DKIM Working Group H. Santos Internet-Draft Santronics Software, Inc. Intended status: Experimental April 23, 2006 Expires: October 25, 2006 Partial DKIM Verifier Support using a DKIM-Received Trace Header draft-santos-dkim-rcvd-00 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on October 25, 2006. Copyright Notice Copyright (C) The Internet Society (2006). Abstract A proposal offering partial DKIM verification support to help resolve premature DKIM signature expiration and key revocation related problems associated with time shifted DKIM verifier applications. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this Santos Expires October 25, 2006 [Page 1] Internet-Draft DKIM-Received April 2006 document are to be interpreted as described in RFC 2119 [RFC2119]. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Background/Problem . . . . . . . . . . . . . . . . . . . . . . 3 3. Solution Summary: Partial Verifier Support . . . . . . . . . . 5 4. How it works? . . . . . . . . . . . . . . . . . . . . . . . . . 6 5. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 9. Normative References . . . . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 8 Intellectual Property and Copyright Statements . . . . . . . . . . 9 Santos Expires October 25, 2006 [Page 2] Internet-Draft DKIM-Received April 2006 1. Introduction DKIM [DKIM-BASE] (Domain Keys Identified Message) has a potential premature signature expiration timing issue related to when DKIM verifiers receive a message and when domain signature expire and/or when public keys are revoked. The problem is highlighted when the DKIM verifiers is outside the SMTP transport such as MUAs and the backend software (MDA) does not support DKIM. This document offers a proposal and solution to the problem whereby a MDA can offer partial DKIM verification support by adding a new trace header called DKIM-Received recording the DKIM domain DNS public key information before it expired or is revoked. 2. Background/Problem Some where along the email transport topology path when sending mail between point A and point B, we have DKIM signer(s) and DKIM verifier(s). This generalized commonly understood email topology can be illustrated in the following diagram: -------------- -------------- MUA --> | MSA--->MTA | -----> | MDA--->MFA | ---> MUA -------------- -------------- \____________________/ \_____________________/ DKIM SIGNER DKIM VERIFIER Figure 1: Typical Mail Flow Topology The DKIM signer may be the MUA sending the message to the MSA or within a MSA/MTA network signing messages on behalf of the MUA. The DKIM verifier may be located at the MDA, MFA or recipient MUA. The MFA (Mail Filtering Agent) is a new acronym describing a relatively recent industry direction and practice to include anti- virus/spam (AVS) mail filtering processes within the MDA network. The MFA could be a SIEVE process, SPAM-ASSASSIN or some non-standard proprietary Rule Based Messaging (RBM) scripting engine. The MFA is any process that is outside the SMTP transport process after the message is accepted by the MDA and before it is stored in the recipient MUA user's mail box. This provides us with three possible verification delays, t1, t2, and t3, which can promote premature signature expiration or key revocation timing issues depending on where the DKIM verifier is located: Santos Expires October 25, 2006 [Page 3] Internet-Draft DKIM-Received April 2006 -------------- ----------------- MUA --> | MSA--->MTA | --t1--> | MDA--t2-->MFA | --t3--> MUA -------------- ----------------- Figure 2: Typical Mail Flow Topology with Delays The latter two are time shifted applications because message validation is belated or delayed. The t1 delay is the SMTP transport time from MTA to MDA. SMTP has a recommended limit of 4-5 days for a SMTP sending/retry strategy [RFC 2821 section 4.5.4.1] [RFC2821]. DKIM has a recommended seven (7) day retention limit. So for t1, there would be a low occurrence of premature signature expiration problems at the MDA. The DKIM recommendation of seven days is sufficient and covers the SMTP 4-5 day retry limit recommendation. However, premature expiration potential increases once the MDA accepts the message and verification may occur at the MFA or MUA. The length of the MFA delay (t2) is directly proportional to the volume of mail being received (high volume system), and the higher the volume, scalarability operational considerations will typically mandate that the DKIM verification process begin after the message is accepted. The length of the MUA delay (t3) is directly proportional to the MUA ergonomics and user behavior in regards to frequency of mail pickup or frequency of user logins in order to download, read or received new mail. In short, the potential of premature DKIM expiration problems increase as the verification process is time shifted beyond MDA applications. To help resolve this, one possible idea is allow the MFA and MUA to use the time stamp recorded at the MDA as required by the all SMTP receivers when adding the Received: trace header [RFC 2821 section 4.4] [RFC2821]. This time stamp may be called the Transaction Reception Time (TRT) because it represents the time the MDA first received the transaction from the MTA. If the MFA and MUA use the TRT