--- 1/draft-ietf-dmarc-arc-multi-00.txt 2018-03-18 06:13:33.529354884 -0700 +++ 2/draft-ietf-dmarc-arc-multi-01.txt 2018-03-18 06:13:33.545355262 -0700 @@ -1,22 +1,22 @@ DMARC Working Group K. Andersen Internet-Draft LinkedIn Intended status: Experimental S. Blank, Ed. -Expires: July 26, 2018 ValiMail +Expires: September 20, 2018 ValiMail J. Levine, Ed. Taughannock Networks - January 22, 2018 + March 19, 2018 Using Multiple Signing Algorithms with the ARC (Authenticated Received Chain) Protocol - draft-ietf-dmarc-arc-multi-00 + draft-ietf-dmarc-arc-multi-01 Abstract The Authenticated Received Chain (ARC) protocol creates a mechanism whereby a series of handlers of an email message can conduct authentication of the email message as it passes among them on the way to its destination. Initial development of ARC has been done with a single allowed signing algorithm, but parallel work in the DCRUP working group @@ -32,21 +32,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on July 26, 2018. + This Internet-Draft will expire on September 20, 2018. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -57,88 +57,105 @@ described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Definitions and Terminology . . . . . . . . . . . . . . . . . 3 4. Supporting Alternate Signing Algorithms . . . . . . . . . . . 3 5. General Approach . . . . . . . . . . . . . . . . . . . . . . 3 5.1. Signers . . . . . . . . . . . . . . . . . . . . . . . . . 3 - 5.2. Validators . . . . . . . . . . . . . . . . . . . . . . . 3 - 6. Phases of Algorithm Evolution . . . . . . . . . . . . . . . . 3 - 6.1. Introductory Period . . . . . . . . . . . . . . . . . . . 3 + 5.2. Validators . . . . . . . . . . . . . . . . . . . . . . . 4 + 6. Phases of Algorithm Evolution . . . . . . . . . . . . . . . . 4 + 6.1. Introductory Period . . . . . . . . . . . . . . . . . . . 4 6.2. Co-Existence Period . . . . . . . . . . . . . . . . . . . 4 6.3. Deprecation Period . . . . . . . . . . . . . . . . . . . 4 6.4. Obsolescence Period . . . . . . . . . . . . . . . . . . . 4 7. Privacy Considerations . . . . . . . . . . . . . . . . . . . 4 - 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 - 9. Security Considerations . . . . . . . . . . . . . . . . . . . 4 - 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 10.1. Normative References . . . . . . . . . . . . . . . . . . 4 - 10.2. Informative References . . . . . . . . . . . . . . . . . 6 - Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 7 - Appendix B. Comments and Feedback . . . . . . . . . . . . . . . 7 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 + 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 + 9. Security Considerations . . . . . . . . . . . . . . . . . . . 5 + 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 + 10.1. Normative References . . . . . . . . . . . . . . . . . . 5 + 10.2. Informative References . . . . . . . . . . . . . . . . . 5 + Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 6 + Appendix B. Comments and Feedback . . . . . . . . . . . . . . . 6 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction The Authenticated Received Chain (ARC) protocol adds a traceable chain of signatures that cover the handling of an email message through a chain of intermediary handlers. Initial development of ARC has been done with a single allowed signing algorithm, but parallel work in the DCRUP working group (https://datatracker.ietf.org/wg/dcrup/about/) is expanding the supported algorithms. This specification defines how to extend ARC for multiple signing algorithms. 2. Overview In order to phase in new signing algorithms, this specification - identifies how signers and validators MUST process ARC sets found in - email messages. + identifies how signers and validators process ARC sets found in email + messages. 3. Definitions and Terminology This section defines terms used in the rest of the document. - The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", - "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this - document are to be interpreted as described in [RFC2119]. + The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL", + "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and + "OPTIONAL" in this document are to be interpreted as described in + [RFC2119]. Because many of the core concepts and definitions are found in - [RFC5598], readers SHOULD to be familiar with the contents of + [RFC5598], readers should to be familiar with the contents of [RFC5598], and in particular, the potential roles of intermediaries - in the delivery of email. + in the delivery of email and the problems [RFC7960] created by the + initial DMARC [RFC7489] . 4. Supporting Alternate Signing Algorithms During a period where multiple algorithms are allowed, all of the statements in the ARC spec which refer to "exactly one set of ARC headers per instance" need to be understood as "at least one set per instance and no more than one set per instance per algorithm". 