Re: [dmarc-ietf] finer grained org domain

[Seth Blank <seth@valimail.com>]

There is a ticket for tree walk: https://trac.ietf.org/trac/dmarc/ticket/68

Please hold the conversation until the chairs open that thread.

Seth, as Chair

On Tue, Aug 18, 2020 at 9:49 AM Dave Crocker <dhc@dcrocker.net> wrote:

> On 8/18/2020 9:43 AM, Tim Wicinski wrote:
>
> I do think the tree walk deserves another look.   Years back when it was
> brought up,
> there was lots of talk of overloading resolvers. But as someone who spent
> the past
> several years looking at the DNS query data of good sized SaaS domains,
> DMARC lookups
> (or even DMARC NXDOMAINs) were on the low end of the spectrum.  Nowadays,
> all web
> properties point to CDNs, et al with 30 second TTLs.
>
> To be entirely obvious:
>
>      badactor.a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.yougetheidea.example.com
>
> produces a possible denial of service attack.  hence, no tree-walking.
>
> d/
>
> --
> Dave Crocker
> Brandenburg InternetWorkingbbiw.net
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>


-- 

*Seth Blank* | VP, Standards and New Technologies
*e:* seth@valimail.com
*p:* 415.273.8818


This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.