as part of the DKIM expiration checks, the problems related to signature expirations are eliminated. However, while using the TRT may help resolve MFA and MUA timing issues, there is still the possibility of a DKIM public key being revoked or removed from DNS. Santos Expires October 25, 2006 [Page 4] Internet-Draft DKIM-Received April 2006 To help resolve this problem, a new idea called "Partial Verifier DKIM support" may be used by MDA verifiers to help resolve both expiration or keys revocation problems potentially occurring at the MFA and much greater potential at the MUA. 3. Solution Summary: Partial Verifier Support In practice, it is conceivable for DKIM implementations to operate in a partial or full verifier support mode.. Partial Verifier support may include early adopters migrating towards full support and wanting to assist independent Full Verifier support processes, such as MFAs and MUAs, while the backend is being upgraded for full DKIM support. Partial (including full) verifier support would begin with the simple addition of adding public key information in the new message RFC2822 [RFC2822] header called DKIM-Received: DKIM-Received: rt=; # Current time msg was received. sd=; # Selector DNS record Data. [vt=;] # Current time msg was validated. Figure 3: DKIM-Received: Header If available, this header allows for time shifted full verifiers to obtain message state information that might be missing at a future moment of time to correctly validate a DKIM signature. Semantics: o Partial Verifiers MUST add DKIM-Received header. o Full Verifiers MAY add DKIM-Received header. o The sd= tag MUST include the p=data tag. It MAY include other or all tags in record. However, all that is required is the public- key (p=data). o The optional vt= tag is added by FULL verifiers only. o DKIM-timestamps are in a format deemed acceptable by the DKIM protocol (i.e., easy extraction, easy parsing, Y2K compliant). Santos Expires October 25, 2006 [Page 5] Internet-Draft DKIM-Received April 2006 4. How it works? As an organization is migrating to full DKIM support, it may decide to add partial verification support by performing the following steps: 1. If a incoming message has a DKIM-Signature, obtain the selector and domain from the s= and d= tag respectively. 2. Obtain the public key by performing DKIM DNS query on selector._domainkey.. 3. Create and prepend the DKIM-Received: header setting the rt= received time and the sd= tag with the public key data. The DKIM-Received MUST be written before the SMTP required Received: Header is written. The full verifier MAY support DKIM-Received: If the full verifiers attempts to validate the signature, it MAY add the vt= verification time stamp tag. Adding the vt= tag to the DKIM-Received MUST NOT be viewed by MFA or MUAs as an indication of success or failure. It merely indicates that a verification was performed. MFA and MUAs MAY support the DKIM-Received: header and if supported, it MAY use the public key information to validate the signature. The recommended steps are: 1. If the DKIM-Signature: has a x= expiration tag, check for a DKIM- Received: header and use the rt= received time stamp for time comparison. 2. If no x= expiration is available, begin the DKIM verification by obtaining the public key from DNS. 3. If no public key is available, it MAY verify the signature by using the public key (sd=) recorded in the DKIM-Received: header, if any. 5. Example The following example shows what a MDA would add to the incoming message: Santos Expires October 25, 2006 [Page 6] Internet-Draft DKIM-Received April 2006 Example 5.1 Received: from sb10.example.com ([202.134.19.231]) by winserver.com (Wildcat! SMTP v6.1.451.7) with ESMTP id 2671734859; Sat, 22 Apr 2006 12:28:31 -0400 DKIM-Received: rt=1145722498; sd=p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALRW7ct LniHlMlENXl0cW98CU9LqiI2vk0Dy42Wmg7jzJk/Phf1QHu 8ykUG8BMCagx7nPCWmT51FeqgmCqrb4475jZmNVg6TR4NQ9; 6. IANA Considerations This document makes no request of IANA. Note to RFC Editor: this section may be removed on publication as an RFC. 7. Security Considerations Other than not enforcing the key revocation concept. i.e. verification is still possible after the domain's public key is revoked, there are no security concerns currently envision with this proposal at this time. 8. Acknowledgements Discussions related to signature expiration and key revocation timing problems in the IETF-DKIM Working Group among many participants lead to the development of this proposed solution. 9. Normative References [DKIM-BASE] Allman, E., "DomainKeys Identified Mail Signatures", April 2006, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2821] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, April 2001. Santos Expires October 25, 2006 [Page 7] Internet-Draft DKIM-Received April 2006 [RFC2822] Resnick, P., "Internet Message Format", RFC 2822, April 2001. Author's Address Hector Santos Santronics Software, Inc. 15600 SW 158 ST Suite #306 Homestead, Florida, FL 33033 United States of America Email: hsantos@isdg.net URI: http://www.isdg.net Santos Expires October 25, 2006 [Page 8] Internet-Draft DKIM-Received April 2006 Full Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Santos Expires October 25, 2006 [Page 9]