Re: [dmarc-ietf] my forward signer draft, third party authorization, not, was non-mailing list
On 31/08/2020 18:15, John Levine wrote: In article you write: The draft suggests use of "x=" as a way to limit exposure. If you do that, then an attacker would need to be able to generate mail through your signer with an "!fs=" tag identifying a domain they control, and exploit the replay before the time in the "x=" tag arrives. Sure, it's time-limited, but it only takes seconds for such an attack to succeed, and automation of such an attack is easy. The threats I had in mind were more like attacker finds an old message in an archive with a fs domain that's been abandoned and the attacker can reregister. An x= of a few days should prevent that while still letting normal list traffic work. As always, as I hope we all remember DMARC alignment doesn't mean not spam, and you still do all of the stuff you do to sort your mail. This scheme depends on the forwarders you authorize being well-behaved. That's why I am concerned that senders need to be selective about who they allow to forward. Yep. I like the proposal, but for me the only question left is: (how) will this scale? I'm not (yet) convinced it will. /rolf ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] my forward signer draft, third party authorization, not, was non-mailing list
In article you write: >The draft suggests use of "x=" as a way to limit exposure. If you do that, >then an attacker would need to be able to generate mail through your signer >with an "!fs=" tag identifying a domain they control, and exploit the >replay before the time in the "x=" tag arrives. Sure, it's time-limited, >but it only takes seconds for such an attack to succeed, and automation of >such an attack is easy. The threats I had in mind were more like attacker finds an old message in an archive with a fs domain that's been abandoned and the attacker can reregister. An x= of a few days should prevent that while still letting normal list traffic work. As always, as I hope we all remember DMARC alignment doesn't mean not spam, and you still do all of the stuff you do to sort your mail. This scheme depends on the forwarders you authorize being well-behaved. That's why I am concerned that senders need to be selective about who they allow to forward. R's, John ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc