Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd

Tim Wicinski <tjw.ietf@gmail.com> Mon, 11 November 2019 21:27 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5AE412083A for <dmarc@ietfa.amsl.com>; Mon, 11 Nov 2019 13:27:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K3bRMc2wq_Ih for <dmarc@ietfa.amsl.com>; Mon, 11 Nov 2019 13:27:41 -0800 (PST)
Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B42B12006D for <dmarc@ietf.org>; Mon, 11 Nov 2019 13:27:41 -0800 (PST)
Received: by mail-ot1-x333.google.com with SMTP id u13so12508381ote.0 for <dmarc@ietf.org>; Mon, 11 Nov 2019 13:27:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=azCChxMsa5uRtX7Xfq8/ggxKr4d53wssqZPXKZ03eH8=; b=uVKMsdqcG5fFUMGIi6I2tzgC4fBwdRqfLJTW82RgYKqR6CNhxCyHJt5HFWFervV16g Ub9z88TS6WQaH22hiyWDP29SXEojtJveAwH+4xb5+m/LTCvi+Hiyt//d3WkI4v1y6eKA 7PJ15GahD+vhToXN0R+scNz4NWtngAsp73uV1YdtbGFdPTK9ZQk9nlBISev7uHKSevFV j4fvhPmQ6nvilXKBpdQeoEK5IwnKae3pzZn0UKTaMHCwT48qJWblbjGkBNaykVZb+Xfz TWKvz4fTeLCE0x/3RsbWZfjZhXl0A9hsbSFRrSWgaszhArqbgvhiVC+FwqCOLnYY0zqg JIAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=azCChxMsa5uRtX7Xfq8/ggxKr4d53wssqZPXKZ03eH8=; b=XIzuGYlFFU1Teydz5AW2Fy/bw4ScZsI4NxPf4IgptHctBWsWrxcXP9xfbGwyxWlxcL ArKvOBiHS9WIDBrpdIP3escwvTboOKruzzpstnivlFiAIoVOO6WcLYBcgL9DXtsH3Gcp C7ZAuFQDu0K3JP4r9hhsUKB4JqDj5nF8JP9DhWKb95utmIpsfxg6V81ih4tyPzTrpT7z ZVlfiFNtzjauegJonsYUyLzkywJpQVWLfTFAcDsja+YptFhJRLmxDe2WZAQB6bBW4Rjy hiPQ9alzHpBFgVlNk6Zt1KIEC475bptTm1ixB3goeQh+YqIcLuJL/93g+lHaiuI8g4e4 zeZA==
X-Gm-Message-State: APjAAAWwUpvHUddy3etRtyLdOy5AS3ShAnyVR4D1agigQyq1JPgp8lU+ YGhbLbel7lXiQQi3W1ZKQLuBmhnmGcBRefAwf2A55A==
X-Google-Smtp-Source: APXvYqx1C2Jvj9KjhqTCQA3l+jNjVnzKPEP1dEtTuAU5DE37HQm42ytE48zSgRckZA1YBEZ1u4gzBYOdYYFMphOLXK4=
X-Received: by 2002:a9d:bb6:: with SMTP id 51mr23852100oth.158.1573507660720; Mon, 11 Nov 2019 13:27:40 -0800 (PST)
MIME-Version: 1.0
References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <CAL0qLwacbAT04tckpPcRcnOt=1QByOBeJ7uDf6rNK6NRwtxZYg@mail.gmail.com> <ffa2bf72-3024-237b-86ae-9cc04babeec6@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <CAL0qLwbp2hNrgF_xxhKRRODQ6HP=U5_K-r3Wtm1wJZOZcKup3g@mail.gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <CADyWQ+GSP0K=Ci22ouE6AvdqCDGgUAg3jZHBOg3EwCmw=QG84A@mail.gmail.com> <CABuGu1obn55Y2=CuEYRYCEO3TYYNhYTsdkesQ67O61jRyfO=wA@mail.gmail.com>
In-Reply-To: <CABuGu1obn55Y2=CuEYRYCEO3TYYNhYTsdkesQ67O61jRyfO=wA@mail.gmail.com>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Mon, 11 Nov 2019 16:27:29 -0500
Message-ID: <CADyWQ+ErTGHw-AqBQYPrt1+y38S0SL02x0h4vTtDwzx9H4k2kA@mail.gmail.com>
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: Scott Kitterman <sklist@kitterman.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002b2f52059718cdba"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/_Q4pEZR18Vz5wTVT7t8JO6FuP1Y>
Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Nov 2019 21:27:43 -0000

Kurt

You are absolutely correct.  We were having such discussions about the PSL
origins that I was going back over the DMARC spec and refreshing my
memory on how the PSL was defined and used. I wasn't even looking at the
PSD document.

Tim

On Mon, Nov 11, 2019 at 10:46 AM Kurt Andersen (b) <kboth@drkurt.com>; wrote:

> On Mon, Nov 11, 2019 at 1:58 AM Tim Wicinski <tjw.ietf@gmail.com>; wrote:
>
>> Scott
>>
>> PSD DMARC does talk about organizational domains which from the original
>> DMARC spec (section 3.2)
>> does say 'Acquire a "public suffix" list'
>>
>> The addition of the preamble text shouldn't move the document in either
>> direction.
>> I do feel anything which helps focus us on moving forward on DMARC-bis is
>> a good thing.
>> The WG should be able to start writing the PSL document right away.
>>
>
> Tim,
>
> I think that you are being too liberal in applying transitive references.
> The PSD document only refers to the PSL in
>
>    - Informative References
>    - Appendix A.1
>    - Appendix B.3
>    - Appendix C.2 (implementations)
>
> I don't think that it is fair to say that anyone who refers to the org
> domain concept as cited in the DMARC spec is necessarily invoking the PSL.
>
> I do have a problem with the conflation of the org domain with a
> super-organizational "realm" (?) that may impose conditions upon
> organizations that fall within their jurisdictional purview. My main
> concerns are with the potential usurpation of the org domain's policy
> declaration rights. "Moving" the org domain up one level disenfranchises
> the organizations and that is the wrong thing to do IMO.
>
> As to the proposed "let's run this as an experiment pending DMARCbis", I
> don't see how that satisfies Dave's concern about creating new work for
> receivers in order to help a small set of domain (realm) owners. I'm not
> opposed to it, but I just don't see how this solves the issue.
>
> --Kurt
>