Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion
Todd Herr <todd.herr@valimail.com> Tue, 03 August 2021 19:55 UTC
Return-Path: <todd.herr@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B0333A30C4 for <dmarc@ietfa.amsl.com>; Tue, 3 Aug 2021 12:55:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ApzJm7rg1h6c for <dmarc@ietfa.amsl.com>; Tue, 3 Aug 2021 12:55:17 -0700 (PDT)
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 052473A179E for <dmarc@ietf.org>; Tue, 3 Aug 2021 12:55:16 -0700 (PDT)
Received: by mail-qv1-xf2a.google.com with SMTP id g6so14592qvj.8 for <dmarc@ietf.org>; Tue, 03 Aug 2021 12:55:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1wxaf+5tYGFTiQSpspWJvTzfC1+FoqpnFXu4EDMclUc=; b=aZMh8EHL2bQV/IoNHdlQZrxDINNFGtGoxVoWPS+qNQu29JBq0DU6wzzUi/B6oAv3Xv hZwvvSwdhwyfTvQ4tXgB98xQY6iC0YUIRbocYxO7v52oAdcVHBqM5OyGGZnMw9WJcE1v JD9jQ62MDBlHQW4pGt8EmQY7s1YdwESi0qWkSouKjxRg9ko+kRNH2RB+n8vAkMbSF+va 15ZBp4UQs/unwNCv2Cv4WPp7NN5MTdU3byV/nDqUdR2auUQ8rCPiOvFQQ3K4ruzxLMrl OPNTepmhHogkzZv+ITD0e/Kcq7rjD+RVGby5auV9Tdx2AvrLsWv0zX2vRAR3rKs5Z/Wl QFMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1wxaf+5tYGFTiQSpspWJvTzfC1+FoqpnFXu4EDMclUc=; b=CjMp7laL2K4X3InrM8EBRvejb9jT46pZh6Ca7f/6ldGxaAeE3iJFIIfHo+k6zhToaO uMttIl1gkcmpOhEjI+Df8atw+V6eaxNbIFY5/Aos9vPjpsjN3RqgF6Qw9dSg1Y0CYS3M LRsif1HVM/O000rniPFjyEOITkRcoakY1ku7p/AOqOLJc37IDmxVttsuz2/X49+cUta5 65vvBcEjAhNUtfK+dqfNFY2hDWfk9QU8UaYXOdRrrjn3ln9Ejatlk03/WPCIaDzstZpr pnISJvUPnYlxf0dV/jSOQwnRNdi7H5X/JBfQZne6TywWgN6fjCnkTRUhl4m/hLjNZkIt KuPg==
X-Gm-Message-State: AOAM533496zObv29sq6teLVemeVRWA4ytppQbHjph1pBoNj8CDSsazsV cj6fVAIyI/AqGhTJKeA4mp4cfEhpgoHT+23dADNmrg==
X-Google-Smtp-Source: ABdhPJwRkT7Y0h7APNU0/l+neLbZQbApdwpP51KlN5Eqp4Wb9YJL1PQL4HW8Ihe67GMJwMOXyOTGEZ8EJumvua75ouQ=
X-Received: by 2002:a0c:ab1c:: with SMTP id h28mr23627036qvb.39.1628020514249; Tue, 03 Aug 2021 12:55:14 -0700 (PDT)
MIME-Version: 1.0
References: <CAHej_8=LL_KWcVYnc2quYSGMnQF5bdoerDtTZZm1yGjxjCqW1Q@mail.gmail.com> <20210803021005.EE5CF257D352@ary.qy> <CAHej_8k0rZHY02_mAMfc19dUOVREbd_WdTr5whUuNHmggx+cdA@mail.gmail.com> <CALaySJKb32r36Eq89_bM_dv4NeMtPmkgzHJX=AW+QVM-skHoVQ@mail.gmail.com>
In-Reply-To: <CALaySJKb32r36Eq89_bM_dv4NeMtPmkgzHJX=AW+QVM-skHoVQ@mail.gmail.com>
From: Todd Herr <todd.herr@valimail.com>
Date: Tue, 03 Aug 2021 15:54:58 -0400
Message-ID: <CAHej_8kFB+icKyhTNUhbAV39Fa5KJBAXDb+REQM_1CPaUnkXzg@mail.gmail.com>
To: Barry Leiba <barryleiba@computer.org>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007071e605c8ad10a4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/WcGW-sNkiYGF381Qo1S4fz3vLek>
Subject: Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Aug 2021 19:55:23 -0000
On Tue, Aug 3, 2021 at 8:22 AM Barry Leiba <barryleiba@computer.org> wrote: > The problem I have with leaving pct=0 in as the only (non-default) value > is that it locks history into the protocol. It makes no sense to have a > binary situation specified by a tag called “pct” that is either 0 or 100. > > If we’re leaving this in as a binary thing, (1) we’re already incompatible > with deployments that do pct=20 or whatever, so (2) we might better make it > a y/n or t/f valued tag for that function, deprecate pct entirely, and > leave text in a backward-compatibility section explaining what happened. > > I just think that the pct= 0 or 100 thing won’t wear well and will appear > tattered quickly. > > I don't disagree with you here, Barry, so let me propose this. 1. Eliminate the 'pct' tag entirely. Section 6.3, General Record Format, says "unknown tags MUST be ignored." so we're covered on the compatibility issue, I think. 