IETF Logo Mail Archive

Re: [lamps] Proposed addition of header protection to the LAMPS charter

"John Levine" <johnl@taugh.com> Tue, 06 November 2018 04:57 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A5C41294D0 for <spasm@ietfa.amsl.com>; Mon, 5 Nov 2018 20:57:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.751
X-Spam-Level:
X-Spam-Status: No, score=-1.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=qEH4brWa; dkim=pass (1536-bit key) header.d=taugh.com header.b=tKfr22Wa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id opjh320lcUAo for <spasm@ietfa.amsl.com>; Mon, 5 Nov 2018 20:57:58 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1121126BED for <spasm@ietf.org>; Mon, 5 Nov 2018 20:57:57 -0800 (PST)
Received: (qmail 2838 invoked from network); 6 Nov 2018 04:57:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=b12.5be11f54.k1811; bh=34E3xEZrhPsCn4C/2RzV7U/3CH2LK/2Z87+ik30R/24=; b=qEH4brWaL2RLNB44B6Zd04mShXA3HK+m5Cuq1q/Ijm4myrDUfvwJP1e3aD4IIRcrwXw2yqREP7wloYZg/mWxYV2RogHpzOc+fBMzaQYuSewl7flwhKEKBaLG4wS3tBz/xkgrI8gDfleDPjLVKTZzIchy1W/uA3t3uRwMA1HBvDmH1RjKKfI3In4Zz4yB+V2rWQXggj9YdyIqh8Qk24WD5lSEAk+eQ1/0btPACSe+Hl7UINCN6Laz4TDpY66UwGvs
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=b12.5be11f54.k1811; bh=34E3xEZrhPsCn4C/2RzV7U/3CH2LK/2Z87+ik30R/24=; b=tKfr22Wac79juOyaKCe6dalMjsQY0J1vrfEnoeH6v7RbrgzOwY9NDouAZAKYymmVij7w46qyL9OQrpsrTBf0DW720OAB6mA1eZ7hj8ZItga3c0CWM2mGN+2lwnR9HlVtNrI2lstAGoyALYviY/xyXzra1e/txuJua1gesFWDFEfTc2SEcCM22qe73B/GjwrJghwDM4pQVeBoxRgIfYixzUsYR3nH2BJDkkNp8ZHMJCDeSFPIEhiQTR1yNs1fFlRV
Received: from dhcp-8071.meeting.ietf.org ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 06 Nov 2018 04:57:55 -0000
Received: by dhcp-8071.meeting.ietf.org (Postfix, from userid 501) id 7331F2007FC274; Tue, 6 Nov 2018 11:57:54 +0700 (+07)
Date: Tue, 06 Nov 2018 11:57:54 +0700
Message-Id: <20181106045754.7331F2007FC274@dhcp-8071.meeting.ietf.org>
From: John Levine <johnl@taugh.com>
To: spasm@ietf.org
Cc: housley@vigilsec.com
In-Reply-To: <DC188C55-6FDE-4E64-9151-54815E96B50B@vigilsec.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/-udpKtSLkSxynTpZ-YQy6hBqcEo>
Subject: Re: [lamps] Proposed addition of header protection to the LAMPS charter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Nov 2018 04:58:00 -0000

In article <DC188C55-6FDE-4E64-9151-54815E96B50B@vigilsec.com> you write:
>3) If it results in an RFC, would you implement?

Not to be an old grouch or anything, but anything that affects mail
user interfaces is dismayingly hard to do well and easy to do in ways
that nobody wants to use.  When we were looking at anti-DMARC hacks
for the IETF mailing lists I wrote a mail reflector that wrapped
messages in various ways and sent them back so people could see how
they looked in their mail programs.  The only thing that was
consistent from one MUA to another was that they looked awful.

I think header protection is a fine idea, but without some code to try
and see if it's usable, we're far too likely to end up with yet
another paper spec.

R's,
John

v2.23.0 | Report a Bug | By Email