| draft-ietf-dmarc-eaiauth-04.txt | draft-ietf-dmarc-eaiauth-05.txt | |||
|---|---|---|---|---|
| Network Working Group J. Levine | Network Working Group J. Levine | |||
| Internet-Draft Taughannock Networks | Internet-Draft Taughannock Networks | |||
| Updates: 6376, 7208, 7489 (if approved) March 25, 2019 | Updates: 6376, 7208, 7489 (if approved) April 5, 2019 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: September 26, 2019 | Expires: October 7, 2019 | |||
| E-mail Authentication for Internationalized Mail | E-mail Authentication for Internationalized Mail | |||
| draft-ietf-dmarc-eaiauth-04 | draft-ietf-dmarc-eaiauth-05 | |||
| Abstract | Abstract | |||
| SPF (RFC7208), DKIM (RFC6376), and DMARC (RFC7489) enable a domain | SPF (RFC7208), DKIM (RFC6376), and DMARC (RFC7489) enable a domain | |||
| owner to publish e-mail authentication and policy information in the | owner to publish e-mail authentication and policy information in the | |||
| DNS. In internationalized e-mail, domain names can occur both as | DNS. In internationalized e-mail, domain names can occur both as | |||
| U-labels and A-labels. This specification updates the SPF, DKIM, and | U-labels and A-labels. This specification updates the SPF, DKIM, and | |||
| DMARC specifications to clarify which form of internationalized | DMARC specifications to clarify which form of internationalized | |||
| domain names to use in those specifications. | domain names to use in those specifications. | |||
| skipping to change at page 1, line 36 ¶ | skipping to change at page 1, line 36 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 26, 2019. | This Internet-Draft will expire on October 7, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 39 ¶ | skipping to change at page 2, line 39 ¶ | |||
| the From: header of e-mail messages. | the From: header of e-mail messages. | |||
| In conventional e-mail, all domain names are ASCII in all contexts so | In conventional e-mail, all domain names are ASCII in all contexts so | |||
| there is no question about the representation of the domain names. | there is no question about the representation of the domain names. | |||
| All internationalized domain names are represented as A-labels | All internationalized domain names are represented as A-labels | |||
| [RFC5890] in message headers, in SMTP sessions, and in the DNS. | [RFC5890] in message headers, in SMTP sessions, and in the DNS. | |||
| Internationalized mail [RFC6530] allows U-labels in SMTP sessions | Internationalized mail [RFC6530] allows U-labels in SMTP sessions | |||
| [RFC6531] and in message headers [RFC6532]. | [RFC6531] and in message headers [RFC6532]. | |||
| Every U-label is equivalent to an A-label, so in principle the choice | Every U-label is equivalent to an A-label, so in principle the choice | |||
| of label format should not cause any ambiguities. But in practice, | of label format will not cause ambiguities. But in practice, | |||
| consistent use of label formats will make it more likely that mail | consistent use of label formats will make it more likely that mail | |||
| senders' and receivers' code interoperates. | senders' and receivers' code interoperates. | |||
| Internationalized mail also allows UTF-8 encoded Unicode characters | Internationalized mail also allows UTF-8 encoded Unicode characters | |||
| in the local parts of mailbox names, which were historically only | in the local parts of mailbox names, which were historically only | |||
| ASCII. | ASCII. | |||
| 2. Definitions | 2. Definitions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] and [RFC8174]. when they appear in all capitals, as | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| shown here. | capitals, as shown here. | |||
| The term IDN, for Internationalized Domain Name, refers to a domain | The term IDN, for Internationalized Domain Name, refers to a domain | |||
| name containing either U-labels or A-labels. | name containing either U-labels or A-labels. | |||
| Since DMARC is not currently a standards track protocol, this | Since DMARC is not currently a standards track protocol, this | |||
| specification offers advice rather than requirements for DMARC. | specification offers advice rather than requirements for DMARC. | |||
| 3. General principles | 3. General principles | |||
| In headers in EAI mail messages, domain names that were restricted to | In headers in EAI mail messages, domain names that were restricted to | |||
| skipping to change at page 4, line 30 ¶ | skipping to change at page 4, line 30 ¶ | |||
| UTF8-2 = <Defined in Section 4 of RFC 3629> | UTF8-2 = <Defined in Section 4 of RFC 3629> | |||
| UTF8-3 = <Defined in Section 4 of RFC 3629> | UTF8-3 = <Defined in Section 4 of RFC 3629> | |||
| UTF8-4 = <Defined in Section 4 of RFC 3629> | UTF8-4 = <Defined in Section 4 of RFC 3629> | |||
| Section 3.5 of [RFC6376] states that IDNs in the d=, i=, and s= tags | Section 3.5 of [RFC6376] states that IDNs in the d=, i=, and s= tags | |||
| of a DKIM-Signature header MUST be encoded as A-labels. This rule is | of a DKIM-Signature header MUST be encoded as A-labels. This rule is | |||
