IETF Logo Mail Archive

Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd

Alessandro Vesely <vesely@tana.it> Mon, 11 November 2019 20:43 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB7F2120825 for <dmarc@ietfa.amsl.com>; Mon, 11 Nov 2019 12:43:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gr8z1UAx8dii for <dmarc@ietfa.amsl.com>; Mon, 11 Nov 2019 12:43:15 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2884D12004E for <dmarc@ietf.org>; Mon, 11 Nov 2019 12:43:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1573504990; bh=vBTdQxyX2IEvwUqSJZG5FngPRpJHXObqnoXF9IfXG4Y=; l=1886; h=To:Cc:References:From:Date:In-Reply-To; b=AdzmG9cIZ3rkqouqDNAki3ROh7y7COyJjHIzgh50gR1NsyJDb3GxUmmxq/rNo/OHQ YoeUrNcGXotXWCHkHKa5ds0OoFIlhXDXjy+QzHzKjmQh4caxL317xERv1bgNtXaf9w mb2tH+K522J+DiCwDzlNC32MQKn+gJ2KXOEPmPGA7JlvO8A9nSlA6utrItEP5
Authentication-Results: tana.it; auth=pass (details omitted)
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k) by wmail.tana.it with ESMTPA id 00000000005DC073.000000005DC9C7DE.00005D3B; Mon, 11 Nov 2019 21:43:10 +0100
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <CAL0qLwacbAT04tckpPcRcnOt=1QByOBeJ7uDf6rNK6NRwtxZYg@mail.gmail.com> <ffa2bf72-3024-237b-86ae-9cc04babeec6@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <CAL0qLwbp2hNrgF_xxhKRRODQ6HP=U5_K-r3Wtm1wJZOZcKup3g@mail.gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <CADyWQ+GSP0K=Ci22ouE6AvdqCDGgUAg3jZHBOg3EwCmw=QG84A@mail.gmail.com> <CABuGu1obn55Y2=CuEYRYCEO3TYYNhYTsdkesQ67O61jRyfO=wA@mail.gmail.com> <59947cf1-1851-af56-536e-f78530e79dd2@tana.it> <CABuGu1rsaFojGL4P8i3116DEo6gh6LY87ti9ayZLfdC+z0AY9w@mail.gmail.com>
From: Alessandro Vesely <vesely@tana.it>
Openpgp: preference=signencrypt
Message-ID: <d5b342c9-bfa4-54a7-8576-fcc48a120e14@tana.it>
Date: Mon, 11 Nov 2019 21:43:10 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <CABuGu1rsaFojGL4P8i3116DEo6gh6LY87ti9ayZLfdC+z0AY9w@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/B61OxDSzyYHorZvq6FDrAxlfin0>
Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Nov 2019 20:43:17 -0000

On Mon 11/Nov/2019 19:31:52 +0100 Kurt Andersen (b) wrote:
> On Mon, Nov 11, 2019 at 9:50 AM Alessandro Vesely <vesely@tana.it> wrote:
> 
>> For various reasons, large organizations administer many apparently 
>> unrelated domains.  For example, _dmarc.youtube.com has a rua mailto
>> ending in @google.com.  We cannot infer an OD from that, but I think the
>> concept is clear.>>
> 
> I don't think this has anything to do with the PSD proposal either. Why do
> you bring it up?


If it were possible to infer OD from some kind of DNS record (or from RDAP
responses, for another way) then we'd have a tool alternative to the PSL.  That
proves that the concept of OD is independent of the PSL, doesn'it?


>>> As to the proposed "let's run this as an experiment pending DMARCbis",
>>> I don't see how that satisfies Dave's concern about creating new work
>>> for receivers in order to help a small set of domain (realm) owners. I'm
>>> not opposed to it, but I just don't see how this solves the issue.>>
>> Isn't that an ICANN problem?  For the time being, dig _dmarc.bank txt 
>> returns an empty NOERROR response, while _dmarc.gov.uk returns a valid
>> record. The latter is a Nominet, already solved problem, AFAICS.>>
> 
> If it was a solved problem, then we would not need a PSD (or realm) I-D and
> this whole discussion would be moot. What ICANN does and does not allow is
> out of scope for the IETF/protocol work (though I do acknowledge that ICANN
> may consider protocol factors when making decisions - or I would hope that
> they would).


Oh, you meant the receivers burden of an extra lookup?  Sorry, I though it was
about the need for each OD to opt out by defining its own DMARC record, lest
have reports delivered to the realm.  In the latter sense, Nominet solved the
problem of what rights has gov.uk on domains below it.


Best
Ale
--

v2.23.0 | Report a Bug | By Email