Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

>> . . . the work is accepted, and the starting-point documents >> will become working group documents. >> >> Please submit new versions of those documents with working group file >> names, as follows:. . . >> Great; then the work is accepted, and the starting-point documents >> will become workin

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Tue, Jun 7, 2016 at 7:06 AM, Barry Leiba wrote: > . . . the work is accepted, and the starting-point documents > will become working group documents. > > Please submit new versions of those documents with working group file > names, as follows:. . . > Will do! Probably later this week. --Kur

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

>> Murray, I've seen no response to Ned's note (which I agree with) that >> explains why we think the charter, as written, covers the ARC work. >> Do you have any follow-up, or did Ned's message address your concern? > > I think we can call it "addressed" by me accepting that I'm in the rough in >

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Fri, Jun 3, 2016 at 8:24 AM, Barry Leiba wrote: > Murray, I've seen no response to Ned's note (which I agree with) that > explains why we think the charter, as written, covers the ARC work. > Do you have any follow-up, or did Ned's message address your concern? I think we can call it "addres

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

I hear that some people would like to consider other things besides ARC, and that's noted. The working group clearly does seem to want to work on ARC and to start with Kurt's draft in that endeavour. Murray, I've seen no response to Ned's note (which I agree with) that explains why we think the c

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

There are a few different points here: 1. The proposed activity falls perfectly under "track" 1: > 1. Addressing the issues with indirect mail flows If anyone disagrees with that, that should probably be discussed as a distinct point, because I think it's obvious. I concur. 2. The c

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 5/17/2016 10:23 PM, Murray S. Kucherawy wrote: On Tue, May 17, 2016 at 9:52 PM, Murray S. Kucherawy mailto:superu...@gmail.com>> wrote: And I agree, but then I also mentioned that we're now operating under the second phase of the charter, or so the chairs seemed to indicate explic

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed 11/May/2016 18:00:25 +0200 Barry Leiba wrote: It certainly seems that the working group is interested in discussing ARC, as I can judge from the discussion in the short time since Kurt's proposal. So let's go back and get a proper answer: Does anyone object to having the DMARC working g

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 05/18/2016 01:23 PM, Murray S. Kucherawy wrote: On Tue, May 17, 2016 at 9:52 PM, Murray S. Kucherawy mailto:superu...@gmail.com>> wrote: And I agree, but then I also mentioned that we're now operating under the second phase of the charter, or so the chairs seemed to indicate exp

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Tue, May 17, 2016 at 9:52 PM, Murray S. Kucherawy wrote: > And I agree, but then I also mentioned that we're now operating under the > second phase of the charter, or so the chairs seemed to indicate explicitly > with their "phase 1 is done" message. This citation is in the first; the > prosc

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Tue, May 17, 2016 at 6:15 PM, Dave Crocker wrote: > > 1) It feels like a bit of a stretch to call ARC "a form of DKIM >> signature", so I have to assume ARC falls under the second bullet. >> > > You seem to have missed the second sub-bullet under Item 1: > I assure you I didn't. I even said,

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 5/17/2016 6:08 PM, Murray S. Kucherawy wrote: On Tue, May 17, 2016 at 5:46 PM, Dave Crocker mailto:dcroc...@gmail.com>> wrote: Relevant charter text: The working group will explore possible updates and extensions to the specifications in order to addr

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Tue, May 17, 2016 at 5:46 PM, Dave Crocker wrote: > Relevant charter text: > > The working group will explore possible updates and extensions to the >>> specifications in order to address limitations and/or add >>> capabilities. >>> >> ... >> >>> Specifications produced by the working group >

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Tue, May 17, 2016 at 1:43 PM, Steven M Jones wrote: > > Seems to me you've identified a contradiction in the charter, rather > than an objection to developing ARC... > > ...and I thought that's how I'd characterized it. But if the charter says we can't take on this work, or is ambiguous on th

