Re: [dmarc-ietf] Amazon Comments to DMARC Extension to PSD
Scott Kitterman <sklist@kitterman.com> Wed, 17 July 2019 23:50 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7BB41201B5 for <dmarc@ietfa.amsl.com>; Wed, 17 Jul 2019 16:50:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=B6e4s03w; dkim=pass (2048-bit key) header.d=kitterman.com header.b=Q1pmLl/y
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mrnkHjn-ptpN for <dmarc@ietfa.amsl.com>; Wed, 17 Jul 2019 16:50:56 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E78FF1201A2 for <dmarc@ietf.org>; Wed, 17 Jul 2019 16:50:55 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) by interserver.kitterman.com (Postfix) with ESMTPS id C4F45F805D5; Wed, 17 Jul 2019 19:50:24 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1563407424; h=date : in-reply-to : references : mime-version : content-type : content-transfer-encoding : subject : to : from : message-id : from; bh=SpnHvf0Pu+KOBDaY04SICw71Bmwr1EOEw7YnLr0upjk=; b=B6e4s03w0+l9pgbkbKRsGaIGQelprHmJ4opTyyZvZoWpry6uRsjYIEx6 9N94Wcm/MAZ+0sihc17DdCzn2zrNCw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1563407424; h=date : in-reply-to : references : mime-version : content-type : content-transfer-encoding : subject : to : from : message-id : from; bh=SpnHvf0Pu+KOBDaY04SICw71Bmwr1EOEw7YnLr0upjk=; b=Q1pmLl/yr7qHvgbZAaH5KiwH0C4OuGN8CEfnQ3OQaQvmBNw2ybhXQleU HENqheKeO6myb6C6Bkw01O3pHJmO+jB5/jmyLFqMi9Ui65WYXxdHUxldhd fMYxH2lVzOWJgyUzVDy8DY5hWXhviQeJG+AbMYO99VanWqzYcmdwKGrzrx g11n+BFg/gSSDxD4LrcHlOm3oIC4VxUPOp21TWqZa3J/sqk+1ECm5pHEGb fB6TsUzbChT+5lIzN/RgcVXt/JjEjezUGFS2zkE2RhHw1u93pg5tCkRz/9 AvdQvuQkviRy8gv1axEaLMOdusl19DgrUTIwgEX4aio4euPhegBWdw==
Received: from [10.65.244.24] (mobile-166-170-51-136.mycingular.net [166.170.51.136]) by interserver.kitterman.com (Postfix) with ESMTPSA id 4AEBFF80042; Wed, 17 Jul 2019 19:50:24 -0400 (EDT)
Date: Wed, 17 Jul 2019 23:50:21 +0000
In-Reply-To: <132DD4E4-616A-47F5-A4A3-681067C86DA6@amazon.com>
References: <132DD4E4-616A-47F5-A4A3-681067C86DA6@amazon.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
To: dmarc@ietf.org
From: Scott Kitterman <sklist@kitterman.com>
Message-ID: <67D6F75C-3884-47A8-8AB6-F19088C03547@kitterman.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/IiLqV-bLnxUOM6eU4dKZtmsxn7A>
Subject: Re: [dmarc-ietf] Amazon Comments to DMARC Extension to PSD
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 23:50:58 -0000
On July 17, 2019 10:23:11 PM UTC, "Flaim, Bobby" <flaim=40amazon.com@dmarc.ietf.org> wrote: >Amazon supports this draft and effort . > >This current DMARC extension (IETF DMARC PSD) >draft<https://datatracker.ietf.org/doc/draft-ietf-dmarc-psd/> would >make it easier for our direct customers (registrants) to setup a common >DMARC policy for all their subdomains. With this extension they can set >up the policy in one place, such as the SLD level (second level domain) >and it will apply to any subdomain they create. However, since >feedback leakage can happen due to the nature of the IETF DMARC PSD >solution, the following proposed alternative could be employed to >address this issue. > >Is the DEMARC defined for dog.animals.com<http://dog.animals.com>? > >a. Yes: then use it > >b. No: then look for DMARC on animals.com<http://animals.com> > >Proposed Default Alternative: >a. Is the DEMARC defined for >dog.animals.com<http://dog.animals.com>? > >a. Yes: Then use it > >b. No: Is using the PSD DMARC explicitly permitted by the >dog.animals.com<http://dog.animals.com> owner in some TXT record (means >“delegated explicitly to the PSD”)? >1. Yes: then look for DMARC onanimals.com<http://animals.com> >1. No: terminate > >The alternative proposal requires the registrant to explicitly set up >the default. How would that work for non-existent domains? Appendix B describes options to address the issues. I like that your suggestion doesn't leave it in the hands of the PSO to self assert if PSD DMARC is appropriate, but I wonder why dog.animals.com doesn't just publish a DMARC record? Scott K
- [dmarc-ietf] Amazon Comments to DMARC Extension t… Flaim, Bobby
- Re: [dmarc-ietf] Amazon Comments to DMARC Extensi… Scott Kitterman
- Re: [dmarc-ietf] Amazon Comments to DMARC Extensi… Dotzero
- Re: [dmarc-ietf] Amazon Comments to DMARC Extensi… John Levine