| relaxed only for internationalized messages headers [RFC6532] so IDNs | relaxed only for internationalized messages headers [RFC6532] so IDNs | |||
| SHOULD be represented as U-labels but MAY be A-labels. This provides | SHOULD be represented as U-labels. This provides improved | |||
| improved consistency with other headers. The set of allowable | consistency with other headers. (A-labels remain valid to allow a | |||
| characters in the local-part of an i= tag is extended as described in | transition from older software.) The set of allowable characters in | |||
| [RFC6532]. When computing or verifying the hash in a DKIM signature | the local-part of an i= tag is extended in the same fashion as local | |||
| as described in section 3.7, the hash MUST use the domain name in the | parts of e-mail addresses as described in section 3.2 of [RFC6532]. | |||
| format it occurs in the header. | When computing or verifying the hash in a DKIM signature as described | |||
| in section 3.7, the hash MUST use the domain name in the format it | ||||
| occurs in the header. | ||||
| Section 3.4.2 of [RFC6376] describes relaxed header canonicalization. | Section 3.4.2 of [RFC6376] describes relaxed header canonicalization. | |||
| Its first step converts all header field names from upper case to | Its first step converts all header field names from upper case to | |||
| lower case. Field names are restricted to printable ASCII (see | lower case. Field names are restricted to printable ASCII (see | |||
| [RFC5322] section 3.6.8) so this case conversion remains the usual | [RFC5322] section 3.6.8) so this case conversion remains ASCII case | |||
| ASCII conversion. | conversion. | |||
| DKIM key records, described in section 3.6.1, do not contain domain | DKIM key records, described in section 3.6.1, do not contain domain | |||
| names, so there is no change to their specification. | names, so there is no change to their specification. | |||
| 6. DMARC and internationalized mail | 6. DMARC and internationalized mail | |||
| DMARC [RFC7489] defines a policy language that domain owners can | DMARC [RFC7489] defines a policy language that domain owners can | |||
| specify for the domain of the address in a RFC5322.From header. | specify for the domain of the address in a RFC5322.From header. | |||
| Section 6.6.1 specifies, somewhat imprecisely, how IDNs in the | Section 6.6.1 specifies, somewhat imprecisely, how IDNs in the | |||
| RFC5322.From address domain are to be handled. That section is | RFC5322.From address domain are to be handled. That section is | |||
| updated to say that all U-labels in the domain are converted to | updated to say that all U-labels in the domain are converted to | |||
| A-labels before further processing. Sections 6.7 and 7.1 are | A-labels before further processing. Section 7.1 is similarly updated | |||
| similarly updated to say that all U-labels in domains being handled | to say that all U-labels in domains being handled are converted to | |||
| are converted to A-labels before further processing. | A-labels before further processing. | |||
| DMARC policy records, described in sections 6.3 and 7.1, can contain | DMARC policy records, described in sections 6.3 and 7.1, can contain | |||
| e-mail addresses in the rua and ruf tags. Since a policy record can | e-mail addresses in the rua and ruf tags. Since a policy record can | |||
| be used for both internationalized and conventional mail, those | be used for both internationalized and conventional mail, those | |||
| addresses still have to be conventional addresses, not | addresses still have to be conventional addresses, not | |||
| internationalized addresses. | internationalized addresses. | |||
| 7. IANA Considerations | 7. IANA Considerations | |||
| This document makes no request of IANA. | This document makes no request of IANA. | |||
| skipping to change at page 6, line 43 ¶ | skipping to change at page 6, line 43 ¶ | |||
| Message Authentication, Reporting, and Conformance | Message Authentication, Reporting, and Conformance | |||
| (DMARC)", RFC 7489, DOI 10.17487/RFC7489, March 2015, | (DMARC)", RFC 7489, DOI 10.17487/RFC7489, March 2015, | |||
| <https://www.rfc-editor.org/info/rfc7489>. | <https://www.rfc-editor.org/info/rfc7489>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| Appendix A. Change history | Appendix A. Change history | |||
| 04 to 05 editorial nits | ||||
| 03 to 04 remove dangling A-R reference, add more i18nish and | 03 to 04 remove dangling A-R reference, add more i18nish and | |||
| security goodness | security goodness | |||
| 02 to 03 minor edits per Alexey | 02 to 03 minor edits per Alexey | |||
| 01 to 02 update references | 01 to 02 update references | |||
| 00 to 01 Relaxed canon, Typos | 00 to 01 Relaxed canon, Typos | |||
| 00 First WG version | 00 First WG version | |||
| Author's Address | Author's Address | |||
| John Levine | John Levine | |||
| Taughannock Networks | Taughannock Networks | |||
| PO Box 727 | PO Box 727 | |||
| Trumansburg, NY 14886 | Trumansburg, NY 14886 | |||
| Email: standards@taugh.com | Email: standards@taugh.com | |||
| End of changes. 11 change blocks. | ||||
| 19 lines changed or deleted | 22 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||