Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-psd-03.txt

Seth Blank <seth@sethblank.com> Wed, 08 May 2019 02:30 UTC

Return-Path: <seth@sethblank.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E09D12007A for <dmarc@ietfa.amsl.com>; Tue, 7 May 2019 19:30:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sethblank-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id leanvR8KJpPI for <dmarc@ietfa.amsl.com>; Tue, 7 May 2019 19:30:43 -0700 (PDT)
Received: from mail-ot1-x331.google.com (mail-ot1-x331.google.com [IPv6:2607:f8b0:4864:20::331]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC6A112002E for <dmarc@ietf.org>; Tue, 7 May 2019 19:30:43 -0700 (PDT)
Received: by mail-ot1-x331.google.com with SMTP id 66so7557123otq.0 for <dmarc@ietf.org>; Tue, 07 May 2019 19:30:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sethblank-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=42b8ogwCHO/e2AkjTs7p9TQJcq6oXqiVZD1ASKvcNp8=; b=fofCxqlgP9el1+NT8Qa5ignFiFmSaqn1wGVAh0gMMhF5gQYhTABI/qcyAqeV3KMPoQ 6/4T7EXv8NFdM5l9eGtEKlRrMaOb0pLwslKtm9mj+QUSzTaZ7NLB/HdVbiS61q9D1Fv2 JPBy9nslIBBbNKkoLK69nHK3vQdGJDbC10jzxEmP510kjz6ZCsaN0x9PoLpLcVh+Q8F/ bb/U0kAmtg87o1sWyAqbwvZFC39T8vC5BDyv2d9VEI5h5Qn6sY2mu6jNHZugdFXLe/gf TvnwkVmD+wuhanN/mYv6NR7GpBCns8dFo6w2FFsv/mP/JCXmIxQZaVbSR02b5/MTAxqj jT1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=42b8ogwCHO/e2AkjTs7p9TQJcq6oXqiVZD1ASKvcNp8=; b=brVX8nRgTQPtrfhJZAmPfOtRlO8BpGDaBv7dLfoPeIT8ptgk7TrIGPh6IlU3KIiGvO /D+L1adjBjuVytDLHqB0sBb3oBkZHVBeq+c4fV+7MwS9T3yAQbajwwIu/XfmUWarUult 41G83EG733qv4n2w0oZt3LIaKWWQDackKGN7MrjxYuwBAf/A61z/Q4dkh0q+wth5+NTY IeN0bRZiDywop8ysK6tWTBPzZY/1d8tJCKatnVnc1x3sZATmyY23ViEe5f7QYMJ2UaBy PIs86D9bsUte+/gr26CKi8XRd1HoZalU14zVaNOl3cWHPs8W/Cj4LnqIdIZrbfKUPdOP EEJA==
X-Gm-Message-State: APjAAAXXYhEUZecnNDY8Gss2AXP1m8o5uA9qfgw36fmKGNe8qCzFmFXZ C5WyqdSkgOfupBrnRtHe+uB42Y9RDgZYC3hGLM96Zs8DbQU=
X-Google-Smtp-Source: APXvYqwhWs5f+rdrr8PS93NBuxUcy9qqk4QlCCRmPelacvrsr6V/hQhYi/ZJYwSGFM+RxdX20A2VRDb4s8lXAC4A1lI=
X-Received: by 2002:a9d:6013:: with SMTP id h19mr6206698otj.215.1557282642662; Tue, 07 May 2019 19:30:42 -0700 (PDT)
MIME-Version: 1.0
References: <155728145158.24534.10112720017814447505@ietfa.amsl.com> <2699063.PiBShnsfcX@l5580>
In-Reply-To: <2699063.PiBShnsfcX@l5580>
From: Seth Blank <seth@sethblank.com>
Date: Tue, 7 May 2019 19:30:25 -0700
Message-ID: <CAD2i3WM2UR3VAKPzWx6pJPho=SRLTWH3rejAidq9_Mz-_7i3Gg@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bb2f900588571e8a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/9hvF4KzUxwX-dt-ajgCRiguMYg8>
Subject: Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-psd-03.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 May 2019 02:30:47 -0000

Thanks, Scott!

To me (as an individual) this seems ready for last call.

A few items:

1. In the new paragraph in section 1 clarifying requirements, you have an
open parens that is never closed.

2. In Section 3.5, I'm concerned with the normative MUST NOT. This would
mean .example couldn't receive failure reports the way example.com does.
For something like .bank or .com, this is a feature. But for a .google,
this is a bug. I really think this MUST NOT is, while well advised, delving
into policy and not interop.

I really think the guidance in 4.1 is the best way to approach this.

Speaking of which, with the normative MUST NOT that's been added, now 4.1
no longer makes any sense.

My recommendation would be to roll this change back, and perhaps replace it
with a reference to 4.1 and a "if you're a PSD, don't ask for RUF unless
you really really know what you're doing."

3. psddmarc.org - I think we need a brief paragraph outlining the
experiment, and in it need to explicitly call out that a permanent solution
needs to be determined for answering the "what's a PSD" question - which
may or may not be psddmarc.org.

Thanks again!

Seth

On Tue, May 7, 2019 at 7:16 PM Scott Kitterman <sklist@kitterman.com> wrote:

> On Tuesday, May 7, 2019 10:10:51 PM EDT internet-drafts@ietf.org wrote:
> > A New Internet-Draft is available from the on-line Internet-Drafts
> > directories. This draft is a work item of the Domain-based Message
> > Authentication, Reporting & Conformance WG of the IETF.
> >
> >         Title           : DMARC (Domain-based Message Authentication,
> > Reporting, and Conformance) Extension For PSDs (Public Suffix Domains)
> > Author          : Scott Kitterman
> >       Filename        : draft-ietf-dmarc-psd-03.txt
> >       Pages           : 11
> >       Date            : 2019-05-07
>
> Significant changes from -02:
>
> Based on offline feedback:
>
> Added a paragraph on PSD exact domain match issues.
> Added a clear MUST NOT for [RFC7489] Section 7.3 Failure Reports
>
> Finished Appendices:
>
> Added more text to Appendix B about support for the experiment available
> from
> psddmarc.org.
> Added Appendix C to track implementations.
>
> If anyone else has an implementation that's not listed, please let me know
> and
> I'll add it.
>
> Other than that, I think it's about done.
>
> Scott K
>
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>