Re: [dmarc-ietf] Final, I hope, tweaks to the tree walk
Scott Kitterman <sklist@kitterman.com> Tue, 28 June 2022 16:46 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFE3CC14F749 for <dmarc@ietfa.amsl.com>; Tue, 28 Jun 2022 09:46:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=GqqMz7hu; dkim=pass (2048-bit key) header.d=kitterman.com header.b=ZtKA5Xg3
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DjqZA9Tm9Vm4 for <dmarc@ietfa.amsl.com>; Tue, 28 Jun 2022 09:46:21 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 472AFC14F736 for <dmarc@ietf.org>; Tue, 28 Jun 2022 09:46:21 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 9179AF802E0; Tue, 28 Jun 2022 12:46:19 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1656434779; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=kvjqeSL29HGr3J7kanuLBx93dJAZIJHf0tXBgwbZbdg=; b=GqqMz7huYuxu+qXgONakongd8wP5p5IsPNYB2yOlwpu3ceaZcNS1Z2yr0rAyjSBCdDqGM KqkEN8qRSM/RNmFDQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1656434779; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=kvjqeSL29HGr3J7kanuLBx93dJAZIJHf0tXBgwbZbdg=; b=ZtKA5Xg30rBqBBsag81nyc/y6ib6UkXVYyDXLtMrpcRWAFGwnOCYzPYA9fQyOljtcNxu1 SIT4KomUhXRu1ootWwKOhC5cr9BEnFerV0Zs+QepT3CX0T0jvpsjmyLRkjja95OZsclkAwz vRlDmp3yTOVmLGfE24gv2U8fLomb8jJKjUHizQL64rcQnrcpj+fmxGsOojyMB6nnp28A/pm QdTjUgcbHNZofrONsDaSzCJE1gMMFTnJlG/dTV5TYr9OHV4KYa6A93cBkD6xCfVTtOHhCgP g0Z4Ei7D1IieCKafJoHNCZQYgjsr9lXjQZZDNpzqq7ypya6sJNq9HltjdUPA==
Received: from [127.0.0.1] (mobile-166-171-57-212.mycingular.net [166.171.57.212]) by interserver.kitterman.com (Postfix) with ESMTPSA id 43036F801D9; Tue, 28 Jun 2022 12:46:19 -0400 (EDT)
Date: Tue, 28 Jun 2022 16:46:18 +0000
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
In-Reply-To: <be56e041-d588-c8e7-bd37-bf2858773b75@tana.it>
References: <20220626154211.6893F4452D0F@ary.qy> <2bc4e123-8711-7538-599e-727d8ea9caff@tana.it> <bedf51e9-6fe6-d52b-1083-bac67d8906ea@taugh.com> <be56e041-d588-c8e7-bd37-bf2858773b75@tana.it>
Message-ID: <ED978D2A-ADD1-4FFA-B101-239D333019CB@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/DSpYMnuB9YjF9dxKdxAvrEu3HtQ>
Subject: Re: [dmarc-ietf] Final, I hope, tweaks to the tree walk
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2022 16:46:25 -0000
On June 28, 2022 4:33:15 PM UTC, Alessandro Vesely <vesely@tana.it> wrote: >On Mon 27/Jun/2022 15:54:51 +0200 John R Levine wrote: >>> Please recall what you said in April: >>> >>> How about if we say that if the initial domain has psd=y, that's the org >>> domain and you don't look anywhere else. That is easy to explain and I >>> don't think we are likely to find anything that better matches the >>> expectations of people who send mail from PSDs. >>> https://mailarchive.ietf.org/arch/msg/dmarc/UEwREV5oDD0BoyNpaUB9GN6ixtI >> >> I thought about it some more and changed my mind. That occasionally happens. > > >Right, but how about discussing the merit of it? > >What can one find continuing the walk after psd=y? > >For example, let's consider an imaginary bank, com.bank, say. They use that domain as corporate domain, and have a DMARC record. They also delegate zones to local subsidiaries. One of them, uk.com.bank in turn delegates to other banks in the UK and sends mail like uk.com. So you may end up having a DMARC record at each level: > >bank -> psd=y, >com.bank -> psd=n or psd=u (for private use), >uk.com.bank -> psd=y. > >Does our model support that? How else should they set their records up? I think that's sufficiently obscure that I doubt we care, but I think it is supported just fine. The only nuance is that in this scenario, mail that is 5322.from uk.com.bank would have to use 5321.mailfrom and DKIM d= uk.com.bank. Subdomains wouldn't align, which I think is fine. The operational distinction between a PSD and a non-PSD is that subdomains of a PSD are different organizations and subdomains of non-PSDs are part of the same organization. I believe that's the correct distinction. Scott K
- [dmarc-ietf] Final, I hope, tweaks to the tree wa… John R. Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John R Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John R Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John R Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] moving past pad=y? Douglas Foster
- Re: [dmarc-ietf] moving past pad=y? Murray S. Kucherawy
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] moving past pad=y? Douglas Foster
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman