Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations

Sun, 26 Jul 2020 10:50:11 -0700 

On 7/26/2020 10:10 AM, Jim Fenton wrote:


On 7/26/20 6:42 AM, Dave Crocker wrote:


On 7/21/2020 12:32 PM, Dotzero wrote:


    The original DMARC effort was, in fact, to detect actual cases of
    spoofing, namely unauthorized use of a domain name by outside
    actors.

    Different problem.



Actually, part of the effort was to enable Sending domains to 
identify their own mail that was being sent without aligned DKIM 
signing or from places not authorized through SPF - in other words, 
not properly authorized but legitimate, hence feedback loops.



As I recall, this was /not/ part of the original purpose of DMARC, 
which was discussed strictly in terms of mail from bulk senders.



What you describe was,  rather, the basis for the later use, which is 
what then started causing problems for mail going through Mediators.



Just identifying their own mail their own email that was sent...: Yes, 
that's always been part of the original purpose of DMARC, and is the 
purpose of the reporting mechanisms. Yes,





Looking over the original I-D posted for DMARC -- which was written 
after DMARC was already functioning, from work outside the IETF -- I'm 
unclear where this goal of "identify[ing] their own mail that was being 
sent without aligned DKIM signing" is clearly explained.(*)


Rather, note:


2.  Introduction

....

    This memo defines Domain-based Message Authentication, Reporting and
    Compliance (DMARC), a mechanism by which email operators leverage
    existing authentication and policy advertisement technologies to
    enable both message-stream feedback and enforcement of policies
    against unauthenticated email.


and


3.1.  High-Level Requirements

    At a high level, DMARC is designed to satisfy the following
    requirements:

    o  Minimize false positives.

....

    o  Reduce the amount of successfully delivered phish.




(Caveat: None of the text I've excised explicity supports this claimed 
use.  To the extent someone thinks it or any other text in this draft 
does demonstrate that intended use, please explain how that 
interpretation is clear from the text in the draft.)



d/



(*) 
https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/00/?include_text=1


--
Dave Crocker
Brandenburg InternetWorking
bbiw.net


_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc























					Reply via email to