Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Scott Kitterman
On August 9, 2023 3:15:36 AM UTC, Jesse Thompson wrote: >On Tue, Aug 8, 2023, at 6:37 AM, Scott Kitterman wrote: >> On August 8, 2023 10:18:58 AM UTC, Laura Atkins >> wrote: >> >> On 6 Aug 2023, at 19:07, Jesse Thompson wrote: >> >> >> >> On Sat, Aug 5, 2023, at 6:50 AM, Laura Atkins wrote:

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Murray S. Kucherawy
On Tue, Aug 8, 2023 at 8:21 PM Jesse Thompson wrote: > > As you cited, RFC 5322 describes three ways that the "Bcc" field is > typically used. You're talking about just one of those, and I'm not sure > it's the most common one. In any case, I suggest that "should" is a bit of > a leap, especial

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Jesse Thompson
On Tue, Aug 8, 2023, at 5:18 AM, Laura Atkins wrote: >> On 6 Aug 2023, at 19:07, Jesse Thompson wrote: >> >> On Sat, Aug 5, 2023, at 6:50 AM, Laura Atkins wrote: On 5 Aug 2023, at 02:43, Jesse Thompson wrote: On Thu, Aug 3, 2023, at 11:08 AM, Laura Atkins wrote: > I agree wit

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Jesse Thompson
On Tue, Aug 8, 2023, at 12:55 AM, Murray S. Kucherawy wrote: > On Mon, Aug 7, 2023 at 9:23 PM Jesse Thompson wrote: >> __On Mon, Aug 7, 2023, at 10:54 PM, Murray S. Kucherawy wrote: >>> On Mon, Aug 7, 2023 at 8:00 PM Emanuel Schorsch >>> wrote: If there are not that many BCC recipients for

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Jesse Thompson
On Tue, Aug 8, 2023, at 6:37 AM, Scott Kitterman wrote: > On August 8, 2023 10:18:58 AM UTC, Laura Atkins > wrote: > >> On 6 Aug 2023, at 19:07, Jesse Thompson wrote: > >> > >> On Sat, Aug 5, 2023, at 6:50 AM, Laura Atkins wrote: > On 5 Aug 2023, at 02:43, Jesse Thompson

Re: [Ietf-dkim] draft-ietf-dkim-replay-problem comments

2023-08-08 Thread Murray S. Kucherawy
On Tue, Aug 8, 2023 at 9:25 AM Alessandro Vesely wrote: > On Tue 08/Aug/2023 14:47:37 + Murray S. Kucherawy wrote: > > On Tue, Aug 8, 2023 at 7:17 AM Scott Kitterman > wrote: > > > >> That's true of all indirect mail flows. It's not a distinguishing > feature > >> of the attack. > > > > Qui

Re: [Ietf-dkim] draft-ietf-dkim-replay-problem comments

2023-08-08 Thread Alessandro Vesely
On Tue 08/Aug/2023 14:47:37 + Murray S. Kucherawy wrote: On Tue, Aug 8, 2023 at 7:17 AM Scott Kitterman wrote: That's true of all indirect mail flows. It's not a distinguishing feature of the attack. Quite right, making this harder to pin down. But, to Alessandro's point, I do think th

Re: [Ietf-dkim] draft-ietf-dkim-replay-problem comments

2023-08-08 Thread Murray S. Kucherawy
On Tue, Aug 8, 2023 at 7:17 AM Scott Kitterman wrote: > That's true of all indirect mail flows. It's not a distinguishing feature > of the attack. > Quite right, making this harder to pin down. But, to Alessandro's point, I do think the description in the document is accurate. -MSK __

Re: [Ietf-dkim] draft-ietf-dkim-replay-problem comments

2023-08-08 Thread Scott Kitterman
On August 8, 2023 2:08:05 PM UTC, "Murray S. Kucherawy" wrote: >On Tue, Aug 8, 2023 at 2:16 AM Alessandro Vesely wrote: > >> On Mon 07/Aug/2023 23:52:02 + Scott Kitterman wrote: >> > On Monday, August 7, 2023 7:47:47 PM EDT Murray S. Kucherawy wrote: >> >> >> >> I think the document does d

Re: [Ietf-dkim] draft-ietf-dkim-replay-problem comments

2023-08-08 Thread Murray S. Kucherawy
On Tue, Aug 8, 2023 at 2:16 AM Alessandro Vesely wrote: > On Mon 07/Aug/2023 23:52:02 + Scott Kitterman wrote: > > On Monday, August 7, 2023 7:47:47 PM EDT Murray S. Kucherawy wrote: > >> > >> I think the document does describe the attack. An instance of the > attack > >> is when a replayed

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Scott Kitterman
On August 8, 2023 10:18:58 AM UTC, Laura Atkins wrote: > > >> On 6 Aug 2023, at 19:07, Jesse Thompson wrote: >> >> On Sat, Aug 5, 2023, at 6:50 AM, Laura Atkins wrote: On 5 Aug 2023, at 02:43, Jesse Thompson >>> > wrote: On Thu, Aug 3, 2023, at 11:08 A

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

2023-08-08 Thread Laura Atkins
> On 6 Aug 2023, at 19:07, Jesse Thompson wrote: > > On Sat, Aug 5, 2023, at 6:50 AM, Laura Atkins wrote: >>> On 5 Aug 2023, at 02:43, Jesse Thompson >> > wrote: >>> >>> On Thu, Aug 3, 2023, at 11:08 AM, Laura Atkins wrote: I agree with this and have been working

Re: [Ietf-dkim] draft-ietf-dkim-replay-problem comments

2023-08-08 Thread Alessandro Vesely
On Mon 07/Aug/2023 23:52:02 + Scott Kitterman wrote: On Monday, August 7, 2023 7:47:47 PM EDT Murray S. Kucherawy wrote: I think the document does describe the attack. An instance of the attack is when a replayed message lands someplace it wasn't originally intended to land, assuming norma