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 5/17/2016 12:53 PM, Murray S. Kucherawy wrote: he charter enumerates three tracks, the first of which appears to allow discussion of new protocols; in particular, one might argue that ARC is a "form of DKIM signature that is better able to survive transit through intermediaries". However, in

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 05/17/2016 13:14, MH Michael Hammer (5304) wrote: > > MK: Absent a desire to form a distinct working group to develop ARC, I think > we need to discuss rechartering before we can entertain this motion. > > MH: If we need to re-charter then I think we should re-charter. There > are already impl

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 05/17/2016 12:53, Murray S. Kucherawy wrote: > > The charter enumerates three tracks, the first of which appears to allow > discussion of new protocols; in particular, one might argue that ARC is > a "form of DKIM signature that is better able to survive transit through > intermediaries". Howe

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Tue, May 17, 2016 at 8:08 AM, Alessandro Vesely wrote: > > Does anyone object to having the DMARC working group take on this work? > I agree with Alessandro, but for procedural reasons: I'm not sure it fits within our present charter. The charter enumerates three tracks, the first of which a

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed 11/May/2016 18:00:25 +0200 Barry Leiba wrote: > It certainly seems that the working group is interested in discussing > ARC, as I can judge from the discussion in the short time since Kurt's > proposal. So let's go back and get a proper answer: > > Does anyone object to having the DMARC wo

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 5/11/2016 12:00 PM, Barry Leiba wrote: I'm pulling the arc-discuss list back off the distribution for this message (and it's probably a good idea to alert people when you add a new mailing list to an ongoing discussion). Kurt's original message asked whether the DMARC working group... 1. ...

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed 11/May/2016 22:35:29 +0200 Kurt Andersen (b) wrote: > On Wed, May 11, 2016 at 11:40 AM, Alessandro Vesely wrote: > >> If the body was altered the original DKIM-Signature is broken. If AS(0) is >> good --which is possible since it didn't sign the body-- and rfc5322.from >> matches the AS(0)

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

Might I suggest that this somewhat lengthy digression from the identified subject of the thread should move to another thread (unique subject line)? --Kurt ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Murray S. Kucherawy Sent: Wednesday, May 11, 2016 6:29 PM To: Alessandro Vesely Cc: dmarc@ietf.org; Kurt Andersen (b); ARC Discussion Subject: Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone) On Wed

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed, May 11, 2016 at 9:54 AM, Alessandro Vesely wrote: > > [... assume ARC-Seal: i=0 still verifies ...] > > >>> ARC-0 is substantially equivalent to a weak signature. The ARC-Seal > >>> field proves that the originator was involved. ARC-Message-Signature > >>> is expected to be broken by fo

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed, May 11, 2016 at 11:40 AM, Alessandro Vesely wrote: > On Wed 11/May/2016 19:09:45 +0200 Kurt Andersen (b) wrote: > > > > What would an AS[0] assertion provide that would not be already asserted > by > > the originator's DKIM-Signature? > > Nothing, except that the originator's DKIM-Signatu

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

>My worry is that if DMARC started as a private mechanism for high value >targets and large msps to collaborate to lower the risk of phishing for >their shared users, and I don't want ARC to be perceived as breaking that. > >I don't want MSPs to have to come up with private lists of high value >tar

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed 11/May/2016 19:09:45 +0200 Kurt Andersen (b) wrote: > Removing arc-discuss per suggestion from Barry. > > On Wed, May 11, 2016 at 9:54 AM, Alessandro Vesely wrote: >> On Wed 11/May/2016 17:29:18 +0200 Kurt Andersen (b) wrote: >>> On Wed, May 11, 2016 at 7:00 AM, Murray S. Kucherawy wrote:

