IETF Logo Mail Archive

Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern

"Brotman, Alexander" <Alexander_Brotman@comcast.com> Thu, 19 July 2018 18:18 UTC

Return-Path: <Alexander_Brotman@comcast.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9772D130E20 for <uta@ietfa.amsl.com>; Thu, 19 Jul 2018 11:18:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MjT5no0UBjIA for <uta@ietfa.amsl.com>; Thu, 19 Jul 2018 11:18:25 -0700 (PDT)
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8A79130E1D for <uta@ietf.org>; Thu, 19 Jul 2018 11:18:24 -0700 (PDT)
X-AuditID: 60729ed4-ef86a70000006f94-88-5b50d5ebd2d4
Received: from COPDCEX22.cable.comcast.com (Unknown_Domain [96.114.156.147]) (using TLS with cipher AES256-SHA256 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 4C.8A.28564.BE5D05B5; Thu, 19 Jul 2018 12:18:19 -0600 (MDT)
To: undisclosed-recipients:;
Received: from COPDCEX19.cable.comcast.com (147.191.124.150) by COPDCEX22.cable.comcast.com (147.191.124.153) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Thu, 19 Jul 2018 12:18:15 -0600
Received: from COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380]) by COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380%19]) with mapi id 15.00.1365.000; Thu, 19 Jul 2018 12:18:15 -0600
From: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
CC: "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [EXTERNAL] Re: [Uta] TLSRPT mx-host-pattern
Thread-Index: AdQdTb34P63S/tH2RSeC8h/QDfepAAAtyGUAAGH4YnA=
Date: Thu, 19 Jul 2018 18:18:15 +0000
Message-ID: <4e1bc446093a4b31afd0abd1d502db7f@COPDCEX19.cable.comcast.com>
References: <9e6cd065c0dd45f1aa760582656edec5@COPDCEX19.cable.comcast.com> <CANtKdUfqaaS0wswN5ZOb4_TpTJws2cShYccHiVujWpnu7m+FQw@mail.gmail.com>
In-Reply-To: <CANtKdUfqaaS0wswN5ZOb4_TpTJws2cShYccHiVujWpnu7m+FQw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [96.114.156.8]
Content-Type: multipart/alternative; boundary="_000_4e1bc446093a4b31afd0abd1d502db7fCOPDCEX19cablecomcastco_"
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrMIsWRmVeSWpSXmKPExsWSUDRnsu7rqwHRBnceaFucOtrM6MDosWTJ T6YAxqhwm6LU4tKk3MwSheLUorLM5FRbpeTEYiU7LgUMAFSak5pYnOqYXJKZn1esj6HGRh9m mF1CeMb2i+IFLSEVz+89ZWtgvBPYxcjBISFgIrFhtXQXIxeHkMAKJolFd/+zdjFycogIyEjM nf2YFSJxiFHi8eXvbBDOSUaJN0sesYNUsQlYSbz9384MYjMLKEpsWXgdrFtYwEKi4/FiFohJ lhK3N21jhLCtJLb9mAgWZxFQlXh+4h4LyBW8Al4SH1cUQsyfyCgx9ftqNpAaToFAiTfn14DV MwqISXw/tYYJYpe4xK0n88FsCQEBiSV7zjND2KISLx//Y4WwDSS2Lt3HAmErSGzfv40Fojdf YuHku2A1vAKCEidnPoGqEZc4fGQH6wRG8VlIVsxC0jILScssoLOZBTQl1u/SnwX1/ZTuh+wQ toZE65y57MjiCxjZVzHyWZrpGRqa6BmaWugZGRptYgQnhXlXdjBenu5xiFGAg1GJh1fseEC0 EGtiWXFlLjDYOZiVRHgLNgCFeFMSK6tSi/Lji0pzUosPMUpzsCiJ8246ApQSSE8sSc1OTS1I LYLJMnFwSjUwnpTc8Gfm32mPj/sdWpl4yEdc7uvOVo1NRR+qnWufrdMKuP1VvPOg04JtvplW NxO7G2PPiuwLvVdUo5r96UrsMfsgi4u6Nn+lrK71Vze/aZ549Hb/YrVnN+6uKWrTSDeRP120 aU2s5vFtD3cWX912aUPr3H3HFMtWSLZ5fLCd/cliYlr2u45rZ5VYijMSDbWYi4oTAdCDn0EG AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/NFd-GpqAFYaKcsZPFJOR3WWCNK4>
Subject: Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jul 2018 18:18:28 -0000

Hello,

Should that count as a consensus, or would others like additional information?

Thank you

--
Alex Brotman
Sr. Engineer, Anti-Abuse
Comcast

From: Daniel Margolis [mailto:dmargolis@google.com]
Sent: Tuesday, July 17, 2018 9:32 AM
To: Brotman, Alexander <Alexander_Brotman@cable.comcast.com>
Cc: uta@ietf.org
Subject: [EXTERNAL] Re: [Uta] TLSRPT mx-host-pattern

+1 for a JSON array.

On Mon, Jul 16, 2018 at 11:43 PM Brotman, Alexander <Alexander_Brotman@comcast.com<mailto:Alexander_Brotman@comcast.com>> wrote:
Hello,

While someone was beginning to write their code for TLSRPT, they noticed that mx-host-pattern is under specified.

   o  "mx-host-pattern": The pattern of MX hostnames from the applied
      policy.  It is provided as a string, and is interpreted in the
      same manner as the "Checking of Wildcard Certificates" rules in
      Section 6.4.3 of [RFC6125].  In the case of Internationalized
      Domain Names ([RFC5891]), the domain MUST consist of the Punycode-
      encoded A-labels ([RFC3492]) and not the U-labels.

https://tools.ietf.org/html/draft-ietf-uta-smtp-tlsrpt-23#section-4.4

So, the questions arises when for instance one is using MTA-STS and has two MX allowed patterns and how that should be noted in the report field.  I'd like to suggest we use a JSON array, as the report is already in JSON.  An alternate would be a simple string.  I wanted to see if the WG had any objections to this change.

Thanks for your time.

--
Alex Brotman
Sr. Engineer, Anti-Abuse
Comcast


_______________________________________________
Uta mailing list
Uta@ietf.org<mailto:Uta@ietf.org>
https://www.ietf.org/mailman/listinfo/uta

v2.23.0 | Report a Bug | By Email