Re: [dmarc-ietf] Working group next steps

Ian Levy <> Fri, 29 March 2019 17:14 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id F29781202F6 for <>; Fri, 29 Mar 2019 10:14:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4rXZ1-s5qJ3n for <>; Fri, 29 Mar 2019 10:14:35 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 21A4F120141 for <>; Fri, 29 Mar 2019 10:14:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I/xrrY9B83IysDmBiQ12YcZhpNJsynWNITXcV12Rldk=; b=LOtgtW7kT+CIp/gowbAIk+QL76rGZuYhl1G6AOmtuo3TA5Pqjkj9SGzGqsNt5ls6gDe35LuotXLz6lOtNxVoz6zzItcbXiFUVuC+u8dUBT9KnQg3Ma6Ly1YgEUvUgnTni/x0+OdlA0v9gXTV+WJMebBX3YIV1zLOok3nXQB7eVA=
Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ( by LO2P123MB1792.GBRP123.PROD.OUTLOOK.COM ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.15; Fri, 29 Mar 2019 17:14:31 +0000
Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::41ac:f60c:6d07:7769]) by LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::41ac:f60c:6d07:7769%6]) with mapi id 15.20.1750.017; Fri, 29 Mar 2019 17:14:31 +0000
From: Ian Levy <>
To: "Murray S. Kucherawy" <>, IETF DMARC WG <>
Thread-Topic: [dmarc-ietf] Working group next steps
Thread-Index: AQHU4/UzfZiqOr8RXUGmzJ8BTa45jqYi2lBA
Date: Fri, 29 Mar 2019 17:14:31 +0000
Message-ID: <LO2P123MB22857A6A1EDD9D54A817C4F5C95A0@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM>
References: <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f3a84ac7-49a1-4e02-cdea-08d6b46a025f
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:LO2P123MB1792;
x-ms-traffictypediagnostic: LO2P123MB1792:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <LO2P123MB17920BC54919E215D31C3B4AC95A0@LO2P123MB1792.GBRP123.PROD.OUTLOOK.COM>
x-forefront-prvs: 0991CAB7B3
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(376002)(396003)(346002)(366004)(136003)(39850400004)(199004)(189003)(25786009)(105586002)(11346002)(66066001)(106356001)(53936002)(74482002)(606006)(97736004)(6246003)(71190400001)(33656002)(6436002)(99286004)(71200400001)(68736007)(790700001)(6116002)(14454004)(236005)(966005)(102836004)(186003)(55016002)(9686003)(2906002)(8936002)(8676002)(3846002)(7696005)(229853002)(316002)(52536014)(81166006)(54896002)(6306002)(478600001)(7736002)(14444005)(5660300002)(81156014)(256004)(486006)(26005)(75922002)(476003)(53546011)(44832011)(86362001)(55236004)(446003)(76176011)(110136005)(6506007)(74316002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:LO2P123MB1792; H:LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: WW/1JMEhplstRpW9QtwXaPyyQB6NrdNkCnefFfVdDA6DkXc624XZpSLZImSsAmuCLAdjTfjV+jux5PkShW6lhlMt+9OH7m0sU4rpJNt/Zf1Js4oyBEX9iKAIxcvDypJwimesdknb2DBBjh4ILQ2Zt4iEM9+z7qArsXd4fxN/eDspvZr4IBywmbiWgU94Trgi245UfIl7lwlR3tUGsHZWeeEWMk2U78nVrJ1ciwvAd5SkwdC0Us0fCdUNm84z6zA2EhEPRAxYM4lqudoJESQBpUHj5lCBs6inKgVTsNVmjPGsb4AcbWe9M5HYy3/WmZVdT4uIH5X3I0VGbe5qqNY+h4hY5mItS7EtgfRhjUf1MBjCRr5ahgdd7lEhl72PZ6C34QK7TdEqs8XsayUrG0lTMaIgcjepfL2tXXhFuhmqJU8=
Content-Type: multipart/alternative; boundary="_000_LO2P123MB22857A6A1EDD9D54A817C4F5C95A0LO2P123MB2285GBRP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: f3a84ac7-49a1-4e02-cdea-08d6b46a025f
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Mar 2019 17:14:31.7609 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB1792
Archived-At: <>
Subject: Re: [dmarc-ietf] Working group next steps
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 29 Mar 2019 17:14:41 -0000

