[dmarc-ietf] Adam Roach's Yes on draft-ietf-dmarc-eaiauth-05: (with COMMENT)

Adam Roach via Datatracker <noreply@ietf.org> Wed, 10 April 2019 03:24 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: dmarc@ietf.org
Delivered-To: dmarc@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B0474120077; Tue, 9 Apr 2019 20:24:51 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Adam Roach via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-dmarc-eaiauth@ietf.org, dmarc-chairs@ietf.org, kurta@drkurt.com, dmarc@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.95.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Adam Roach <adam@nostrum.com>
Message-ID: <155486669171.19715.14014281020759221500.idtracker@ietfa.amsl.com>
Date: Tue, 09 Apr 2019 20:24:51 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/82SN6ehwkg5I3xXZ0dhB6I-_K80>
Subject: [dmarc-ietf] Adam Roach's Yes on draft-ietf-dmarc-eaiauth-05: (with COMMENT)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2019 03:24:52 -0000

Adam Roach has entered the following ballot position for
draft-ietf-dmarc-eaiauth-05: Yes

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


Thanks to everyone who worked on this document.


The i18ndir review included a number of minor issues that appear to remain
unaddressed. (To be clear, I don't assert that all of them require document
changes, but I would expect to see responses to the reviewer on these points).
I reiterate one of the more important minor comments below.


I agree with Benjamin's DISCUSS comment: this document needs to better
explain the consequences of the inability to match %{s} and %{l}. He talks about
it from a security perspective, but I think there's also a discussion to be had
here about whether this disadvantages users who elect to have non-ASCII
characters in their mailbox names.

I did see the response to the i18ndir review regarding the low usage of these
macros. If that is relevant to the decision to ignore the proper functioning of
these macros, then such rationale should be included in this document. Further,
if this document is breaking these macros under certain circumstances due to low
deployment, I would urge the working group to consider whether this document
should formally deprecate their use rather than relegating certain users to
second-class status.



>  the From: header of e-mail messages.

Nit: "...header field..."


>  Section 2.11 of [RFC6376] defines dkim-quoted-printable.  Its
>  definition is modified in messages with internationalized headers so
>  that non-ASCII UTF-8 characters need not be quoted.  The ABNF for
>  dkim-safe-char in those messages is replaced by the following, adding
>  non-ASCII UTF-8 characters from [RFC3629]:

Nit (twice): replace "UTF-8 characters" with either "UTF-8 byte sequences" or
"UTF-8 encoded Unicode characters".



>  Header names and other text intended primarily to be interpreted by

Nit: "Header field names..."



>  DKIM [RFC6376] specifies a message header that contains a

Nit: "...header field..."

>  of a DKIM-Signature header MUST be encoded as A-labels.  This rule is

Nit: "...header field..."

>  consistency with other headers.  (A-labels remain valid to allow a

Nit: "...header fields..."

>  in section 3.7, the hash MUST use the domain name in the format it
>  occurs in the header.

Nit: "...header field."