ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-smtp] "for" and Deliever-to: (draft-crocker-email-deliveredto))

2021-08-18 14:20:46
from [John C Klensin] [Permanent Link] 
Ned,

Thanks.  Comment on an otherwise-trimmed message with which I
completely agree although the additional information was
interesting and, IMO, helpful:


--On Wednesday, August 18, 2021 07:57 -0700 Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:


...
There's another security issue lurking in all this: If the
system inserts a "for" clause when there's only one recipient,
and doesn't when there are more than one, the absence of the
field is itself an indication that there's another recipient,
which may allow someone to infer a Bcc: is involved.


Yes.  That had not occurred to me and it may be yet another
argument for MUAs simply generating two (or more) message copies
where BCCs are involved.    Doing that would take the transport
system out of the business of needing any of these heuristics,
at least to protect information about BCCs or their existence.
 

Note that this last consideration applies to any field whose
generation is conditional on there being only one recipient,


Yep.


... 

If "for" should be clarified, let's do it in a document that
is separate from "Delivered-To".  This feels like proper
scope for 5321bis, and not a document specifying the
"Delivered-To" field.



Agree completely.  My working hypothesis is that
5321bis/5322bis are ok but that a variations of your
explanation above might be useful in the A/S.  If you (or
anyone else) think something is needed, please go to
EMAILCORE and open a ticket.  I brought "for" up in my note
only because it is an element of the "what is an additional
header field needed for and what are the semantics of its
content" question.

 

I think a statement to the effect that the value of the for
clause must contain one of the addresses that caused the
message to be routed to the recipient of this message copy.
Discussion of which value to use - if we want to go there - is
an AS matter.


Sounds about right.


And while the security issue I pointed out may be a bit
obscure - although I have used it myself on several occasions
- I thkn it needs to be mentioned.


Wfm.

See note just posted to the emailcore list.

best,
    john


_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-smtp] "for" and Deliever-to: (draft-crocker-email-deliveredto)), Ned Freed
Next by Date:  Re: [ietf-smtp] Experimental (was: Re: homework, not an experiment, draft-crocker-email-deliveredto), Jeremy Harris
Previous by Thread:  Re: [ietf-smtp] "for" and Deliever-to: (draft-crocker-email-deliveredto)), Ned Freed
Next by Thread:  Re: [ietf-smtp] Experimental (was: Re: homework, not an experiment, draft-crocker-email-deliveredto), Murray S. Kucherawy
Indexes:  [Date] [Thread] [Top] [All Lists]