[dmarc-ietf] For the chairs: The lack of consensus
Douglas Foster <dougfoster.emailstandards@gmail.com> Mon, 11 April 2022 11:50 UTC
Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46AC53A1905; Mon, 11 Apr 2022 04:50:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l59GQACasbQI; Mon, 11 Apr 2022 04:50:35 -0700 (PDT)
Received: from mail-oa1-x32.google.com (mail-oa1-x32.google.com [IPv6:2001:4860:4864:20::32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FE833A1916; Mon, 11 Apr 2022 04:50:35 -0700 (PDT)
Received: by mail-oa1-x32.google.com with SMTP id 586e51a60fabf-de3ca1efbaso16872620fac.9; Mon, 11 Apr 2022 04:50:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to:cc; bh=6B5uldHkhmScAINJbL0Z2Ezvg6a43aN3/kwepRUIxRI=; b=oN92gUjoq/UnyN5wPqZFj5j4tltqKXz3zi88B+o80w6J9ByU7ktIrrUVKuZijVQsth dNJqSug7azpjs09Pqs4hHbCAcLNtIT71w6kUKLTgeUjSZr0HGdhUiCTof5VapZOBWzdi eaIBI3JWnMlcFjl1eoyocIEEK+8/8sQEQYyvxMQO9xLoQOSUx2R1L5l3tD/muSVt2ArC bZdSybkXystp3u4tDwe1Oq9xpWzkyB00+ONX5qYgsr7BGsEJo9vVShR7EDT/RWIcqbLN 5XcFFsf+/N/jRL2HtFro2LAQexSxCWiSk2tE/UMgqJdIrb0zQ3wZ4lS2t5VVFVGz9Czy xgGw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=6B5uldHkhmScAINJbL0Z2Ezvg6a43aN3/kwepRUIxRI=; b=EFAcaPW+uroXruMjvmxo2Yll/+A+y5lUo2PiwzM+5RckyPpxR1hteneESaxA5ozRiO EyqdYT7Iz2KjiwUz/Z/vlkoBzjEO+D2yQ5YTK3sWLlXaevG9uouNb9EesD/9yAUS0eTd qfsOkR8uMNFr08x7Nyp2k3vzX/a6Zre7QtAB3kS/HwMk469OkSqqG/6KhdFT3rt9maX7 W1B2+Riz68X04n1B8a4B7XSH2XMU8TqetR5H2FKwFwYtRHPTfZbrtXgWOWFejERERdTY agPXrEZwXboDJCbDkSXeGkeXJIK5bcA8YQzldEqWxvvVLKCRa53zojuSp3dg6TLDTyGh 8jog==
X-Gm-Message-State: AOAM533gAz68T7QMIOfGWFlbSk9BljGkc9j8wyZIlpunV0NffVXfKeSa 7DFq+y0uM5zKX2rslysQzgfv717pBC8qa0TUSsspXBSRMjg=
X-Google-Smtp-Source: ABdhPJy9j7K3j77wl2ffVmzcnRTJNImUXbJOBMIC8VzMQ7WLZnGNl7PvVuoSGFkDRxpe7wiN+kT7QmDkuNHKQ6jPQ04=
X-Received: by 2002:a05:6870:6192:b0:e1:dcc4:e0e8 with SMTP id a18-20020a056870619200b000e1dcc4e0e8mr14218242oah.58.1649677834165; Mon, 11 Apr 2022 04:50:34 -0700 (PDT)
MIME-Version: 1.0
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Mon, 11 Apr 2022 07:50:23 -0400
Message-ID: <CAH48Zfx2z9uEWhrrtm5Jkqowre5rPeHVhHnpjHt+sFX19g1x4A@mail.gmail.com>
To: dmarc-chairs@ietf.org
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004c9ff105dc5f8d8f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/PK8AkSKrrvddRPk_dtAj6Bye27E>
Subject: [dmarc-ietf] For the chairs: The lack of consensus
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Apr 2022 11:50:42 -0000
It seems clear that we have lost consensus. The next DMARC-related RFC will not be able to justify standards track unless a miracle occurs, and a miracle seems unlikely. The problem was evident years ago, when Dave Crocker’s proposal was on the table. It captured all of the frustration of the mailing list community. He was convinced to go quiet, but the mailing list problem was not solved. This previous milestone promised ARC as a solution, but that promise has not been fulfilled. So we have a potentially large body of opposition at the next milestone. Internally, we have also had a lot of opposition. Too much of this discussion has been combative rather than cooperative. As one painful example, it should not have required a year of complaining for me to obtain an open discussion about the definition of non-existent domains. Additionally, I know that we have lost some participants because of the tone of the group. I also note that we have lost a lot of active participants in total, for reasons unknown. Those of us who remain are so few that it is bold to presume that we represent the interests of the legitimate portion of the email community. Then, Michael Hammer warned us that DMARC had a security vulnerability when sibling authentication was used within unidentified private registries. We should have immediately moved to deprecate sibling authentication. Initially, we dismissed the problem as too difficult to solve, then pursued the tree walk algorithm which exacerbates the problem. And now, the tree walk draft has been developed by a process which has openly discarded collaboration. It should be reclassified as an individual submission, not a working group document. Several of its assumptions are disputable, but disputing has been unproductive. The last week of silence indicates that its advocates have no intention of changing course. At present, my agenda is to develop a specification which integrates the PSL with domain owner indicators and evaluator knowledge, without discarding any data. I hope that the effort will be assisted by some members, but I have no hope of acceptance from those who are already committed to other outcomes. Consequently, I am asking the chairs to allow project forking to create divergent individual (and subgroup) drafts. Hopefully, the number of unique proposals will be small. If consensus remains as divided as it is now, those can move forward as individual informational documents looking for enough interest to become experiments. Doug
- [dmarc-ietf] For the chairs: The lack of consensus Douglas Foster