IETF Logo Mail Archive

Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd

Tim Wicinski <tjw.ietf@gmail.com> Mon, 11 November 2019 21:35 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AED10120130 for <dmarc@ietfa.amsl.com>; Mon, 11 Nov 2019 13:35:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BCyWsvHK6-1c for <dmarc@ietfa.amsl.com>; Mon, 11 Nov 2019 13:35:23 -0800 (PST)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF698120018 for <dmarc@ietf.org>; Mon, 11 Nov 2019 13:35:23 -0800 (PST)
Received: by mail-ot1-x32e.google.com with SMTP id d5so12529346otp.4 for <dmarc@ietf.org>; Mon, 11 Nov 2019 13:35:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=erVFAF+lC2a1rvRE4+fBxHt93bU5wYw5zz1jtJ1LwAA=; b=j2JLhiB4Z6ZHK3ew/k7YIgiq8wCYfb0sJ5UzYcB8s3tVuVo5LzjRBb3R7P9eFdPq3v r4/MzxRScgKc4UN/8KPeFvAezdtLHeTUa3Ss/HRMPVftwVMTXfzBAwowEyeoqyU897pK +dAUmXCrltWRV7P2MSwGrEqmO0NtlLKtfNFV9DsZ23ZTH8V1tfnd3pueiF3SeMp6wn4f vGZCNDVEM9cDeXLzDqEimOd/p13F2AakDkJ/eSMdZFrrK4QFDUozQ/yAclamJZGdPOND Zm/WrtRxL89sf4D9+5zPzNIg9SShzHTea/0utT80k3QKkZUC3QLcqWE3MnClTZ1Uj0ZX iiQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=erVFAF+lC2a1rvRE4+fBxHt93bU5wYw5zz1jtJ1LwAA=; b=PH1qW/3hlLBYEUb3oPGaoZQyHaBUUDgNBmYndLKYjgErcP9aIEsyhTJMvomBo0vQBw O3JXgNMmVUjfIV83FCQaiPY9eU7vY/aFRfkmhohLowx1AcxssHN0CmukXZ/R5ftYKawd UmYEKAbo2MucENLSIvIH9/GD0bhoblgaHFmIHVoxLdos/EecYKP9hYDGI8JP8v4G2tWS yRJU4wjFccnUuRY5yWJn04YpnO84E0rC58ytYKxhEQ61qPKl/aVQOK9T+Rm8+8qTnwA8 gKm579tIFScvMZX/geWikCip12X3iAJjITeFVO0IjUyTlCa480FthPsc8VBH/FHrs/Rq wzLQ==
X-Gm-Message-State: APjAAAWX7Q5oFUZUSlIG+2j3jHXteAiId20+yfGjshli1jJ4XFEJshY3 MZAMVxnS46uqFc49lpikWwgiZBFZn8s58HWV9Z0=
X-Google-Smtp-Source: APXvYqy8UF6hGmIoqMCoLlCf7ZX8Rw5skmbgI+CDgn+l//2KBAIF7oQo+oKNsAX/yrx420BSGjmVFzrGbWLOFdY2A6Y=
X-Received: by 2002:a9d:bb6:: with SMTP id 51mr23874409oth.158.1573508123000; Mon, 11 Nov 2019 13:35:23 -0800 (PST)
MIME-Version: 1.0
References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <CAL0qLwacbAT04tckpPcRcnOt=1QByOBeJ7uDf6rNK6NRwtxZYg@mail.gmail.com> <ffa2bf72-3024-237b-86ae-9cc04babeec6@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <CAL0qLwbp2hNrgF_xxhKRRODQ6HP=U5_K-r3Wtm1wJZOZcKup3g@mail.gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <CADyWQ+GSP0K=Ci22ouE6AvdqCDGgUAg3jZHBOg3EwCmw=QG84A@mail.gmail.com> <CABuGu1obn55Y2=CuEYRYCEO3TYYNhYTsdkesQ67O61jRyfO=wA@mail.gmail.com> <59947cf1-1851-af56-536e-f78530e79dd2@tana.it> <CABuGu1rsaFojGL4P8i3116DEo6gh6LY87ti9ayZLfdC+z0AY9w@mail.gmail.com> <d5b342c9-bfa4-54a7-8576-fcc48a120e14@tana.it>
In-Reply-To: <d5b342c9-bfa4-54a7-8576-fcc48a120e14@tana.it>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Mon, 11 Nov 2019 16:35:12 -0500
Message-ID: <CADyWQ+Houc21vE5Hu8nVeEMQw_u0VxD=taVJcqgwk9NObrduzw@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: "Kurt Andersen (b)" <kboth@drkurt.com>, "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b902b2059718e851"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/-jF0f8GFZipgJFoPDKSG7ppiIz0>
Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Nov 2019 21:35:26 -0000

>
> If it were possible to infer OD from some kind of DNS record (or from RDAP
> responses, for another way) then we'd have a tool alternative to the PSL.
> That
> proves that the concept of OD is independent of the PSL, doesn'it?
>

Over in DNSOP we're been working with the authors on this Related Domains
draft

https://datatracker.ietf.org/doc/draft-brotman-rdbd/

which defines a mechanism where two domains can state they are related, or
not related via DNS records.
What one wishes to use this information is left to them.

It would be great to get y'all giving feedback

Tim


On Mon, Nov 11, 2019 at 3:43 PM Alessandro Vesely <vesely@tana.it> wrote:

> On Mon 11/Nov/2019 19:31:52 +0100 Kurt Andersen (b) wrote:
> > On Mon, Nov 11, 2019 at 9:50 AM Alessandro Vesely <vesely@tana.it>
> wrote:
> >
> >> For various reasons, large organizations administer many apparently
> >> unrelated domains.  For example, _dmarc.youtube.com has a rua mailto
> >> ending in @google.com.  We cannot infer an OD from that, but I think
> the
> >> concept is clear.>>
> >
> > I don't think this has anything to do with the PSD proposal either. Why
> do
> > you bring it up?
>
>
> If it were possible to infer OD from some kind of DNS record (or from RDAP
> responses, for another way) then we'd have a tool alternative to the PSL.
> That
> proves that the concept of OD is independent of the PSL, doesn'it?
>
>
> >>> As to the proposed "let's run this as an experiment pending DMARCbis",
> >>> I don't see how that satisfies Dave's concern about creating new work
> >>> for receivers in order to help a small set of domain (realm) owners.
> I'm
> >>> not opposed to it, but I just don't see how this solves the issue.>>
> >> Isn't that an ICANN problem?  For the time being, dig _dmarc.bank txt
> >> returns an empty NOERROR response, while _dmarc.gov.uk returns a valid
> >> record. The latter is a Nominet, already solved problem, AFAICS.>>
> >
> > If it was a solved problem, then we would not need a PSD (or realm) I-D
> and
> > this whole discussion would be moot. What ICANN does and does not allow
> is
> > out of scope for the IETF/protocol work (though I do acknowledge that
> ICANN
> > may consider protocol factors when making decisions - or I would hope
> that
> > they would).
>
>
> Oh, you meant the receivers burden of an extra lookup?  Sorry, I though it
> was
> about the need for each OD to opt out by defining its own DMARC record,
> lest
> have reports delivered to the realm.  In the latter sense, Nominet solved
> the
> problem of what rights has gov.uk on domains below it.
>
>
> Best
> Ale
> --
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email