Extensions to DomainKeys Identified Mail (DKIM) for Failure Reporting
draft-ietf-marf-dkim-reporting-16
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-04-18
|
16 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2012-04-18
|
16 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2012-04-18
|
16 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2012-03-26
|
16 | (System) | IANA Action state changed to In Progress |
2012-03-22
|
16 | Amy Vezza | State changed to RFC Ed Queue from Approved-announcement sent |
2012-03-20
|
16 | Amy Vezza | State changed to Approved-announcement sent from Approved-announcement to be sent |
2012-03-20
|
16 | Amy Vezza | IESG has approved the document |
2012-03-20
|
16 | Amy Vezza | Closed "Approve" ballot |
2012-03-20
|
16 | Pete Resnick | State changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2012-03-20
|
16 | Pete Resnick | Ballot approval text was generated |
2012-03-20
|
16 | Jari Arkko | [Ballot Position Update] Position for Jari Arkko has been changed to No Objection from Discuss |
2012-03-20
|
16 | Anabel Martinez | New version available: draft-ietf-marf-dkim-reporting-16.txt |
2012-03-15
|
15 | Cindy Morgan | State changed to IESG Evaluation::AD Followup from IESG Evaluation |
2012-03-15
|
15 | Sean Turner | [Ballot comment] Thanks for addressing my discuss. |
2012-03-15
|
15 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss |
2012-03-15
|
15 | Anabel Martinez | New version available: draft-ietf-marf-dkim-reporting-15.txt |
2012-03-15
|
14 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded for Gonzalo Camarillo |
2012-03-15
|
14 | Jari Arkko | [Ballot discuss] I can not believe I am doing this again for the third time this week, but: http://www.youtube.com/watch?v=LbK-g8tKnoc |
2012-03-15
|
14 | Jari Arkko | [Ballot comment] rep-rr-tag = %x72.72 *WSP "=" *WSP rep-rr-type *WSP 0* ( … [Ballot comment] rep-rr-tag = %x72.72 *WSP "=" *WSP rep-rr-type *WSP 0* ( ":" *WSP rep-rr-type ) Bill's parser (http://tools.ietf.org/tools/bap/abnf.cgi) says: stdin(1:28): error: No whitespace allowed between repeat and element. There are two instances of this error in the draft. |
2012-03-15
|
14 | Jari Arkko | [Ballot Position Update] New position, Discuss, has been recorded for Jari Arkko |
2012-03-14
|
14 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded for Ralph Droms |
2012-03-14
|
14 | Pete Resnick | State changed to IESG Evaluation from Waiting for AD Go-Ahead |
2012-03-14
|
14 | Sean Turner | [Ballot discuss] Is the assumption here that the report-generator/DKIM-verifier also supports DKIM-signing and will send the report back DKIM-signed? If that's true shouldn't there be … [Ballot discuss] Is the assumption here that the report-generator/DKIM-verifier also supports DKIM-signing and will send the report back DKIM-signed? If that's true shouldn't there be some kind of requirement that the DKIM l= value MUST cover the entire report body? Or, do you think folks will do that by default because that's the l= default in RFC 6376? And, would it be better to state a requirement that returned reports MUST be DKIM-signed? |
2012-03-14
|
14 | Sean Turner | [Ballot comment] s2.4: r/entitiy/entity |
2012-03-14
|
14 | Sean Turner | [Ballot Position Update] New position, Discuss, has been recorded for Sean Turner |
2012-03-14
|
14 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call |
2012-03-13
|
14 | Adrian Farrel | [Ballot comment] Thanks for handling my Discuss and Comments |
2012-03-13
|
14 | Adrian Farrel | [Ballot Position Update] Position for Adrian Farrel has been changed to No Objection from Discuss |
2012-03-13
|
14 | Cindy Morgan | New version available: draft-ietf-marf-dkim-reporting-14.txt |
2012-03-13
|
13 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded for Dan Romascanu |
2012-03-13
|
13 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded for Russ Housley |
2012-03-13
|
13 | Adrian Farrel | [Ballot discuss] I only have one small Discuss issue with this document... (Compare with Peter's Comment - I think "MUST" is appropriate since there is … [Ballot discuss] I only have one small Discuss issue with this document... (Compare with Peter's Comment - I think "MUST" is appropriate since there is no way to know how to handle an unregistered tag, but...) In Section 3.2 you have... Any tag found in the content of this record that is not registered with IANA as described in Section 7.3 MUST be ignored. But adding a tag to the registry will not automatically update all the implementations in the field! So I think you need... Implementations MUST support all tags defined in this document and any tag found in the content of this record that is not recognized by an implementation MUST be ignored. |
2012-03-13
|
