Re: [dmarc-ietf] PSD simplification

Scott Kitterman <> Mon, 17 December 2018 20:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id F403F130F40 for <>; Mon, 17 Dec 2018 12:03:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.b=9ZEP3ll7; dkim=pass (2048-bit key) header.b=W+elPI7C
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id P3i6h0mtvU4u for <>; Mon, 17 Dec 2018 12:03:44 -0800 (PST)
Received: from ( [IPv6:2607:f0d0:3a01:a3::9]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F3770129AB8 for <>; Mon, 17 Dec 2018 12:03:43 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;;; q=dns/txt; s=201812e; t=1545077017; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from : subject : date; bh=squ1CTHihWsihymndGniWOGlbIRdGxndwW39duHgUXg=; b=9ZEP3ll7VeH6wXfD2tym60NlRr1Azw54cD6YeAxQH/xUjuXqX4IX4lE7 hn19OE6gH70aIPya67XvmquatRIdDw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; q=dns/txt; s=201812r; t=1545077017; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from : subject : date; bh=squ1CTHihWsihymndGniWOGlbIRdGxndwW39duHgUXg=; b=W+elPI7CF5fqmgm7ENmMAyjd+6chvD9BXmxWz28XMvYstQraICAJ9vUI AxXPW+43TvxoSaRbLgCYLXZ4iC57gNWIvvF7AQInRRQ3R2Y9rg3oPZAhli WiJryEhekKSI4BRPgvIF9Hky7tfnH1geSUfP5plX8V6KvgW3iOpfSknJCq AQJEd/qTs6juUkg0P9geKCc0Jfbihu4Ia4fD12Smh6p+W5I+ImFNaMqldd UckD7z49XJvOdit1k/j9hyKtNj9G2ABKRWCedS1eEIRx4djqVb9Oyv0Ix0 DnPMrrIXwAXfvp/1tlccq/prOZxg0AZ1iFTL4fQdXBn41aysmwhkAQ==
Received: from kitterma-e6430.localnet ( []) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 821282D407D2 for <>; Mon, 17 Dec 2018 14:03:37 -0600 (CST)
From: Scott Kitterman <>
Date: Mon, 17 Dec 2018 15:03:36 -0500
Message-ID: <2188823.MQKRFllneH@kitterma-e6430>
User-Agent: KMail/4.13.3 (Linux/3.13.0-163-generic; KDE/4.13.3; x86_64; ; )
In-Reply-To: <>
References: <> <> <>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <>
Subject: Re: [dmarc-ietf] PSD simplification
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 17 Dec 2018 20:03:46 -0000

On Saturday, December 15, 2018 01:23:32 AM Scott Kitterman wrote:
> On December 14, 2018 4:34:35 AM UTC, Dave Crocker <> 
> >On 12/13/2018 4:25 PM, Scott Kitterman wrote:
> >> It suffers from what is, in my opinion, a fatal flaw: it relies
> >
> >entirely on
> >
> >> assertions that any PSO can publish with no external review.  Without
> >
> >some
> >
> >> kind of third-party check on this, I don't believe there's any
> >
> >privacy
> >
> >> mitigation at all.
> >
> >I think that assessment is misses an essential point.
> >
> >Let me back up and say that my suggested alternative is intended to
> >take
> >the basic concern you are raising seriously.  (I'm not stating a
> >personal opinion about the seriousness of this as a threat vector, but
> >merely looking for a simpler way to satisfy the concern.)
> >
> >The alternative requires that the registry's dmarc record be
> >accompanied
> >by a record that points to the terms and conditions the registry
> >publishes to indicate why their record is acceptable.  (Your draft's
> >specification of those conditions looked to me like a reasonable
> >starting point; there should be a separate wg discussion for the
> >precise
> >details and wording; I don't have a personal opinion about those
> >words.)
> >
> >As for the benefits I see in the alternative I've proposed, I'll class
> >them as simplification and robustness.
> >
> >First, a new, query-able registry is expensive to run; and difficult to
> >
> >ensure quality control for, over the long run.
> >
> >Second, the vetting method your draft proposes for the registry relies
> >on a technical expert to make what is frankly a legal assessment of the
> >
> >terms and conditions that the registry publishes.  And that assessment
> >is made only one time, when the registry entry is first created.  The
> >registry might change its T&C text and we'd be unaware of it.
> >
> >So while you are technically correct that the alternative means that
> >the
> >registry gets to /publish/ with no external review, it is not true that
> >their dmarc record will automatically be used without review.
> >
> >In fact what I'm proposing will make widespread and ongoing review
> >likely, IMO, probably in the spirit of ongoing reputation assessment
> >that the email industry already does, although for dmarc default record
> >rather than spam.
> I see your point.  In addition to complexity, tohe issue that there is no
> mechanism for removing bad actors from the registry does present a problem.
> Let me think it over and see if I can come up with text that both addresses
> your concerns and also provides guidance that I'd be comfortable with in
> lieu of the registry.

I thought about it over the weekend, and I didn't come up with anything I was 
really happy with that also addresses your concerns.  Still thinking about it.

It is clear though, based on this discussion, that the privacy concerns 
section needs to be beefed up.  My plan is to focus first on that.  It has two 
advantages: One; I think I know what to write and two; I don't think it will 
be very controversial.

In any case, having agreed text in the draft that describes what privacy 
issues we want to mitigate seems like a good next step towards figuring out 
how best to do that.

Scott K