IETF Logo Mail Archive

Re: [dmarc-ietf] what to document about the tree walk

John R Levine <johnl@taugh.com> Thu, 14 July 2022 15:08 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6339BC16ECBA for <dmarc@ietfa.amsl.com>; Thu, 14 Jul 2022 08:08:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=ePjc/kRH; dkim=pass (2048-bit key) header.d=taugh.com header.b=bn+BLit2
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DhpZD8cCnNgS for <dmarc@ietfa.amsl.com>; Thu, 14 Jul 2022 08:08:25 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26E3EC147930 for <dmarc@ietf.org>; Thu, 14 Jul 2022 08:07:58 -0700 (PDT)
Received: (qmail 29805 invoked from network); 14 Jul 2022 15:07:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=746b.62d0314c.k2207; bh=oQsUnJ5gQ2pn4uQwRxOHtFo/1bBNJNmqJ8LceWUQ3Lw=; b=ePjc/kRHAXDubS+Tw1XRVhFb/5AmnXV+Dv7g/IxIWy37fWFCfYPdRDExECjOFWN+RPTXMlgQ/vvXrRSSfFOsI22CYFz5ybEMtA8WTc6XN3Xs5tWSoEW4XgPT2jpMdh78QR5GKP5BGQY1kappn2VIwG2YDPQxiacEoCU++3swrm29nH/Jl2/WfVP8kw/Osy966WLOs39u9Sgc/f8hyR4FJUjwJNT3UVEuxNn1vWDwDdJpmcg06oIc2O5zEx5l5ILzKFKHM0mvf7gDvfQT0YU+rvGAK0SzPEaD5DWDP2a/iu5JQ9RImzn/2ohKWIGMwzGb4VPVXZdZnChPSH38MIdnHw==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=746b.62d0314c.k2207; bh=oQsUnJ5gQ2pn4uQwRxOHtFo/1bBNJNmqJ8LceWUQ3Lw=; b=bn+BLit2B+t27U86Ie//C/B7O6pVPLl5fkHrJ7pQbDFeopJJ5lannguT4X2b33Tlz6K9lyIqQ01zR6uMIFoKS+euoJ1QT7PoSprhHXpsf2wAIGSr8z9hYbQqZyJqYcW5vOMKt/KFUXyRfSKaxjK1KvoApITPelRxAAg5rLAMkoM1y5FKLkSZbQ8gX/mI93B4By4SQ/Z+UmjHlFNAYnSlNN4vYU6g4lEcV72WAq/oLZ5H6rR5A3WrRz4puf8lOUSckd1BFGuZhvP3XRGZIqDilDzeTdYKx0iE6qmWhz1+Rwm0/5avzzkFgrZ7IvNpzeUlxoDJ7dEl7qf+xn12jWZqYg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 14 Jul 2022 15:07:56 -0000
Received: by ary.qy (Postfix, from userid 501) id 8267D45CF6C8; Thu, 14 Jul 2022 11:07:54 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id B8BFC45CF6AA; Thu, 14 Jul 2022 11:07:54 -0400 (EDT)
Date: Thu, 14 Jul 2022 11:07:54 -0400
Message-ID: <8683e2de-22bf-b6a2-dfa0-274b9de3ed23@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Scott Kitterman <sklist@kitterman.com>, dmarc@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <4293C636-9656-4122-80D6-5E2DE4D790B4@kitterman.com>
References: <20220710010547.DB3B04532F40@ary.qy> <d8716435-8a52-dac4-ede2-6c27fced7f0f@tana.it> <84DDA91C-26E2-4803-8C6C-0369ED67298F@kitterman.com> <c4a7fd03-eae8-497f-3133-73523a9c1ca2@tana.it> <5197ba5f-9de4-d838-1579-eae67683e2d4@taugh.com> <650cadee-db8f-a54a-4d14-082c2d0bed02@tana.it> <0f3a343b-e7ea-7509-ceab-e5670aac8616@taugh.com> <CAH48ZfxHgxZwu3zLh99pc1JS4s==9bxU-0nS78O=7UAnZ=DtUQ@mail.gmail.com> <CAHej_8nkpGo30b9-ZkRc_wokymJ2ry_hsMgzaB2m4EH-WWG_zw@mail.gmail.com> <CAH48ZfzoVocPRKeVTqf6AE6Z48AWKFObm7X5oDa1ic1sQ5V1zg@mail.gmail.com> <CAL0qLwZFO_KK3+RUdzMLyjW0uOnzi4mXcVww1Mqx8tmhe-x2hA@mail.gmail.com> <CAH48ZfwTaf75HiJS2_VJKez8s3FqMh-K_6eD2eqaJatXWwcKww@mail.gmail.com> <CAL0qLwbxoijfdfxpS5-LRPifxg+4e_ndBGQhne5s5of0zxBbMQ@mail.gmail.com> <D3807517-98C3-4F20-A594-F3109BCB831A@kitterman.com> <f5e3f92b-f95e-a3a5-c74d-bd0957bec61a@tana.it> <4293C636-9656-4122-80D6-5E2DE4D790B4@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/8StamNGE4i3SenEV6cO-8184Puw>
Subject: Re: [dmarc-ietf] what to document about the tree walk
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2022 15:08:30 -0000

On Thu, 14 Jul 2022, Scott Kitterman wrote:
> In my view, standardizing two ways to do policy discovery and alignment would be a substantial danger to interoperability and we'd be stuck with it approximately forever.

I agree, it's a self-evidently terrible idea.  "Temporary" transition
periods inevitably turn out to be permanent, or so close to permanent that
we'll all be dead before it's over.

What I expect to happen is that we publish 7489bis with the tree walk as 
the method to find org domains*.

There are a handful of widely used libraries that implmenent DMARC, most 
of which have developers who read this list or are otherwise people we 
know, so we can encourage them to update their software.  Large providers 
like Google and Microsoft have their own implementations but we know them 
too.

So over perhaps a year the places that upgrade their software will get new 
libraries and start to use the tree walk.  There will always be a long 
tail of sites that never update their software, but that's life. 
Fortunately, for the majority of normal mail the old and new methods 
get the same result, so it's unlikely the long tail will run into problems 
any worse than they already have with the obsolete software they use, e.g. 
TLS 1.1 making STARTTLS fail.

R's,
John

* and occasionally PSDs.

v2.23.0 | Report a Bug | By Email