Re: [dmarc-ietf] moving past pad=y?
Douglas Foster <dougfoster.emailstandards@gmail.com> Wed, 29 June 2022 17:17 UTC
Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D293C14F727 for <dmarc@ietfa.amsl.com>; Wed, 29 Jun 2022 10:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4uQ3Mkqk2pFl for <dmarc@ietfa.amsl.com>; Wed, 29 Jun 2022 10:17:49 -0700 (PDT)
Received: from mail-oa1-x31.google.com (mail-oa1-x31.google.com [IPv6:2001:4860:4864:20::31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCB3DC14F743 for <dmarc@ietf.org>; Wed, 29 Jun 2022 10:17:49 -0700 (PDT)
Received: by mail-oa1-x31.google.com with SMTP id 586e51a60fabf-101e1a33fe3so22262810fac.11 for <dmarc@ietf.org>; Wed, 29 Jun 2022 10:17:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=EXzRqltouZ8A+Sy7AzxiGRHMgjZIfeV467zU0fMvv1I=; b=pGauqGELz6Y3+yTMEfLXyGHlB7XXCp1RI+s+aFlw3TSBIqr0q9L4lTd1hxWPHSgZEM cp4Kf/Qd+n7MYYdpxGt8sRn9YgIJVq6+yCq2UnjfaKhX+ldQnnuEUpPCf2dLroMa0A0L rVynvr9P/bYhs5nWOZ05Wz5iCYqqgkFBHrCDzwncpyRMNQkGWFOqHpV3JGVcn0c8pAgf zMv0g2P2xGk9E/w2b5+fMusn5JV9kH9ipcbsHOVL4DsXoPBwmetu1DILOPZrYPMfqpyT NXlur1FLumdaFkLKkQfO2i0xia6iZxZ1qPcmnoa+uOG8Jd3GinDXI3Q3G7D4LtkifHcb oMsA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=EXzRqltouZ8A+Sy7AzxiGRHMgjZIfeV467zU0fMvv1I=; b=KTDYxbdPDwfpEBHaImDwsp9bDxY1mbnOBz2yi4DKAajg9ISkPjlBW1MpGQRJp9fqbV yY5UfCqpeuy74YFa8VfFOXD7XIrONpif3lCTCNNHlhQVvOqsIADWQolJkRU6JYn3CPfO 6erbF5EN0EuJdygGwt8jfH5OSCIaF+WKTICkzNiJAK9LJb4NCOqswbNrQ4BfVREYpo4i Ip31sr1qaiImOieKwQh6ujeNEC3AI3/bfwQnHhFHvm806XOs0tKYP89+NMZ0/IwnG5gP 9zO2XwPAm0GkUBC3VPaihfBdINPK0+mf3eWuHvXEPmEYffT3e6pv6v/g4ak1Sn/4awe3 77gg==
X-Gm-Message-State: AJIora8jbKLwjHYwliOK6QQ7G8vdFnvdjHb3N4TYnh0Runq9+Lqx5HbD d+OCFVX3tlFdBy7Yzjp9ltJeqE3/tJOxpyZHxxwnNxDz
X-Google-Smtp-Source: AGRyM1uJIj7Fons1G/I4mQYPEbXnP8QVvSbMHRw57hPijqYkHmjAhrHX73TDdOJm54cLpwrk63GBPDQXlPNmxVIC8WI=
X-Received: by 2002:a05:6870:e2d4:b0:101:be60:fdd1 with SMTP id w20-20020a056870e2d400b00101be60fdd1mr2612833oad.51.1656523068722; Wed, 29 Jun 2022 10:17:48 -0700 (PDT)
MIME-Version: 1.0
References: <20220626154211.6893F4452D0F@ary.qy> <2bc4e123-8711-7538-599e-727d8ea9caff@tana.it> <bedf51e9-6fe6-d52b-1083-bac67d8906ea@taugh.com> <be56e041-d588-c8e7-bd37-bf2858773b75@tana.it> <6c2a2820-5b60-636c-bf04-da99ee0a85b0@taugh.com> <0813aeaf-fa95-d9a1-04f5-d1e5dbed7b78@tana.it> <5518c83c-7960-20c1-876e-2dff175a9634@taugh.com>
In-Reply-To: <5518c83c-7960-20c1-876e-2dff175a9634@taugh.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Wed, 29 Jun 2022 13:17:35 -0400
Message-ID: <CAH48Zfy5wExOOoQP2YvMfOCSQ9iJy+nO4QsVsFPoZreDyGLiZg@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000012d61105e299550e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/FU4o90nII9p-tIRCIoplOsGwHW8>
Subject: Re: [dmarc-ietf] moving past pad=y?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jun 2022 17:17:53 -0000
Based on our psl information, a private registry will be at DNS segment 3 or 4. If the PSO registration is at DNS segment 2, the private registry could be either one or two segments thick. So the question is "How do I know which one applies?" The best solution is for the domain owner registrar to tell us, using a meaningful token like orgd=y. If course, we could tell evaluators to use our current best guess, which is that private registries will always be one segment thick. But that does not seem like a standards-track approach to the authentication problem. On Wed, Jun 29, 2022, 10:12 AM John R Levine <johnl@taugh.com> wrote: > On Wed, 29 Jun 2022, Alessandro Vesely wrote: > > Would you please show an example, realistic or not, where not stopping > for > > psd=y in step 2 leads to a useful result? > > Keeping in mind that this is an arcane corner case that affects perhaps a > few hundred of the 100,000 domains that are likely to publish DMARC > records, and it doesn't matter in practice: > > A site for aficionados of various kinds of pets: > > _dmarc.petlovers.com p=reject psd=u > _dmarc.cats.petlovers.com psd=y > _dmarc.dogs.petlovers.com psd=y > > A message from management: > > From: felix@cats.petlovers.com > DKIM-Signature: d=petlovers.com > Subject: Dogs are bad > etc. > > I'm not saying this is particularly likely, but it's no less likely than > any other contrived psd=y scenario so I hope we can stop now and move on > to something more important. > > Regards, > John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY > Please consider the environment before reading this e-mail. https://jl.ly > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
- [dmarc-ietf] Final, I hope, tweaks to the tree wa… John R. Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John R Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John R Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John R Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] moving past pad=y? Douglas Foster
- Re: [dmarc-ietf] moving past pad=y? Murray S. Kucherawy
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Alessandro Vesely
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] moving past pad=y? Douglas Foster
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… John Levine
- Re: [dmarc-ietf] Final, I hope, tweaks to the tre… Scott Kitterman