draft-ietf-appsawg-rfc7001bis-09.txt   draft-ietf-appsawg-rfc7001bis-10.txt 
Individual submission M. Kucherawy Individual submission M. Kucherawy
Internet-Draft May 11, 2015 Internet-Draft June 3, 2015
Obsoletes: 7001, 7410 Obsoletes: 7001, 7410
(if approved) (if approved)
Intended status: Standards Track Intended status: Standards Track
Expires: November 12, 2015 Expires: December 5, 2015
Message Header Field for Indicating Message Authentication Status Message Header Field for Indicating Message Authentication Status
draft-ietf-appsawg-rfc7001bis-09 draft-ietf-appsawg-rfc7001bis-10
Abstract Abstract
This document specifies a message header field called Authentication- This document specifies a message header field called Authentication-
Results for use with electronic mail messages to indicate the results Results for use with electronic mail messages to indicate the results
of message authentication efforts. Any receiver-side software, such of message authentication efforts. Any receiver-side software, such
as mail filters or Mail User Agents (MUAs), can use this header field as mail filters or Mail User Agents (MUAs), can use this header field
to relay that information in a convenient and meaningful way to users to relay that information in a convenient and meaningful way to users
or to make sorting and filtering decisions. or to make sorting and filtering decisions.
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 12, 2015. This Internet-Draft will expire on December 5, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 7 skipping to change at page 3, line 7
6.4. "Email Authentication Property Types" Registry . . . . . . 30 6.4. "Email Authentication Property Types" Registry . . . . . . 30
6.5. "Email Authentication Result Names" Description . . . . . 31 6.5. "Email Authentication Result Names" Description . . . . . 31
6.6. "Email Authentication Result Names" Update . . . . . . . . 32 6.6. "Email Authentication Result Names" Update . . . . . . . . 32
6.7. SMTP Enhanced Status Codes . . . . . . . . . . . . . . . . 33 6.7. SMTP Enhanced Status Codes . . . . . . . . . . . . . . . . 33
7. Security Considerations . . . . . . . . . . . . . . . . . . . 33 7. Security Considerations . . . . . . . . . . . . . . . . . . . 33
7.1. Forged Header Fields . . . . . . . . . . . . . . . . . . . 33 7.1. Forged Header Fields . . . . . . . . . . . . . . . . . . . 33
7.2. Misleading Results . . . . . . . . . . . . . . . . . . . . 35 7.2. Misleading Results . . . . . . . . . . . . . . . . . . . . 35
7.3. Header Field Position . . . . . . . . . . . . . . . . . . 35 7.3. Header Field Position . . . . . . . . . . . . . . . . . . 35
7.4. Reverse IP Query Denial-of-Service Attacks . . . . . . . . 35 7.4. Reverse IP Query Denial-of-Service Attacks . . . . . . . . 35
7.5. Mitigation of Backscatter . . . . . . . . . . . . . . . . 35 7.5. Mitigation of Backscatter . . . . . . . . . . . . . . . . 35
7.6. Internal MTA Lists . . . . . . . . . . . . . . . . . . . . 35 7.6. Internal MTA Lists . . . . . . . . . . . . . . . . . . . . 36
7.7. Attacks against Authentication Methods . . . . . . . . . . 36 7.7. Attacks against Authentication Methods . . . . . . . . . . 36
7.8. Intentionally Malformed Header Fields . . . . . . . . . . 36 7.8. Intentionally Malformed Header Fields . . . . . . . . . . 36
7.9. Compromised Internal Hosts . . . . . . . . . . . . . . . . 36 7.9. Compromised Internal Hosts . . . . . . . . . . . . . . . . 36
7.10. Encapsulated Instances . . . . . . . . . . . . . . . . . . 36 7.10. Encapsulated Instances . . . . . . . . . . . . . . . . . . 36
7.11. Reverse Mapping . . . . . . . . . . . . . . . . . . . . . 37 7.11. Reverse Mapping . . . . . . . . . . . . . . . . . . . . . 37
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 37 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 37
8.1. Normative References . . . . . . . . . . . . . . . . . . . 37 8.1. Normative References . . . . . . . . . . . . . . . . . . . 37
8.2. Informative References . . . . . . . . . . . . . . . . . . 37 8.2. Informative References . . . . . . . . . . . . . . . . . . 38
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 40 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 40
Appendix B. Legacy MUAs . . . . . . . . . . . . . . . . . . . . . 40 Appendix B. Legacy MUAs . . . . . . . . . . . . . . . . . . . . . 40
Appendix C. Authentication-Results Examples . . . . . . . . . . . 40 Appendix C. Authentication-Results Examples . . . . . . . . . . . 40
C.1. Trivial Case; Header Field Not Present . . . . . . . . . . 41 C.1. Trivial Case; Header Field Not Present . . . . . . . . . . 41
C.2. Nearly Trivial Case; Service Provided, but No C.2. Nearly Trivial Case; Service Provided, but No
Authentication Done . . . . . . . . . . . . . . . . . . . 41 Authentication Done . . . . . . . . . . . . . . . . . . . 41
C.3. Service Provided, Authentication Done . . . . . . . . . . 42 C.3. Service Provided, Authentication Done . . . . . . . . . . 42
C.4. Service Provided, Several Authentications Done, Single C.4. Service Provided, Several Authentications Done, Single
MTA . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 MTA . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
C.5. Service Provided, Several Authentications Done, C.5. Service Provided, Several Authentications Done,
skipping to change at page 32, line 46 skipping to change at page 32, line 46
spf: [this document] Section 2.7.2 spf: [this document] Section 2.7.2
sender-id: [this document] Section 2.7.2 sender-id: [this document] Section 2.7.2
auth: [this document] Section 2.7.4 auth: [this document] Section 2.7.4
iprev: [this document] Section 2.7.3 iprev: [this document] Section 2.7.3
o All entries for "dkim-adsp" that are missing an explicit reference o All entries for "dkim-adsp" that are missing an explicit reference
to a defining document shall have [ADSP] added to their to a defining document shall have [ADSP] added to their
Specification fields. "Specification" fields.
o All entries for "dmarc" shall have their "Specification" fields
changed to reference Secton 11.2 of [DMARC].
o All entries for "dkim-adsp" and "domainkeys" shall have their o All entries for "dkim-adsp" and "domainkeys" shall have their
Status values changed to "deprecated", reflecting the fact that Status values changed to "deprecated", reflecting the fact that
the corresponding specifications now have Historical status. the corresponding specifications now have Historical status.
Their "Specification" fields shall also be modified to include a Their "Specification" fields shall also be modified to include a
reference to this document. reference to this document.
6.7. SMTP Enhanced Status Codes 6.7. SMTP Enhanced Status Codes
The entry for X.7.25 in the Enumerated Status Codes sub-registry of The entry for X.7.25 in the Enumerated Status Codes sub-registry of
 End of changes. 7 change blocks. 
7 lines changed or deleted 10 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/