fb9e6mr84272758pjb.224.1670075555278; Sat, 03 Dec 2022 05:52:35 -0800 (PST)
MIME-Version: 1.0
References: <DpQ5uHELA0lH7BVEVwYLzRqEKkYJcW5Rgf9heoiLMD-qvhF-0x1xTsKQXCLf0M1umhYJqX8b-rvHlOt-cfnMPIUzcBFv1oFnnNEWbFy5GT8=@olliejc.uk>
In-Reply-To: <DpQ5uHELA0lH7BVEVwYLzRqEKkYJcW5Rgf9heoiLMD-qvhF-0x1xTsKQXCLf0M1umhYJqX8b-rvHlOt-cfnMPIUzcBFv1oFnnNEWbFy5GT8=@olliejc.uk>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 03 Dec 2022 05:51:59 -0800
Message-ID: <CABcZeBPHvzw53BgJp-FrrdRHHcpJQ97mXBV6_DHmnqj3YD1pjQ@mail.gmail.com>
To: Ollie IETF <ietf=40olliejc.uk@dmarc.ietf.org>
Cc: secdispatch <secdispatch@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000388cc505eeecc492"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/1FST1JLyvFqmF1PhUG4Gw7nNFEM>
Subject: Re: [Secdispatch] Proposal for scantxt; scanning opt-in/out, identification, verification, notification, and reporting
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Dec 2022 13:52:40 -0000
Hi Ollie, Sorry to bounce you around, but I think this belongs in DISPATCH, which is the analogous group over in the ART area. -Ekr On Sat, Dec 3, 2022 at 3:54 AM Ollie IETF <ietf=40olliejc.uk@dmarc.ietf.org> wrote: > Hi all, > > I'm still figuring out the IETF processes, so I'm hoping for a little > support and insight on how to progress a project. I think either a WG or > BOF is a good next step but I'm looking to understand what's involved and > what makes a well received group. > > The scantxt project (https://www.scantxt.org / https://github.com/scantxt) > I'm pulling together aims to develop a set of mechanisms for both scan > recipients (website/infrastructure operators) to indicate their preferences > and verify scans, and scanning tools to identify themselves and report > findings in a consistent way. > > There's a number of streams here (opt-in/out, identification, > verification, notification, and reporting) and so my thinking is they would > probably be developed separately but coordinated, so a WG makes sense to me? > > I've got quite a bit of notes/draft/examples up on the repo and site, but > I'm of course happy to delve into any of the detail here. > > Thanks, > Ollie > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch >
- [Secdispatch] Proposal for scantxt; scanning opt-… Ollie IETF
- Re: [Secdispatch] Proposal for scantxt; scanning … Eric Rescorla