[Uta] TLSRPT mx-host-pattern
"Brotman, Alexander" <Alexander_Brotman@comcast.com> Mon, 16 July 2018 21:42 UTC
Return-Path: <Alexander_Brotman@comcast.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E32AA130E2E for <uta@ietfa.amsl.com>; Mon, 16 Jul 2018 14:42:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9NI0tyGe1qwX for <uta@ietfa.amsl.com>; Mon, 16 Jul 2018 14:42:48 -0700 (PDT)
Received: from copdcmhout01.cable.comcast.com (copdcmhout01.cable.comcast.com [162.150.44.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95B94130DF4 for <uta@ietf.org>; Mon, 16 Jul 2018 14:42:48 -0700 (PDT)
X-AuditID: a2962c47-7b5ff700000176b9-6f-5b4d1153514b
Received: from COPDCEX17.cable.comcast.com (Unknown_Domain [96.114.156.147]) (using TLS with cipher AES256-SHA256 (256/256 bits)) (Client did not present a certificate) by copdcmhout01.cable.comcast.com (SMTP Gateway) with SMTP id 2A.48.30393.3511D4B5; Mon, 16 Jul 2018 15:42:43 -0600 (MDT)
Received: from COPDCEX19.cable.comcast.com (147.191.124.150) by COPDCEX17.cable.comcast.com (147.191.124.148) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Mon, 16 Jul 2018 15:42:46 -0600
Received: from COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380]) by COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380%19]) with mapi id 15.00.1365.000; Mon, 16 Jul 2018 15:42:46 -0600
From: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
To: "uta@ietf.org" <uta@ietf.org>
Thread-Topic: TLSRPT mx-host-pattern
Thread-Index: AdQdTb34P63S/tH2RSeC8h/QDfepAA==
Date: Mon, 16 Jul 2018 21:42:45 +0000
Message-ID: <9e6cd065c0dd45f1aa760582656edec5@COPDCEX19.cable.comcast.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [68.87.29.10]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrEIsWRmVeSWpSXmKPExsWSUDRnsm6woG+0Qdd1I4tTR5sZHRg9liz5 yRTAGNXAaFOSUZSaWOKSmpaaV5xqx6WAAWySUtPyi1JdE4tyKoNSc1ITsSsDqUxJzcksSy3S x2qMPlZzErqYMg7Nf8NSMJmjYv1CoINWs3UxcnJICJhIPH13jB3EFhJYwSTx+HtgFyMXkH2I UWLavj52COcko0T7hbNMIFVsAlYSb/+3M4PYIgKKEi/+vAfrFhaQl3i7t58JIq4i8edeAxuE rSexdvJrVhCbRUBV4sfkS2BxXgEvif+rj4LFGQXEJL6fWgPWyywgLnHryXwmiOsEJJbsOc8M YYtKvHz8jxXCNpDYunQfC4QtL3Fkwj8WiF4diQW7P7FB2NoSyxa+ZobYJShxcuYTqHpxicNH drBOYBSdhWTdLCTts5C0z0LSvoCRZRUjr6GZkZ6hqYGeiYmeueEmRmDML5qm476D8cP52EOM AhyMSjy8WTy+0UKsiWXFlbnAYORgVhLhnVLtEy3Em5JYWZValB9fVJqTWnyIUZqDRUmc1+mw V7SQQHpiSWp2ampBahFMlomDU6qB0cqhNEnM4PYE3pD/pjLiv6cyPNq2dUrDvvdGl2rsNsaa SRXcUPpwqvC9kuIDYQe3Y8WrBR85959nFdKYH9/J1RzbedEwMPjA8vcCh0q8hYXvXVs0bUPo 7qqPWlJ6tVt8XN99a1+wfM/1rJDuqFPfV7hN76j7H3tUSW/+Uc1FLLP5GHt9PQ2YlFiKMxIN tZiLihMBmn6qv/UCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/a7NJ-9IiqapqTLHHAsaTuIGqRoQ>
Subject: [Uta] TLSRPT mx-host-pattern
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jul 2018 21:42:51 -0000
Hello,
While someone was beginning to write their code for TLSRPT, they noticed that mx-host-pattern is under specified.
o "mx-host-pattern": The pattern of MX hostnames from the applied
policy. It is provided as a string, and is interpreted in the
same manner as the "Checking of Wildcard Certificates" rules in
Section 6.4.3 of [RFC6125]. In the case of Internationalized
Domain Names ([RFC5891]), the domain MUST consist of the Punycode-
encoded A-labels ([RFC3492]) and not the U-labels.
https://tools.ietf.org/html/draft-ietf-uta-smtp-tlsrpt-23#section-4.4
So, the questions arises when for instance one is using MTA-STS and has two MX allowed patterns and how that should be noted in the report field. I'd like to suggest we use a JSON array, as the report is already in JSON. An alternate would be a simple string. I wanted to see if the WG had any objections to this change.
Thanks for your time.
--
Alex Brotman
Sr. Engineer, Anti-Abuse
Comcast
- [Uta] TLSRPT mx-host-pattern Brotman, Alexander
- Re: [Uta] TLSRPT mx-host-pattern Daniel Margolis
- Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern Brotman, Alexander
- Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern Nicolas Lidzborski
- Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern Viktor Dukhovni