IETF Logo Mail Archive

Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy removal.

Daniel Margolis <dmargolis@google.com> Fri, 11 August 2017 02:14 UTC

Return-Path: <dmargolis@google.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D8A813244C for <uta@ietfa.amsl.com>; Thu, 10 Aug 2017 19:14:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aQjoB5PAOBZ4 for <uta@ietfa.amsl.com>; Thu, 10 Aug 2017 19:14:12 -0700 (PDT)
Received: from mail-ua0-x235.google.com (mail-ua0-x235.google.com [IPv6:2607:f8b0:400c:c08::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7A68132440 for <uta@ietf.org>; Thu, 10 Aug 2017 19:14:11 -0700 (PDT)
Received: by mail-ua0-x235.google.com with SMTP id d29so10302746uai.2 for <uta@ietf.org>; Thu, 10 Aug 2017 19:14:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=dBV/LyJAIwn38NCadrk0asIKDlEk2TsE2mPywTcs0EQ=; b=rB+jE2dJ5PQ+GnMSzZhXj9Hc+7b/j7KT/PkGsM0ZOvaxw4xWf1CXY/QR34mKIt+x+g FpGYiiRAbTRqwejJPJrHKzu1UpasH1t+fB5tRpODzeta06vFNslhl1dAfNWoKs8Nk5Yc yhVrrSIpt5+QC8a0fbCT+CwN8sury2+laUa3frFuk18DH2xFsPX9asu87UJiewzhM6uS Q5CSDz0RpPEBimO3EWBF/0q1tBcmt3rRAZtffbOpHMH8fmokWThzPu/lFFCDK2/x57hU qfirQSK0Trm8I+dFF3qdRBRM8hXsHowWRdipwFwbDObrk7UBYDkP/kZhjbRnJwQdJ/L5 UkUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=dBV/LyJAIwn38NCadrk0asIKDlEk2TsE2mPywTcs0EQ=; b=LPGfMzXZVfgE3zr/+J6mp7R21XYYdNd4baMEfAMO4ezQ4yzb/cIj/i4VJOnKjpGdWw kWkbSH2Z5CzyUU+glnMxhmAp0u8O42urRnIfw4RaGzOK4xtmZafgewMlmzluWR/MY3Ex OG0YPcR+tL00tmr0ICDM615s4ikYmJU4SDvvoyooSdfj/Jnad4V9sfDp89MLitSnjaRZ aHmlMUjt02CBg7oLjYrUZ++xCnaD45yjlGiKrlacxSqwk9fOT4pjRBW1dGpXme1d3JPf YqE3eccVVG6zj/EFMWVPRZbah8yjKcdhn25qXCZNA2t7VHwOfeHQ6m7q0MWIsyHy0AS0 hqAQ==
X-Gm-Message-State: AHYfb5hzRbEZOdO5mM4jHHz818Rd1wJzAbLoGlXg1t1jz8jKJbl0uhcq VuhL5LZloA3seNzrPdlxciQoiMJwYw4C43M=
X-Received: by 10.176.1.169 with SMTP id 38mr10250062ual.32.1502417650446; Thu, 10 Aug 2017 19:14:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.161.142 with HTTP; Thu, 10 Aug 2017 19:14:09 -0700 (PDT)
In-Reply-To: <80d8938a-2b27-9ba9-985c-54c688b215fe@bluepopcorn.net>
References: <9408F973-F6F0-41CD-9A81-82185686E24C@dukhovni.org> <CANtKdUc6PaDyBOcG_LhvezbnZ8JEv=xFf=MosQWSY8dg4MxjLg@mail.gmail.com> <20170809174827.GQ8146@mournblade.imrryr.org> <CANtKdUdqHM-bu_Z_GVcCN_Jca9SNNNdBkQKPOOtX_a=zW_EJZA@mail.gmail.com> <20170809183310.GU8146@mournblade.imrryr.org> <CANtKdUcqcoKjRctyGJ6Qc41vOxEvt8Knzjc6CZGn-0jqN9g5BA@mail.gmail.com> <6050C765-D3FB-4037-930A-43FE00A5CB89@dukhovni.org> <CANtKdUcc5mBNeUd9kPg_VemcbX4vdDwfvVgoXrr=nQtYLDeStQ@mail.gmail.com> <20170810174656.GX8146@mournblade.imrryr.org> <62416269-a781-0642-f339-5f5ebbbb4146@bluepopcorn.net> <20170810230738.GE8146@mournblade.imrryr.org> <80d8938a-2b27-9ba9-985c-54c688b215fe@bluepopcorn.net>
From: Daniel Margolis <dmargolis@google.com>
Date: Thu, 10 Aug 2017 19:14:09 -0700
Message-ID: <CANtKdUdz5LmhLFsaFURu9yxjirRevfAY3eD9=U451gZ5NpW0LQ@mail.gmail.com>
To: Jim Fenton <fenton@bluepopcorn.net>
Cc: uta@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="001a11c15c166358a1055670de11"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/WytYVMLKNLtib2SoxkpBBg4Z7y8>
Subject: Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy removal.
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Aug 2017 02:14:14 -0000

Right. It has no real impact on the state machine (so to speak) but makes
it possible for the recipient to remove the TXT record immediately, should
they desire.

I'm open to feedback from other people. This still seems weird to
me--mostly aesthetically--in the sense that a "none" policy is still a
policy but a non-existent TXT record is not a TXT record, so it sort of
violates my assumption that if you have a valid policy you have a TXT
record. But this is mostly aesthetics, so feedback is welcome.

On Thu, Aug 10, 2017 at 4:36 PM, Jim Fenton <fenton@bluepopcorn.net> wrote:

> On 8/10/17 4:07 PM, Viktor Dukhovni wrote:
> >
> > Under that condition, there's no need to wait to remove the TXT
> > record, removal of the record (being a change in the record) will
> > in this variant of the design trigger a refresh, and the sending
> > MTA will see a "none" policy and proceed to promptly flush it.
> >
> That's the part I didn't get: that an NXDOMAIN or NODATA response was
> also considered to be a record change that triggers a refresh. Thanks.
> That isn't immediately obvious because the lack of a TXT record when you
> don't already have a policy cached inhibits fetch of the policy.
>
> -Jim
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta
>

v2.23.0 | Report a Bug | By Email