13 | Adrian Farrel | [Ballot comment] It would be nice if the Introduction included an expansion of DKIM as provided in the Abstract. --- You should really include a … [Ballot comment] It would be nice if the Introduction included an expansion of DKIM as provided in the Abstract. --- You should really include a reference to your ABNF definition and point to it from Section 2. --- Step 5 of Section 3 says 5. If the TXT content is syntactically invalid, terminate. One might reasonably ask where to look for the definition of syntactic validity. |
2012-03-13
|
13 | Adrian Farrel | [Ballot Position Update] New position, Discuss, has been recorded for Adrian Farrel |
2012-03-12
|
13 | Stephen Farrell | [Ballot comment] Thanks for handling my discuss points. |
2012-03-12
|
13 | Stephen Farrell | [Ballot Position Update] Position for Stephen Farrell has been changed to No Objection from Discuss |
2012-03-12
|
13 | Murray Kucherawy | New version available: draft-ietf-marf-dkim-reporting-13.txt |
2012-03-12
|
12 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded for Ronald Bonica |
2012-03-12
|
12 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded for Robert Sparks |
2012-03-11
|
12 | Suresh Krishnan | Request for Last Call review by GENART Completed. Reviewer: Suresh Krishnan. |
2012-03-11
|
12 | Stephen Farrell | [Ballot discuss] Two things that should be quickly resolved. - is rr=all a good default? If a bad-actor sends a supposedly signed mail with a … [Ballot discuss] Two things that should be quickly resolved. - is rr=all a good default? If a bad-actor sends a supposedly signed mail with a DKIM-Signature with 1000 fields then what happens if the Signer's DNS has no rr tag? Maybe some special case for unknown DKIM-Signature tokens or a max on the number of reports for a single message? (Note: I'm assuming that a separate report can be, or is to be, generated for each DKIM-Signature token that fails, clarifying that only one report is ever sent for one inbound mail with a broken signature would also fix this.) - the secdir review lead to a bunch of suggested changes of which I think Barry's comment was to go into a -13, so that's not happened yet. |
2012-03-11
|
12 | Stephen Farrell | [Ballot comment] - s1, maybe s/not forgeable/less easily forgeable/ ? - s3.1 "in use by specific keys" is a bit odd, suggest "that ought to … [Ballot comment] - s1, maybe s/not forgeable/less easily forgeable/ ? - s3.1 "in use by specific keys" is a bit odd, suggest "that ought to be verifiable with specific public keys" - s3.2, would it be better to say the signer MUST create this TXT RR, rather than say "it also" does that? (And MUST this be present & good before a verifier is allowed to send a report?) - s3.2, is there a missing "of" in "In the case a record..." - s3.3, nit, maybe s/select a random/uniformly select a random/ or somesuch (should be obvious though) - s3.3, maybe provide a reference of some sort for the previous pre-standards scheme? - s8.2, point 1 - the attacker here modifies the DKIM-Signature header field and not the "signature" (which is the b= bit of that header field) - s8.2, point 2 - is the term "invalid signature" right here? Would non-verifiable be better? (The valid/verified terms related to signature checking have been mis-interpreted many times) - Does the signature in the example verify or not? Either way, be good to make that clear, given the topic of this draft. (If it does verify giving the public key too would be good.) |
2012-03-11
|
12 | Stephen Farrell | [Ballot Position Update] New position, Discuss, has been recorded for Stephen Farrell |
2012-03-08
|
12 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Tero Kivinen. |
2012-03-08
|
12 | Peter Saint-Andre | [Ballot comment] Section 3.2 states: Any tag found in the content of this record that is not registered with IANA as described in … [Ballot comment] Section 3.2 states: Any tag found in the content of this record that is not registered with IANA as described in Section 7.3 MUST be ignored. Does this really need to be "MUST", or is "SHOULD" sufficient? Saying MUST would prevent any further experimentation, which you might consider a good thing or a bad thing. |
2012-03-08
|
12 | Peter Saint-Andre | [Ballot Position Update] New position, No Objection, has been recorded for Peter Saint-Andre |
2012-03-08
|
12 | Anabel Martinez | New version available: draft-ietf-marf-dkim-reporting-12.txt |
2012-03-08
|
11 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded for Stewart Bryant |
2012-03-07
|
11 | Wesley Eddy | [Ballot Position Update] New position, No Objection, has been recorded for Wesley Eddy |
2012-03-06
|
11 | Pete Resnick | Placed on agenda for telechat - 2012-03-15 |
2012-03-06
|
11 | Pete Resnick | Ballot has been issued |
2012-03-06
|
11 | Pete Resnick | [Ballot Position Update] New position, Yes, has been recorded for Pete Resnick |
2012-03-06
|
11 | Pete Resnick | Ballot writeup was changed |
2012-03-06
|
11 | Pete Resnick | Created "Approve" ballot |
2012-03-06
|
