Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

Fri, 18 Aug 2017 17:27:07 -0700 

On Sat, 19 Aug 2017, at 04:10, Murray S. Kucherawy wrote:
> On Fri, Aug 18, 2017 at 10:08 AM, Dave Crocker
> <dcroc...@gmail.com> wrote:>> On 8/18/2017 10:00 AM, Seth Blank wrote:
>>>
>>> Right now, we've got deployed code that we know works and improves
>>> the landscape. Everything else is - rightly or wrongly - conjecture.>> 
>> 
>> Personal Point of order:
>> 
>>     Using an 'installed base' argument for a brand new specification
>>     that is still in development and has minuscule deployment is not
>>     appropriate, in spite of having a long and storied history of
>>     being used to resist a proposal.>> 
>>     What's supposed to happen with a proposal is an evaluation of its
>>     technical and functional merits.>> 
>> 
>>  The entire point behind bringing a nascent specification to the IETF
>>  is to get review and suggestions from a wider audience.> 
> While I would normally agree firmly with that position, my view in
> this case is softer given what I believe was consensus (I'm not the
> chair, so that's not my call officially) that we're going to go for
> Experimental status.> 
> I submit that our primary mission here per our charter is to come up
> with a mechanism that mitigates DMARC's damage to mailing lists.  The
> claim that ARC as designed over-engineers a solution seems secondary
> to me; the question we need to answer is "Can this mitigate the
> damage?"  With or without Bron's reduced design, that's the question
> before us.
Yes, this is the crux of the question. 

> The "snake oil" claim may be true but it's orthogonal to that core
> question, and moreover points to the way we describe what exactly ARC
> provides ("chain of custody" is clearly not appropriate given that we
> are no longer sure what that actually covers), independent of whether
> it tells us enough to solve the question at hand.> 
> Accordingly, I would suggest we continue to deploy and experiment with
> the specification as-is, because there are implementations now, until
> we've determined that ARC as currently defined does or does not
> address DMARC's mailing list issues.  I also suggest that an appendix
> be added acknowledging that the super-crypto of ARC-Seal may be
> superfluous, and at the conclusion of the experiment we can make a
> decision about removing it and moving more toward what Bron's
> suggesting.> 
> Of course, the danger of proceeding along that line is that we do
> establish a deployed base, however small, that will be difficult to
> change later.  I don't know the answer to that question immediately,
> and admittedly I'm only going to be on the periphery of cleaning up
> whatever mess results.
Well, let's have a look at the question - can ARC mitigate the damage?
It depends what p=reject means.
Right now Brandon can't email this list with his bl...@google.com
address, because google.com publishes a p=reject record.  If the
list supported ARC, he could email this list and receivers which
supported ARC would accept the email from the list despite the
p=reject record.  Yay.
I could also take a message from the list, rewrite the subject and
content to be my own, sign it with my own key from my own domain, send
that to somebody as it if had come from Brandon, and assuming they
supported ARC, they would also accept that email, depite the p=reject
record.  Boo.
p=reject no longer stopped me sending a fraudulent email claiming to be
from Brandon with a "From:" of his official work address.
The receving site now needs to run heuristics including content analysis
and trust metrics on every hop in the ARC chain to determine whether to
accept the message.  That's fine, but we've basically mitigated DMARC
breakage of mailing lists by rolling back the meaning of DMARC p=reject.
Anyone can create an ARC seal on any email.  It doesn't even have to
have an original ARC seal on it.  Attached is an email which purports to
be from Brandon and has a valid ARC-Seal on it (assuming my code works
correctly - it adds the c= parameter now after Seth pointed out that
opendkim doesn't handle leaving it out).  Somebody from Google might be
able to tell which email I based this on (an email on Aug 9th to this
list and CCd to me which then got resent from a different address)
This will be accepted by an ARC-aware receiver unless I'm on a
blacklist, despite the p=reject.
Creating a new domain and putting a key in its DNS is pretty trivial -
so I guess the question is, what is ARC  doing other than rolling back
DMARC p=reject entirely?  We'd better think about that deeply, because
spammers/scammers sure will be.
Bron.

