IETF Logo Mail Archive

Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern

Nicolas Lidzborski <nlidz+ietf@google.com> Fri, 20 July 2018 06:21 UTC

Return-Path: <nlidz@google.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6235130EA7 for <uta@ietfa.amsl.com>; Thu, 19 Jul 2018 23:21:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.009
X-Spam-Level:
X-Spam-Status: No, score=-17.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ukoq7uMOL2I3 for <uta@ietfa.amsl.com>; Thu, 19 Jul 2018 23:21:27 -0700 (PDT)
Received: from mail-ua0-x233.google.com (mail-ua0-x233.google.com [IPv6:2607:f8b0:400c:c08::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DF68130E74 for <uta@ietf.org>; Thu, 19 Jul 2018 23:21:27 -0700 (PDT)
Received: by mail-ua0-x233.google.com with SMTP id y10-v6so6800796uao.4 for <uta@ietf.org>; Thu, 19 Jul 2018 23:21:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=N94Cs4Q3j1fgsesB/vgBtMl/S+5Ant+CCEpYchzPoMc=; b=mSiKP+XouU8D502re3SU9MdkRo8STjDWyp5SYrx6e6TfJodOZprlqnukgrgtf6EwLr kKBuxC6Op1WfnS098BI30NoXnEWEZiifsMvv2bqmD9HDKoUicPBQwW54B/u1LKrfzMNx GR+JU9FruB7zs0vz7LUqLhICKunPBakb1ollkEsHKQuE0RPgOz4ADKW4IMTY2lbtrchA 7fm6ACvWeUPePuLP9giW2WK7J1p+ZAyWu72NVCtN6t0Pg/UvjbhYaEi6tXPxeIdgBs1r b7p6j0wZXEIiSKgO9LjX0c0nzxcjd1k1TcbhmBgtA+2M7EFBLYEcaWpVE75p/pDaUjeG oRBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=N94Cs4Q3j1fgsesB/vgBtMl/S+5Ant+CCEpYchzPoMc=; b=j5uOIvAAZXthhLe3b1n4HIr4ahiWHriTG6c1K8Vu8pCLONfP3S2WLoFklR6uc5XKL0 1QkDXaKnwgWLbs7NGGVi58asqQ0iSCnhP6RbrFenz1DPUwk9zPtiisaT5qV1NzqyAyBv /Wz8aX6mZdWbQUXFNfNPgm0u7Mw/L6BQWm+0dTC02xtaMWtX8eM3lSJqtopbU9woM/nw VJ4wn7AzkvG88wErnrwllZNbbF+pPfckTb8UZPw1labsQ75IgkyPZCkpTDfw6aC4+WYp p5amjldSs2js8y+cXCxa/lF0UnVZbWcd2LQ9INnTieN4Pl3CryUI0qfmmSRFauE0fhtq lCow==
X-Gm-Message-State: AOUpUlG5jKAo0U+NFb+GTZAQE8JroX7zDBralXKEQLgZ7kE7H/vTccIM a44OC7YKvxzs7hESQE0wawhBtWYXEEjpyN4flFN2xg==
X-Google-Smtp-Source: AAOMgpfIyzk/emvujjueyBMZPOW8Ao917X72wTQqgmK0UrlVNtWx1MXaPsgDYsmgr/gLxgCMFjx+iBVVMDZqHxg/Xb4=
X-Received: by 2002:ab0:42a6:: with SMTP id j35-v6mr447802uaj.143.1532067685583; Thu, 19 Jul 2018 23:21:25 -0700 (PDT)
MIME-Version: 1.0
References: <9e6cd065c0dd45f1aa760582656edec5@COPDCEX19.cable.comcast.com> <CANtKdUfqaaS0wswN5ZOb4_TpTJws2cShYccHiVujWpnu7m+FQw@mail.gmail.com> <4e1bc446093a4b31afd0abd1d502db7f@COPDCEX19.cable.comcast.com>
In-Reply-To: <4e1bc446093a4b31afd0abd1d502db7f@COPDCEX19.cable.comcast.com>
From: Nicolas Lidzborski <nlidz+ietf@google.com>
Date: Thu, 19 Jul 2018 23:20:56 -0700
Message-ID: <CAAYYu_uXkSAoREKeq9QPRs=g=9_X03H+ENCNYy8KWncuRa27WQ@mail.gmail.com>
To: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
Cc: uta@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002c60c70571684e6e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/gLtrknxWA4m6OelccHr6_gREdOM>
Subject: Re: [Uta] [EXTERNAL] Re: TLSRPT mx-host-pattern
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 06:21:30 -0000

Sounds good to me.
Should we specify  the order of the MX in JSON array to be the same as the
applied policy?

On Thu, Jul 19, 2018 at 11:18 AM Brotman, Alexander <
Alexander_Brotman@comcast.com> wrote:

> Hello,
>
>
>
> Should that count as a consensus, or would others like additional
> information?
>
>
>
> Thank you
>
>
>
> --
>
> Alex Brotman
>
> Sr. Engineer, Anti-Abuse
>
> Comcast
>
>
>
> *From:* Daniel Margolis [mailto:dmargolis@google.com]
> *Sent:* Tuesday, July 17, 2018 9:32 AM
> *To:* Brotman, Alexander <Alexander_Brotman@cable.comcast.com>
> *Cc:* uta@ietf.org
> *Subject:* [EXTERNAL] Re: [Uta] TLSRPT mx-host-pattern
>
>
>
> +1 for a JSON array.
>
>
>
> On Mon, Jul 16, 2018 at 11:43 PM Brotman, Alexander <
> Alexander_Brotman@comcast.com> wrote:
>
> Hello,
>
> While someone was beginning to write their code for TLSRPT, they noticed
> that mx-host-pattern is under specified.
>
>    o  "mx-host-pattern": The pattern of MX hostnames from the applied
>       policy.  It is provided as a string, and is interpreted in the
>       same manner as the "Checking of Wildcard Certificates" rules in
>       Section 6.4.3 of [RFC6125].  In the case of Internationalized
>       Domain Names ([RFC5891]), the domain MUST consist of the Punycode-
>       encoded A-labels ([RFC3492]) and not the U-labels.
>
> https://tools.ietf.org/html/draft-ietf-uta-smtp-tlsrpt-23#section-4.4
>
> So, the questions arises when for instance one is using MTA-STS and has
> two MX allowed patterns and how that should be noted in the report field.
> I'd like to suggest we use a JSON array, as the report is already in JSON.
> An alternate would be a simple string.  I wanted to see if the WG had any
> objections to this change.
>
> Thanks for your time.
>
> --
> Alex Brotman
> Sr. Engineer, Anti-Abuse
> Comcast
>
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta
>

v2.23.0 | Report a Bug | By Email