Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Hector Santos
On 8/18/2017 2:10 PM, Murray S. Kucherawy wrote: Of course, the danger of proceeding along that line is that we do establish a deployed base, however small, that will be difficult to change later. +1 I don't know the answer to that question immediately, and admittedly I'm only going to be

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Murray S. Kucherawy
On Fri, Aug 18, 2017 at 6:47 PM, Bron Gondwana wrote: > On Sat, 19 Aug 2017, at 11:43, Murray S. Kucherawy wrote: > > On Thu, Aug 17, 2017 at 5:22 PM, Brandon Long wrote: > > We went down the path of including a diff of the message in the headers, >

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Hector Santos
On 8/16/2017 9:32 PM, Seth Blank wrote: On Wed, Aug 16, 2017 at 5:47 PM, Bron Gondwana > wrote: While there exists A SINGLE SITE which is ARC-unaware and DMARC p=reject aware, you can't use ARC on a DMARC p=reject domain without

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Bron Gondwana
On Sat, 19 Aug 2017, at 11:43, Murray S. Kucherawy wrote: > On Thu, Aug 17, 2017 at 5:22 PM, Brandon Long > wrote:>> We went down the path of including a diff of the > message in the >> headers, but you run up against more complicated changes that make >> that challenging.

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Murray S. Kucherawy
On Thu, Aug 17, 2017 at 5:22 PM, Brandon Long wrote: > We went down the path of including a diff of the message in the headers, > but you run up against more complicated changes that make that > challenging. Ie, mailing lists which strip attachments. If all we cared > about

[dmarc-ietf] About "non-rewindable crypto"

2017-08-18 Thread Bron Gondwana
So this is an interesting case that I'd like to spin into a separate thread. At the moment, ARC headers are purely additive. You receive a message with some ARC headers on it, you add some more on top and send it on. AR: arc=pass, ... // at receiver AS: i=3; cv=pass, d=site4.com AMS: i=3;

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Bron Gondwana
On Sat, 19 Aug 2017, at 04:51, Brandon Long wrote: > > > On Fri, Aug 18, 2017 at 10:00 AM, Seth Blank > wrote:>> On Thu, Aug 17, 2017 at 11:46 PM, Kurt Andersen >> wrote:>>> So I was able to retrace our design steps which >> led to the 3-piece >>> model

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Bron Gondwana
On Sat, 19 Aug 2017, at 04:10, Murray S. Kucherawy wrote: > On Fri, Aug 18, 2017 at 10:08 AM, Dave Crocker > wrote:>> On 8/18/2017 10:00 AM, Seth Blank wrote: >>> >>> Right now, we've got deployed code that we know works and improves >>> the landscape. Everything else is -

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Dave Crocker
On 8/18/2017 11:10 AM, Murray S. Kucherawy wrote: While I would normally agree firmly with that position, my view in this case is softer given what I believe was consensus (I'm not the chair, so that's not my call officially) that we're going to go for Experimental status. I submit that

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Bron Gondwana
On Fri, 18 Aug 2017, at 16:46, Kurt Andersen wrote: > So I was able to retrace our design steps which led to the 3-piece > model (AAR + AMS + AS) and the reasoning for the AS, signing just the > ARC header sequence was to provide the verifiable chain of custody > trace (though, of course, only

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Brandon Long
On Fri, Aug 18, 2017 at 10:00 AM, Seth Blank wrote: > On Thu, Aug 17, 2017 at 11:46 PM, Kurt Andersen wrote: > >> So I was able to retrace our design steps which led to the 3-piece model >> (AAR + AMS + AS) and the reasoning for the AS, signing just the ARC

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Murray S. Kucherawy
On Fri, Aug 18, 2017 at 10:08 AM, Dave Crocker wrote: > On 8/18/2017 10:00 AM, Seth Blank wrote: > >> >> Right now, we've got deployed code that we know works and improves the >> landscape. Everything else is - rightly or wrongly - conjecture. >> > > > Personal Point of

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Seth Blank
On Fri, Aug 18, 2017 at 10:08 AM, Dave Crocker wrote: > On 8/18/2017 10:00 AM, Seth Blank wrote: > >> >> Right now, we've got deployed code that we know works and improves the >> landscape. Everything else is - rightly or wrongly - conjecture. >> > > > Personal Point of

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Dave Crocker
On 8/18/2017 10:00 AM, Seth Blank wrote: Right now, we've got deployed code that we know works and improves the landscape. Everything else is - rightly or wrongly - conjecture. Personal Point of order: Using an 'installed base' argument for a brand new specification that is still in

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Seth Blank
On Thu, Aug 17, 2017 at 11:46 PM, Kurt Andersen wrote: > So I was able to retrace our design steps which led to the 3-piece model > (AAR + AMS + AS) and the reasoning for the AS, signing just the ARC header > sequence was to provide the verifiable chain of custody trace

Re: [dmarc-ietf] ARC-Seal is meaningless security theatre

2017-08-18 Thread Kurt Andersen
So I was able to retrace our design steps which led to the 3-piece model (AAR + AMS + AS) and the reasoning for the AS, signing just the ARC header sequence was to provide the verifiable chain of custody trace (though, of course, only from participating intermediaries). Some of the recent tweaks