--
  Bron Gondwana, CEO, FastMail Pty Ltd
  br...@fastmailteam.com



ARC-Seal: i=1; a=rsa-sha256; cv=pass; d=brong.net; s=fm1; bh=47DEQpj8HBS
        a+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=y0Ij74LsWe7dYsdSS95iwW6T8Xn
        w7bs/W8U2dvtKNtK3lJi+IBiS0eluFbRG+O6RRrNI9oOXiTN9sY1sIbLjjmv54hv
        K9wbKePCMVxlHz0J/OxBmmwxgLkijKY9J9WxmW6I/N+BTeVZCCkJPYdJknReSwCA
        eQV9esMQ8F37VPbw5v6v1WWgWJc1Ek8QwDJtp/8HiU0EFyE0qhsG6J1iycRBlQDJ
        C922mPXaaiAipyaPz8Q+8AzLPhZuRhuf4tokB/F1PxoOFEvwhfWMei/nsuQsmgao
        WGKdgLnFVFqrmab+FG2LtRJuVR5T3cvj7mws6CHyGMPTkF7waSkcYZV6MDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
        brong.net; h=mime-version:from:date:message-id:subject:to
        :content-type; s=fm1; bh=yc/WzJkj2Jebh/skY+sjYk6WdgKJG9IL0XrjVi9
        CcBI=; b=agpA33dRPlLBJ7Bri5/92pieKZpXHQ9HkOaeTFFJZ3yH8MDqZbkQkVu
        KAZkH7gE2eLWYLQM+JZvaRSjdED1ErNb9rwwTGmRZWwqRMZr9vXFiNusLTY7UDyL
        Q3G6CEuiydLiX06W8qcWWSoOdmNC/Smxbo59obHkMSBtQNnsPgh48L8tiRnhe61o
        oaDrIfAKrfZ8fqPd67pOIeHDAmw+xk+Cei1nkV42hPf7wwjsjUlMluNZ5H9tbymA
        KCvO910/6R6n7OCm3snu2XCLebUCQGav4Dlc86EdJgT6DvJfhVwr/3ZUP8IF/p/A
        vmto9qtwzyYT06+RJUETOzBznb6lFGw==
ARC-Authentication-Results: i=1; mx2.messagingengine.com;
    dkim=pass (2048-bit rsa key sha256) header.d=google.com 
header.i=@google.com header.b=G3CJSNOC;
    dmarc=pass header.from=google.com;
    spf=pass smtp.mailfrom=bl...@google.com smtp.helo=mail-oi0-f52.google.com;
    x-google-dkim=pass (2048-bit rsa key) header.d=1e100.net 
header.i=@1e100.net header.b=JzPbB9xE
Authentication-Results: mx2.messagingengine.com;
    dkim=pass (2048-bit rsa key sha256) header.d=google.com 
header.i=@google.com header.b=G3CJSNOC;
    dmarc=pass header.from=google.com;
    spf=pass smtp.mailfrom=bl...@google.com smtp.helo=mail-oi0-f52.google.com;
    x-google-dkim=pass (2048-bit rsa key) header.d=1e100.net 
header.i=@1e100.net header.b=JzPbB9xE
Received-SPF: pass
    (google.com: Sender is authorized to use 'bl...@google.com' in 'mfrom' 
identity (mechanism 'include:_spf.google.com' matched))
    receiver=mx2.messagingengine.com;
    identity=mailfrom;
    envelope-from="bl...@google.com";
    helo=mail-oi0-f52.google.com;
    client-ip=209.85.218.52
Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com [209.85.218.52])
    (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
    (No client certificate requested)
    by mx2.messagingengine.com (Postfix) with ESMTPS
    for <br...@fastmailteam.com>; Wed,  9 Aug 2017 20:41:33 -0400 (EDT)
Received: by mail-oi0-f52.google.com with SMTP id f11so61750290oic.0
        for <br...@fastmailteam.com>; Wed, 09 Aug 2017 17:41:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=zY6dOeP3lL/8mCwUAq9ZEU6EaMfRrz9eisb5jFNCkAw=;
        b=G3CJSNOCG9sLfnnGmry0JAs11TRpAqafvhh7jPGhl+Vh2PqGTzuc7w6pRvLydgHU7E
         Crumod4uxR3LDMKVuksWKAzDbhnzGNSha0voxk4EyTCWmput8UBYQX+lYIdsWfcCaaR4
         yPViPP1RsIhjAEFflgRbnyLvivSzIkJ6PbEsUH0NlIJdfxUII1Rplohat4u9UHyhQ7bC
         8MWNxjvFZa47Fj9vDOae8onvR8BzDWDOSrzQb2F/lvspb9OL8v1pgZwnszdBlgRoqc4D
         IKEKKFim6BzVWeUdtU69+/cwEPfudPdhwf+AyEAT2kXROYQeTDRQyK0zxIfXYMmA7hN4
         z/dA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=zY6dOeP3lL/8mCwUAq9ZEU6EaMfRrz9eisb5jFNCkAw=;
        b=JzPbB9xEK+LzAava8efLvk0kQWSjm9DoyROazpnNJwlpWa6LqGZaBtMtUWcng4YKpO
         npybYO06Kt6/c3umeAr1Fo6XPJFhyUSK1Bd17JkuS6+9qLSeFRf7qiVtcnCqRqg5uGV1
         ZTohyTtipjJMfARtEUfBrJUm+TAYgAh/a0//OqG1QcGGf73mOfxzcUr+R+3aoeBeJL5z
         yZ8+CP+ZhgaH9U6Hc8jkFl2r+nGDY+jpMTZJWrHfp/DKKazVLsZvq4oTEvqjAgj2K/2s
         jsnWBDJx7FYHahdFlSk8LefiZaSwXNGCUAOp/v/bZ6As8o6bATex1Sp5TvrBc8MQ5OWU
         Scsg==
X-Gm-Message-State: AHYfb5hakMnae+mLFQIlhsPp2PUS3gT6NXZYJN6PQxQ0Tpa16Qq/OMKD
    1HlBo+X7sm9plWQlTp9DvvlyWb6AVUaNqaU=
X-Received: by 10.202.184.8 with SMTP id i8mr11298846oif.266.1502325691539;
 Wed, 09 Aug 2017 17:41:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.154.51 with HTTP; Wed, 9 Aug 2017 17:41:29 -0700 (PDT)
Received: by 10.74.154.51 with HTTP; Wed, 9 Aug 2017 17:41:29 -0700 (PDT)
From: Brandon Long <bl...@google.com>
Date: Fri, 18 Aug 2017 12:41:29 -0700
Message-ID: <c2ba8r6vkw0thnagrbykz9j8yg3gsiyd11ued2yug7sjmmp2...@mail.gmail.com>
Subject: this is a fake message
To: dmarc@ietf.org
Content-Type: text/plain; charset="UTF-8"

This is a fake message

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to