Re: [dmarc-ietf] using selectors to identify sources

2017-07-11 Thread Murray S. Kucherawy
On Tue, Jul 11, 2017 at 9:12 AM, Kurt Andersen (b) wrote: > > 1) Include the additional information in the AAR which is wanted > downstream for a DMARC report to be emitted from a receiver N hops away - > this requires additional fields to the basic RFC7601 A-R spec > This

Re: [dmarc-ietf] using selectors to identify sources

2017-07-11 Thread Kurt Andersen (b)
On Mon, Jul 10, 2017 at 12:48 PM, Brandon Long wrote: > > > On Mon, Jul 10, 2017 at 12:27 AM, Murray S. Kucherawy > wrote: > >> On Sat, Jul 8, 2017 at 2:08 PM, Seth Blank wrote: >> >>> I think it needs to be specified. Receivers

Re: [dmarc-ietf] using selectors to identify sources

2017-07-10 Thread Steve Atkins
> On Jul 10, 2017, at 12:53 PM, Brandon Long wrote: > > > > On Fri, Jul 7, 2017 at 6:12 AM, Tim Draegen wrote: >> On Jul 5, 2017, at 6:33 PM, Murray S. Kucherawy wrote: >> >> Based on discussions with Seth and Gene earlier, it

Re: [dmarc-ietf] using selectors to identify sources

2017-07-09 Thread Scott Kitterman
On July 9, 2017 2:38:22 PM EDT, Dave Crocker wrote: >On 7/9/2017 9:24 AM, Laura Atkins wrote: >> Part of it was requiring senders to pre-register selectors. > > >wow. that is (or, I guess, was) such a distinctly misguided >understanding of the role of selectors that it's

Re: [dmarc-ietf] using selectors to identify sources

2017-07-09 Thread Dave Crocker
On 7/9/2017 9:24 AM, Laura Atkins wrote: Part of it was requiring senders to pre-register selectors. wow. that is (or, I guess, was) such a distinctly misguided understanding of the role of selectors that it's impressive. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net

Re: [dmarc-ietf] using selectors to identify sources

2017-07-08 Thread Murray S. Kucherawy
On Sat, Jul 8, 2017 at 2:08 PM, Seth Blank wrote: > On Fri, Jul 7, 2017 at 11:29 PM, Murray S. Kucherawy > wrote: > >> On Fri, Jul 7, 2017 at 11:12 PM, Seth Blank wrote: >> >>> Or maybe, put a different way, the question is: what's

Re: [dmarc-ietf] using selectors to identify sources

2017-07-08 Thread Seth Blank
On Fri, Jul 7, 2017 at 11:29 PM, Murray S. Kucherawy wrote: > On Fri, Jul 7, 2017 at 11:12 PM, Seth Blank wrote: > >> Or maybe, put a different way, the question is: what's the simplest way, >> with the least delta to the spec, that allows for

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Dave Crocker
On 7/7/2017 3:42 PM, Seth Blank wrote: As a domain owner, the keys I use to sign messages are well known to me. Determining which key was used at the beginning of an ARC flow is impossible without transmitting the selector. transmitting to whom? and the issue isn't carriage of the selector.

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Dave Crocker
On 7/7/2017 1:44 PM, Steve Atkins wrote: That a particular major ISP uses (or claims to use, or used to claim to use) selectors to identify particular senders is (or was, or was and continues to be) a major reason that some ESPs refuse to rotate keys at all. Then it would be helpful to the

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Seth Blank
The philosophical questions about how DKIM should best be used, best practices for selector usage, or how receivers determine reputation, are besides a very practical concern here that we're trying to address: As a domain owner, the keys I use to sign messages are well known to me. Determining

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Scott Kitterman
On Friday, July 07, 2017 01:33:58 PM Seth Blank wrote: > On Fri, Jul 7, 2017 at 7:11 AM, Scott Kitterman > > wrote: > > I think it depends on what is meant by 'source'. > > > > Imagine a scenario where I'm the mail admin for a shop that has 5 outbound > > servers. As a

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Steve Atkins
> On Jul 7, 2017, at 1:37 PM, Dave Crocker wrote: > > On 7/7/2017 1:33 PM, Seth Blank wrote: >>Receivers know the selector. If they feed domain and selector into >>their >>Bayesian processors and get a useful distinction, they are going to >>use it. >>No

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Dave Crocker
On 7/7/2017 1:33 PM, Seth Blank wrote: Receivers know the selector. If they feed domain and selector into their Bayesian processors and get a useful distinction, they are going to use it. No RFC will change that. If there's some statistically significant difference

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Hector Santos
On 7/7/2017 9:12 AM, Tim Draegen wrote: I just caught up on the "selectors in AAR" thread, but wanted to go back to this early statement about key rotation and pairing of "s=" and "d=" to identify a single source. Thus a new Subject: is born. It's true key rotation is rare. People are figuring

Re: [dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Scott Kitterman
On Friday, July 07, 2017 09:12:37 AM Tim Draegen wrote: > > On Jul 5, 2017, at 6:33 PM, Murray S. Kucherawy > > wrote: > > > > Based on discussions with Seth and Gene earlier, it sounds like the > > industry has sadly not taken up the habit of key and selector rotation, > >

[dmarc-ietf] using selectors to identify sources

2017-07-07 Thread Tim Draegen
> On Jul 5, 2017, at 6:33 PM, Murray S. Kucherawy wrote: > > Based on discussions with Seth and Gene earlier, it sounds like the industry > has sadly not taken up the habit of key and selector rotation, and instead > the pairing of "s=" and "d=" now identifies a single