2. Define a tag named "t", in a fashion somewhat similar to the t= tag available for DKIM public key records, as follows: t: DMARC policy test mode (plain-text; OPTIONAL; default is 'n'). For the RFC5322.From domain to which the DMARC record applies, the "t" tag serves as a signal to the actor performing DMARC validation checks as to whether or not the domain owner wishes the assessment policy declared in the "p=" tag to actually be applied. This parameter does not affect the generation of DMARC reports. Possible values are as follows: y: A request that the actor performing the DMARC validation check not apply the policy, but instead apply any special handling rules it might have in place. The domain owner is currently testing its specified DMARC assessment policy. n: The default, a request to apply the policy as specified to any message that produces a DMARC "fail" result. 3. Include the following as an Appendix: Appendix C. History of the "pct" Tag An earlier informational version of the DMARC protocol [RFC7489] included a "pct" tag and specified all integers from 0 to 100 inclusive as valid values for the tag. The intent of the tag was to provide domain owners with a method to gradually change their preferred assessment policy (the p= tag) from 'none' to 'quarantine' or from 'quarantine' to 'reject' by requesting the stricter treatment for just a percentage of messages that produced DMARC results of "fail". Operational experience showed that the pct tag did not function as intended due to many factors, unless the value specified was either "0" or "100" (the default). The default value was easily implemented, as it required no special processing on the part of the message receiver, while the value of "0" took on unintended significance as a value used by some intermediaries and mailbox providers as an indicator to deviate from standard handling of the message. These "custom" actions proved too valuable to the email community to remove their availability from this version of the protocol, but at the same time it didn't make sense to support a tag named "pct" that had only two valid values. This version of the DMARC protocol therefore introduces the "t" tag as shorthand for "testing", with the valid values of "y" and "n", which should be analogous to the "pct" tag values "0" and "100", respectively. -- *Todd Herr* | Technical Director, Standards and Ecosystem *e:* todd.herr@valimail.com *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
- [dmarc-ietf] Some Proposed Language for a New pct… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Дилян Палаузов
- Re: [dmarc-ietf] Some Proposed Language for a New… Murray S. Kucherawy
- Re: [dmarc-ietf] not enhanced status codes Some P… John Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… John Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] not enhanced status codes Some P… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Dotzero
- Re: [dmarc-ietf] Some Proposed Language for a New… John Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… Murray S. Kucherawy
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Barry Leiba
- Re: [dmarc-ietf] Some Proposed Language for a New… John R Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Dave Crocker
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Dave Crocker
- Re: [dmarc-ietf] Some Proposed Language for a New… David I
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- [dmarc-ietf] Reporting rewrites, was Some Propose… Alessandro Vesely
- Re: [dmarc-ietf] Reporting rewrites, was Some Pro… Todd Herr
- Re: [dmarc-ietf] Reporting rewrites Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Reporting rewrites Todd Herr
- Re: [dmarc-ietf] Reporting rewrites Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Murray S. Kucherawy
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster