Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy removal.
Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 10 August 2017 23:07 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 419761326D6 for <uta@ietfa.amsl.com>; Thu, 10 Aug 2017 16:07:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S6SFMo6i7NAz for <uta@ietfa.amsl.com>; Thu, 10 Aug 2017 16:07:39 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [108.5.242.66]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9948F1326D3 for <uta@ietf.org>; Thu, 10 Aug 2017 16:07:39 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id B05B67A3309; Thu, 10 Aug 2017 23:07:38 +0000 (UTC)
Date: Thu, 10 Aug 2017 23:07:38 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: uta@ietf.org
Message-ID: <20170810230738.GE8146@mournblade.imrryr.org>
Reply-To: uta@ietf.org
References: <9408F973-F6F0-41CD-9A81-82185686E24C@dukhovni.org> <CANtKdUc6PaDyBOcG_LhvezbnZ8JEv=xFf=MosQWSY8dg4MxjLg@mail.gmail.com> <20170809174827.GQ8146@mournblade.imrryr.org> <CANtKdUdqHM-bu_Z_GVcCN_Jca9SNNNdBkQKPOOtX_a=zW_EJZA@mail.gmail.com> <20170809183310.GU8146@mournblade.imrryr.org> <CANtKdUcqcoKjRctyGJ6Qc41vOxEvt8Knzjc6CZGn-0jqN9g5BA@mail.gmail.com> <6050C765-D3FB-4037-930A-43FE00A5CB89@dukhovni.org> <CANtKdUcc5mBNeUd9kPg_VemcbX4vdDwfvVgoXrr=nQtYLDeStQ@mail.gmail.com> <20170810174656.GX8146@mournblade.imrryr.org> <62416269-a781-0642-f339-5f5ebbbb4146@bluepopcorn.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <62416269-a781-0642-f339-5f5ebbbb4146@bluepopcorn.net>
User-Agent: Mutt/1.7.2 (2016-11-26)
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/_WL97Muh8OAZDiitNv_5865Ocb8>
Subject: Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy removal.
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2017 23:07:41 -0000
On Thu, Aug 10, 2017 at 03:56:29PM -0700, Jim Fenton wrote: > I have been following the discussion, although not in as much detail as > the two of you. > > One small adjustment: When removing the policy, after removing the TXT > record, you should probably wait the former record's TTL before removing > the "none" policy because the TXT record could be cached elsewhere, even > if it looks like it's gone when you ask for it. Actually, not so much the DNS record's TTL, but the max_age of any previous "!= none" policy. All other policies need to expire will all caches having "none" (or be cleared) before the "none" policy is removed. Under that condition, there's no need to wait to remove the TXT record, removal of the record (being a change in the record) will in this variant of the design trigger a refresh, and the sending MTA will see a "none" policy and proceed to promptly flush it. However, since refresh will often only happen in the background when delivering mail to the domain in question, not all domains will do the refresh in a timely manner, hence the "max_age" delay to remove the policy. > At a higher level: I agree that including a procedure policy removal is > an essential part of the specification. But we also have to make sure > that that procedure doesn't present an opportunity for an attacker to > downgrade the policy associated with a recipient domain. I *think* this > satisfies this requirement but I'm not completely sure. Agreed. My goal was to make sure that deliberate removal "by the book" can be distinguished from an attack. And thus that MTAs would be able to noisily log "abnormal" policy refresh failure, while not generating any warnings for the proper policy removal procedure. -- Viktor.
- [Uta] I-D Action: draft-ietf-uta-mta-sts-07.txt internet-drafts
- [Uta] draft-ietf-uta-mta-sts-07 STS policy remova… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Ilari Liusvaara
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Ilari Liusvaara
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Peter Gutmann
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Jim Fenton
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Viktor Dukhovni
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Jim Fenton
- Re: [Uta] draft-ietf-uta-mta-sts-07 STS policy re… Daniel Margolis