11 | Pete Resnick | The MARF Working Group requests the publication of draft-ietf-marf-dkim-reporting as a Proposed Standard. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet … The MARF Working Group requests the publication of draft-ietf-marf-dkim-reporting as a Proposed Standard. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? The document, aimed at Proposed Standard, defines a standard way for DKIM signing domains to communicate abuse-reporting information to DKIM verifiers. The title page header specifies "Standards Track", as generated by xml2rfc. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Deployers of message authentication technologies are increasingly seeking visibility into DKIM verification failures and conformance failures involving the published signing practices (e.g., ADSP) of an Administrative Management Domain. This document extends DKIM and ADSP to add an optional reporting address and some reporting parameters. Reports are generated using the format defined in draft-ietf-marf-authfailure-report. Working Group Summary There is nothing of real note in the working group discussion. The document was not controversial, and in the normal process of hammering out the details, everything went smoothly. The document has very broad consensus in the MARF working group. Document Quality There is at least one open-source implementation now, from the document editor. There is also an effort called DMARC, which builds on DKIM, and some people involved with that work plan to implement this protocol. Personnel Barry Leiba is the document shepherd; Pete Resnick is the responsible AD. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. I have reviewed the final version of the document in detail, and I believe it is ready for publication as a Proposed Standard. (I also reviewed earlier versions, as it developed in the working group). (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No concerns. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. The document has broad consensus in the working group, and is solid. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. No IPR disclosures have been filed, and the editor is not aware of any IPR claims. I have also asked the working group as a whole about IPR claims, and no one has come forward. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. See 7. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is broad consensus within the working group. That said, relatively few participants remain active at this point, so that consensus consists of about a half dozen individuals. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. None. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. None required. (13) Have all references within this document been identified as either normative or informative? Yes. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? This document depends normatively on two other MARF WG documents: draft-ietf-marf-as is ready for working-group last call. draft-ietf-marf-authfailure-report is in the RFC Editor queue. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. This document refers normatively to RFC 5598, "Internet Mail Architecture", which is Informational. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. This document makes no changes to existing RFCs. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). I have checked the registrations in the IANA Considerations, and they are correct and clear. IANA should have no problem with them. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. This document creates a "specification required" registry for DKIM reporting tags. "Specification required" was chosen because significant documentation and some gatekeeping are required to ensure interoperability with respect to these tags. The document editor, Murray Kucherawy, would be a good choice as the designated expert for this registry. In any case, the expert should have a good understanding of DKIM, ADSP, and MARF, and be aware of what related work (such as DMARC) is being done in the field. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. I've run the stuff through the standard idnits and BNF checkers. The ABNF is simple. |
2012-03-01
|
11 | Jean Mahoney | Request for Last Call review by GENART is assigned to Suresh Krishnan |
2012-03-01
|
11 | Jean Mahoney | Request for Last Call review by GENART is assigned to Suresh Krishnan |
2012-03-01
|
11 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Tero Kivinen |
2012-03-01
|
11 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Tero Kivinen |
2012-02-29
|
11 | Cindy Morgan | Last call sent |
2012-02-29
|
