nanog mailing list archives
Re: Yahoo DMARC breakage
From: Jimmy Hess <mysidia () gmail com>
Date: Wed, 9 Apr 2014 23:54:00 -0500
On Wed, Apr 9, 2014 at 8:04 PM, Miles Fidelman <mfidelman () meetinghouse net>wrote: On 4/9/2014 7:25 PM, Miles Fidelman wrote:
Yahoo! is choosing to apply the technology for usage scenarios that havelong been known to be problematic. Again, they've made anIn fact... it is too generous to say "known to be problematic".
Basic functionality is seriously and utterly broken --- that DMARC doesn't have a good answer for such situations, is a major indicator of its immaturity, in the sense that it is "Too specific" a solution and cannot apply to e-mail in general. If it were mature: a mechanism would be provided that would allow mailing lists to function without breaking changes such as substituting From:. An example of a solution would be the use of a DKIM alternative with not a single signature for the entire message, but only partial signing of parts of the message: specifically identified headers and/or specific body elements, to validate that the message was really sent and certain elements are genuine ---- and certain elements were modified by the mailing list.
informed choice. Whether it's justified and whether it was the rightchoice is more of a political or management discussion than a technical one.
The technical issue, is that the immaturity of the related specs. limits the decisions are available for a particular domain ---- so, essentially, if you have certain kind of user traffic: you have to incur technical issues with mailing lists, or forego using DMARC. In other words: much as you would like to dismiss as purely a managerial decision ---- the decisions available to be made are entangled with the limitations of the technical options that are available for mitigating spoofing, AND the public's understanding thereof.
In technical terms, DMARC is reasonably simple and reasonably well understood and extensively deployed.
I would say reasonably simple. Only well-understood by a very limited fraction of the population of mail operators. Not widely deployed; particularly on domains serving end user mailboxes.
For most discussions, that qualifies as 'mature'...Especially after reading some of the discussions on the DMARC mailing list where it's clear that issues of breaking mailing lists were explicitly ignored and dismissed.
+1. Common use case ignored and dismissed, is a pretty convincing indicator of a lack of maturity with regads to the spec.
Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra
-- -Mysid
Current thread:
- Re: Yahoo DMARC breakage, (continued)
- Re: Yahoo DMARC breakage Franck Martin (Apr 20)
- Message not available
- ID10T out of office responders (was Re: Yahoo DMARC breakage) Larry Sheldon (Apr 10)
- Re: ID10T out of office responders (was Re: Yahoo DMARC breakage) Tei (Apr 11)
- Re: ID10T out of office responders (was Re: Yahoo DMARC breakage) Jethro R Binks (Apr 11)
- Message not available
- Re: ID10T out of office responders Larry Sheldon (Apr 11)
- Re: ID10T out of office responders Daniƫl W . Crompton (Apr 11)
- Re: Yahoo DMARC breakage Dave Crocker (Apr 09)
- Re: Yahoo DMARC breakage Miles Fidelman (Apr 09)
- Re: Yahoo DMARC breakage Dave Crocker (Apr 09)
- Re: Yahoo DMARC breakage Miles Fidelman (Apr 09)
- Re: Yahoo DMARC breakage Jimmy Hess (Apr 09)
- Re: Yahoo DMARC breakage Tei (Apr 10)
- Re: Yahoo DMARC breakage Miles Fidelman (Apr 10)
- Re: Yahoo DMARC breakage Dave Crocker (Apr 10)
- Re: Yahoo DMARC breakage Dave Crocker (Apr 10)
- Re: Yahoo DMARC breakage Michael Thomas (Apr 10)
- Re: Yahoo DMARC breakage Valdis . Kletnieks (Apr 10)
- Re: Yahoo DMARC breakage Michael Thomas (Apr 10)
- Re: Yahoo DMARC breakage Rich Kulawiec (Apr 10)
- Re: Yahoo DMARC breakage Geoffrey Keating (Apr 10)