Re: [dmarc-ietf] [dbound] Fwd: New Version Notification for draft-dcrocker-dns-perimeter-00.txt

Dave Crocker <> Wed, 03 April 2019 18:22 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D670C120123; Wed, 3 Apr 2019 11:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Lu1SfZN4tquC; Wed, 3 Apr 2019 11:22:58 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C5CBA12010C; Wed, 3 Apr 2019 11:22:58 -0700 (PDT)
Received: from [] ( []) (authenticated bits=0) by (8.14.4/8.14.4/Debian-4.1ubuntu1.1) with ESMTP id x33IOf5L001971 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 3 Apr 2019 11:24:42 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=default; t=1554315882; bh=BkahvQtoi62nxdS+sC5YrM1Z3uYJVGP9lhzIYvO2PKU=; h=Subject:To:Cc:References:Reply-To:From:Date:In-Reply-To:From; b=Ml8IIRWXhhN5SPG0lTEf9kyvIzNgbLv5KZxxhyBlYGzchb5mrzZTQusZfOVJ6yVux eVeOVgJ6jusheFlqhvgF9jhORMRfKjIgfBQ6Sh3T+n9eKznDuzJXlgC/ppYWYIwroR an5bFMZTDzi4pkWGtIOLgfh0DHaaYnhpYhRPwKwg=
To: John Levine <>,
References: <20190403175820.8391420115F376@ary.qy>
From: Dave Crocker <>
Organization: Brandenburg InternetWorking
Message-ID: <>
Date: Wed, 3 Apr 2019 11:22:50 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <20190403175820.8391420115F376@ary.qy>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [dmarc-ietf] [dbound] Fwd: New Version Notification for draft-dcrocker-dns-perimeter-00.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 03 Apr 2019 18:23:00 -0000

On 4/3/2019 10:58 AM, John Levine wrote:
> In article <> you write:
>> Comments eagerly sought, of course.
> This seems sorta kinda like my dbound draft, only with _tagged TXT
> records rather than a new rrtype, and (unless I missed something) a
> hope that somehow you can use a yet to be invented cache to avoid
> walking up the tree, where mine used wildcards to do one lookup per
> boundary regardless of the tree depth.

Section 7's suggestion for using Additional information does not rely on 

Reliance on existing wildcard depends on propagation of a new RR, which 
continues to be problematic.  There's a reason the Attrleaf table has so 
many entries...

And while there is certainly conceptual overlap with your earlier 
proposal, the current one has differences I'd class as significant.

Dave Crocker
Brandenburg InternetWorking