11 | Cindy Morgan | State changed to In Last Call from Last Call Requested The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (Extensions to DKIM for Failure Reporting) to Proposed Standard The IESG has received a request from the Messaging Abuse Reporting Format WG (marf) to consider the following document: - 'Extensions to DKIM for Failure Reporting' as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2012-03-14. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This memo presents extensions to the DomainKeys Identified Mail (DKIM) specification to allow for detailed reporting of message authentication failures in an on-demand fashion. Note that this document has downward normative references: This document refers normatively to RFC 5598, "Internet Mail Architecture", which is Informational. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-marf-dkim-reporting/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-marf-dkim-reporting/ballot/ No IPR declarations have been submitted directly on this I-D. |
2012-02-29
|
11 | Pete Resnick | Last call was requested |
2012-02-29
|
11 | Pete Resnick | State changed to Last Call Requested from In Last Call |
2012-02-29
|
11 | Pete Resnick | Last call announcement was changed |
2012-02-29
|
11 | Amy Vezza | Last call sent |
2012-02-29
|
11 | Amy Vezza | State changed to In Last Call from Last Call Requested The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (Extensions to DKIM for Failure Reporting) to Proposed Standard The IESG has received a request from the Messaging Abuse Reporting Format WG (marf) to consider the following document: - 'Extensions to DKIM for Failure Reporting' as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2012-03-14. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This memo presents extensions to the DomainKeys Identified Mail (DKIM) specification to allow for detailed reporting of message authentication failures in an on-demand fashion. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-marf-dkim-reporting/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-marf-dkim-reporting/ballot/ No IPR declarations have been submitted directly on this I-D. |
2012-02-29
|
11 | Pete Resnick | Last call was requested |
2012-02-29
|
11 | Pete Resnick | Ballot approval text was generated |
2012-02-29
|
11 | Pete Resnick | Ballot writeup was generated |
2012-02-29
|
11 | Pete Resnick | State changed to Last Call Requested from Publication Requested |
2012-02-29
|
11 | Pete Resnick | Last call announcement was generated |
2012-02-29
|
11 | Pete Resnick | Last call announcement was generated |
2012-02-28
|
11 | Pete Resnick | State changed to Publication Requested from AD is watching |
2012-02-28
|
11 | Murray Kucherawy | IETF state changed to Submitted to IESG for Publication from WG Document |
2012-02-28
|
11 | Murray Kucherawy | Restore state after new version |
2012-02-28
|
11 | Murray Kucherawy | New version available: draft-ietf-marf-dkim-reporting-11.txt |
2012-02-28
|
10 | Barry Leiba | IETF state changed to Submitted to IESG for Publication from Waiting for WG Chair Go-Ahead |
2012-02-28
|
10 | Barry Leiba | Annotation tag Doc Shepherd Follow-up Underway cleared. |
2012-02-28
|
10 | Barry Leiba | Changed protocol writeup |
2012-02-24
|
10 | Murray Kucherawy | IETF state changed to Waiting for WG Chair Go-Ahead from In WG Last Call |
2012-02-24
|
10 | Murray Kucherawy | WGLC completed; PROTO writeup pending |
2012-02-24
|
10 | Murray Kucherawy | Annotation tag Doc Shepherd Follow-Up Underway set. |
2012-02-12
|
10 | (System) | New version available: draft-ietf-marf-dkim-reporting-10.txt |
2012-02-08
|
10 | Murray Kucherawy | WGLC ends February 24. |
2012-02-08
|
10 | Murray Kucherawy | IETF state changed to In WG Last Call from WG Document |
2012-02-05
|
09 | (System) | New version available: draft-ietf-marf-dkim-reporting-09.txt |
2012-01-31
|
08 | (System) | New version available: draft-ietf-marf-dkim-reporting-08.txt |
2012-01-30
|
07 | (System) | New version available: draft-ietf-marf-dkim-reporting-07.txt |
2012-01-25
|
06 | (System) | New version available: draft-ietf-marf-dkim-reporting-06.txt |
2012-01-25
|
05 | (System) | New version available: draft-ietf-marf-dkim-reporting-05.txt |
2012-01-23
|
04 | (System) | New version available: draft-ietf-marf-dkim-reporting-04.txt |
2012-01-23
|
10 | Murray Kucherawy | Trying once more as a WG item |
2012-01-23
|
10 | Murray Kucherawy | IETF state changed to WG Document from Parked WG Document |
2012-01-23
|
10 | Murray Kucherawy | Probably going back to Individual |
2012-01-23
|
10 | Murray Kucherawy | IETF state changed to Parked WG Document from WG Document |
2011-09-10
|
03 | (System) | New version available: draft-ietf-marf-dkim-reporting-03.txt |
2011-06-10
|
10 | Pete Resnick | State changed to AD is watching from Publication Requested. |
2011-06-10
|
10 | Pete Resnick | Draft added in state Publication Requested |
2011-06-10
|
10 | Barry Leiba | Ready to go to the IESG |
2011-05-15
|
02 | (System) | New version available: draft-ietf-marf-dkim-reporting-02.txt |
2011-01-07
|
01 | (System) | New version available: draft-ietf-marf-dkim-reporting-01.txt |
2010-10-23
|
10 | (System) | Document has expired |
2010-04-21
|
00 | (System) | New version available: draft-ietf-marf-dkim-reporting-00.txt |