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

Removing arc-discuss per suggestion from Barry. On Wed, May 11, 2016 at 9:54 AM, Alessandro Vesely wrote: > On Wed 11/May/2016 17:29:18 +0200 Kurt Andersen (b) wrote: > > On Wed, May 11, 2016 at 7:00 AM, Murray S. Kucherawy wrote: > > [... assume ARC-Seal: i=0 still verifies ...] > > > Doesn't t

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed 11/May/2016 17:29:18 +0200 Kurt Andersen (b) wrote: > On Wed, May 11, 2016 at 7:00 AM, Murray S. Kucherawy wrote: >> On Wed, May 11, 2016 at 4:55 AM, Alessandro Vesely wrote: [... assume ARC-Seal: i=0 still verifies ...] >>> ARC-0 is substantially equivalent to a weak signature. The ARC-S

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

I'm pulling the arc-discuss list back off the distribution for this message (and it's probably a good idea to alert people when you add a new mailing list to an ongoing discussion). Kurt's original message asked whether the DMARC working group... 1. ...wants to work on the ARC spec, using https:/

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed, May 11, 2016 at 7:00 AM, Murray S. Kucherawy wrote: > On Wed, May 11, 2016 at 4:55 AM, Alessandro Vesely wrote: > >> It would be silly to deny that ARC is about indirect mail flows. The >> reason it >> is perceived to be in the wrong camp is that DMARC focuses on originators >> of >> em

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On Wed, May 11, 2016 at 4:55 AM, Alessandro Vesely wrote: > It would be silly to deny that ARC is about indirect mail flows. The > reason it > is perceived to be in the wrong camp is that DMARC focuses on originators > of > email, while ARC requires no changes for them. A possible tweak is to >

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

Dave Crocker writes: > On 5/10/2016 5:23 PM, John Levine wrote: > >> Should DMARC add a policy setting for whether the domain owner feels that > >> ARC should be used to bypass regular DMARC evaluation? > > > > Please, no. One approach to what we can oversimplify as the mailing > > list pro

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

It would be silly to deny that ARC is about indirect mail flows. The reason it is perceived to be in the wrong camp is that DMARC focuses on originators of email, while ARC requires no changes for them. A possible tweak is to introduce an ARC-0, zero for originator, an optional ARC set with i=0:

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On the other hand, for purely transactional domains, it could be simpler for the recipient to be able to easily find that ARC-ish mechanisms are not authorized. As is invariably the case here, except sometimes. It is my impression that there are forwarders that break DMARC signatures (MS Exch

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 5/10/2016 5:23 PM, John Levine wrote: Should DMARC add a policy setting for whether the domain owner feels that ARC should be used to bypass regular DMARC evaluation? Please, no. One approach to what we can oversimplify as the mailing list problem is to do it from the sending end, with the

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

>Should DMARC add a policy setting for whether the domain owner feels that >ARC should be used to bypass regular DMARC evaluation? Please, no. One approach to what we can oversimplify as the mailing list problem is to do it from the sending end, with the sender using something like conditional do

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 5/10/2016 11:08 AM, Steven M Jones wrote: which shows that there's substantive work to be done - and that work can only benefit from the broader community that an IETF WG represents. Perhaps it will aid consideration if a candidate list of such work is offered? A summary of issues raised

Re: [dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

On 05/10/2016 10:23, Kurt Andersen (b) wrote: > Updated the subject line to start a new thread. . .sorry for the > confusion. > > On Tue, May 10, 2016 at 10:21 AM, Kurt Andersen (b) > wrote: > > On Thu, May 5, 2016 at 6:54 AM, Tim Draegen

[dmarc-ietf] Proposal to adopt ARC documents into the WG (toward phase 2 milestone)

Updated the subject line to start a new thread. . .sorry for the confusion. On Tue, May 10, 2016 at 10:21 AM, Kurt Andersen (b) wrote: > On Thu, May 5, 2016 at 6:54 AM, Tim Draegen wrote: > >> The WG will now move ahead to phase 2: >> >> https://trac.tools.ietf.org/wg/dmarc/trac/wiki/Mileston