  *   The working group should, in the short term, focus on development and completion of draft-ietf-dmarc-psd.  Among the questions to be answered is its urgency

I’m certainly keen to see that progressed. As we’ve rolled out DMARC across subdomains, we’ve seen criminal behaviours change in response. Some of you may recall we asked for help a while ago for ideas in generating SPF/DMARC records for non-existent subdomains. Well, that’s running and we answered 430,000 queries for them between August and November last year (more current data coming). We do know that the effect of synthesising these records means that some receivers don’t honour them, so getting a more acceptable way of controlling subdomains of a PSD would be good. As we push for wider DMARC adoption and other authentication measures, we’ll need to do this much more widely so it needs to be easy.

I’ll also offer as an experimental ground (within reason!).



Dr Ian Levy
Technical Director
National Cyber Security Centre<>

Staff Officer : Kate Atkins,<>

(I work stupid hours and weird times – that doesn’t mean you have to. If this arrives outside your normal working hours, don’t feel compelled to respond immediately!)

From: dmarc <> On Behalf Of Murray S. Kucherawy
Sent: 26 March 2019 16:58
Subject: [dmarc-ietf] Working group next steps

DMARC colleagues,

Tim and I met in Prague to get things rolling in terms of getting us progressing again toward our remaining deliverables.

Producing a DMARC on the standards track is the endgame for us.  We're keen to identify and focus on work that is in direct service of that goal; anything else can be parked for now and we can return to it once the main work is done, assuming we still have the energy to do it.  Accordingly, we propose to formally park draft-ietf-dmarc-arc-multi and draft-ietf-dmarc-arc-usage.
The working group should, in the short term, focus on development and completion of draft-ietf-dmarc-psd.  Among the questions to be answered is its urgency: If there is pressure to get this finished and published in some form, we suggest the WG consider moving this to Experimental status, aligning it with the ARC base work, and come back around to merge it into DMARC when it goes to the Standards Track.

Toward the goal of getting to the work on the standards track base specification, we should start collecting issues, from nits on up to things that need overhaul, in the WG's tracker.  We would like this list to be as exhaustive as possible.  When we do finally get to the work of standards track DMARC, we can run it like a checklist.  Please take some time to go over the list that's already in the tracker, and add anything you think is missing:<>
You may need a login credential if you haven't already established one.  This can be done via the IETF datatracker:<>

Previously (at IETF 99), the WG has discussed an augmentation of DMARC's reporting capabilities to include attributes of ARC evaluation of a message.  It's been suggested that this is a critical thing to include in the ARC experiment and thus input to standards track DMARC work; it was left out of ARC's base document to keep ARC decoupled from DMARC for now.  If consensus concurs with this position, we're looking for document editor(s) to spin up that effort.  The chairs are, however, cognizant that each new work item we take up has the effect of pushing standards track DMARC further down the road, so we would like to keep this sort of thing to a minimum.
Finally, there have been some hallway inquiries here at IETF 104 about canonicalizations that can survive mailing list transit.  I thought it worth checking with the WG to see if there's any energy or interest in revisiting this kind of work; it does fit within our charter, but previously attempts at this kind of work have waned.

We look forward to hearing your views on any or all of the above.  We can start by having everyone begin logging their open DMARC specification issues into the tracker, and ask that everyone please review and comment on the PSD draft and provide comments.  In particular, anyone that has implemented it is particularly requested to comment (including Scott, since we imagine he's tried this by now).


This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to