5. General Approach 5.1. Signers - Signers MUST initiate ARC signing of messages with all supported - algorithms that they are capable of using. + There is a separate independent signing chain for each signing + algorithm. Hence, when creating an ARC signature, a signer MUST + include only other signatures that use the same algorithm as the + signature being created. - Signers MUST continue ARC chains with all supported algorithms that - they are capable of using. + Wnen signing a message with no previous ARC signatures, signers MUST + sign using all supported algorithms. + + A signer MUST continue the longest ARC chain(s) in a message with all + algorithms that it supports. That is, if at least one of the longest + chains uses an algorithm that a signer supports, the signer continues + the chain(s). If none of the longest chains in a message use an + algorithm supported by a signer, the signer MUST NOT extend any + chains, even if a shorter chain does use a supported algorithm. 5.2. Validators - Validators MUST use the longest ARC chain on the message for which - they can interpret the signing algorithm. + A validator MUST use the longest ARC chain(s) on the message. If a + validator cannot interpret the signing algorithm on any of the + longest chains, validation fails, evven if a shorter chain does use a + supported algorithm. + + If there is more than one longest chain, the overall result reported + can be that of of any of the validations. The result used when + extending an ARC chain MUST be the result from validating that chain. 6. Phases of Algorithm Evolution 6.1. Introductory Period Intermediaries MUST be able to validate ARC chains built with either algorithm but MAY create ARC sets with either (or both) algorithm. The introductory period should be at least six (6) months. @@ -173,120 +190,37 @@ 9. Security Considerations No new security considerations are introduced by this specification beyond those of the base [ARC-DRAFT-11] protocol. 10. References 10.1. Normative References - [RFC1345] Simonsen, K., "Character Mnemonics and Character Sets", - RFC 1345, DOI 10.17487/RFC1345, June 1992, - . - [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . - [RFC2142] Crocker, D., "Mailbox Names for Common Services, Roles and - Functions", RFC 2142, DOI 10.17487/RFC2142, May 1997, - . - - [RFC2606] Eastlake 3rd, D. and A. Panitz, "Reserved Top Level DNS - Names", BCP 32, RFC 2606, DOI 10.17487/RFC2606, June 1999, - . - - [RFC3463] Vaudreuil, G., "Enhanced Mail System Status Codes", - RFC 3463, DOI 10.17487/RFC3463, January 2003, - . - - [RFC4686] Fenton, J., "Analysis of Threats Motivating DomainKeys - Identified Mail (DKIM)", RFC 4686, DOI 10.17487/RFC4686, - September 2006, . - - [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an - IANA Considerations Section in RFCs", RFC 5226, - DOI 10.17487/RFC5226, May 2008, - . - - [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax - Specifications: ABNF", STD 68, RFC 5234, - DOI 10.17487/RFC5234, January 2008, - . - - [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, - DOI 10.17487/RFC5321, October 2008, - . - - [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, - DOI 10.17487/RFC5322, October 2008, - . - - [RFC5585] Hansen, T., Crocker, D., and P. Hallam-Baker, "DomainKeys - Identified Mail (DKIM) Service Overview", RFC 5585, - DOI 10.17487/RFC5585, July 2009, - . - [RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598, DOI 10.17487/RFC5598, July 2009, . - [RFC5863] Hansen, T., Siegel, E., Hallam-Baker, P., and D. Crocker, - "DomainKeys Identified Mail (DKIM) Development, - Deployment, and Operations", RFC 5863, - DOI 10.17487/RFC5863, May 2010, - . - - [RFC6376] Crocker, D., Ed., Hansen, T., Ed., and M. Kucherawy, Ed., - "DomainKeys Identified Mail (DKIM) Signatures", STD 76, - RFC 6376, DOI 10.17487/RFC6376, September 2011, - . - - [RFC6377] Kucherawy, M., "DomainKeys Identified Mail (DKIM) and - Mailing Lists", BCP 167, RFC 6377, DOI 10.17487/RFC6377, - September 2011, . - - [RFC6651] Kucherawy, M., "Extensions to DomainKeys Identified Mail - (DKIM) for Failure Reporting", RFC 6651, - DOI 10.17487/RFC6651, June 2012, - . - - [RFC7208] Kitterman, S., "Sender Policy Framework (SPF) for - Authorizing Use of Domains in Email, Version 1", RFC 7208, - DOI 10.17487/RFC7208, April 2014, - . - - [RFC7601] Kucherawy, M., "Message Header Field for Indicating - Message Authentication Status", RFC 7601, - DOI 10.17487/RFC7601, August 2015, - . - 10.2. Informative References [ARC-DRAFT-11] Andersen, K., Long, B., and S. Jones, "Authenticated Received Chain (ARC) Protocol (I-D-11)", n.d., . - [ENHANCED-STATUS] - "IANA SMTP Enhanced Status Codes", n.d., - . - - [RFC6982] Sheffer, Y. and A. Farrel, "Improving Awareness of Running - Code: The Implementation Status Section", RFC 6982, - DOI 10.17487/RFC6982, July 2013, - . - [RFC7489] Kucherawy, M., Ed. and E. Zwicky, Ed., "Domain-based Message Authentication, Reporting, and Conformance (DMARC)", RFC 7489, DOI 10.17487/RFC7489, March 2015, . [RFC7960] Martin, F., Ed., Lear, E., Ed., Draegen. Ed., T., Zwicky, E., Ed., and K. Andersen, Ed., "Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows", RFC 7960, DOI 10.17487/RFC7960, September 2016, @@ -314,21 +248,22 @@ LinkedIn 1000 West Maude Ave Sunnyvale, California 94085 US Email: kurta@linkedin.com Seth Blank (editor) ValiMail Montgomery - San Francisco + San Francisco, California US Email: seth@valimail.com + John Levine (editor) Taughannock Networks PO Box 727 - Trumansburg + Trumansburg, New York US Email: standards@taugh.com