IETF Logo Mail Archive

Re: [dmarc-ietf] Feedback on draft-ietf-dmarc-psd-02

Seth Blank <seth@valimail.com> Fri, 12 April 2019 07:00 UTC

Return-Path: <seth@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 021451200BA for <dmarc@ietfa.amsl.com>; Fri, 12 Apr 2019 00:00:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mxdSF-UZdr0H for <dmarc@ietfa.amsl.com>; Fri, 12 Apr 2019 00:00:46 -0700 (PDT)
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2F83120092 for <dmarc@ietf.org>; Fri, 12 Apr 2019 00:00:45 -0700 (PDT)
Received: by mail-wr1-x433.google.com with SMTP id q1so10528470wrp.0 for <dmarc@ietf.org>; Fri, 12 Apr 2019 00:00:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=PTWLCCRHJJ38VrUGL6w/mlGw+3a2UlGNmEbumnnoOYQ=; b=Mqo3CRbhCprl3lcEhcnSlSqsMzMSIk2v3TzytGXaaGTwL0GcVmmr+4i8UYntGTstgj r/prnh9LbSbAlYwMFG0vxuNKPGkP0X67S2tovLHw6xSMlk1R1Zwji49x6rR/ZIQerXea EpsC/ZyV3DrqQS61K2v6DPw9ahJM7VgBdfPLXFEfG5P2O0tJSK31Xm7hc0qbrPdSbKiR Q0i//HgYGfuv0IuvYstdUprPJO4faQhKjeGoC0QuG7Qnwy7LAnxeTWzX6225jtSIMk6a Yi+cCxl2jl7PvWHNH576JCQBe2sleTRcylFLTIHQWroBLItRcgfgwmfefDjxpgQYyrQc yXfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=PTWLCCRHJJ38VrUGL6w/mlGw+3a2UlGNmEbumnnoOYQ=; b=m4NldIt4wxkcre9UH1fRmAV/6fZr44L84Q2CRG+bHeeL38WvBd2GlGamXNVBqxi1iX eunqyKhwT69qsBnEQTyl31l8vJHHvwAqQzvzd7CxZA+wvr4BK3hOwHtoVzu45U3AseDr aZ1/2cBq4DyUzKbgiD4D2LclhfSja+/D8q9YfnLN1Bo7aWqJ+kMHGwbNgFX/befNvAuA r880++J7pK7h+s2EtuB7yGpPzKqijzMz8OemDNej6X5uMKC0oMXWGMaJhoWOcYcY5cmg PU877XOlmUHFJLrmiAgVrIE2222KtFRvj9HMCVYuTjuyOCwWK5xUHc4ZmV6a2DadF8LS gMIw==
X-Gm-Message-State: APjAAAU46HKhgDHg+jwnwvWp8ICn6j+IQ3VY4MZzLh6k14kH0kTGqXkn 0CpyYoC/eucaepxMNm0PCs0iDezuxX+vbqTf+TI8ESrxx+s=
X-Google-Smtp-Source: APXvYqx3HhgOYSTbd0eEyM6+ZOx5Zf6TTHdmsrGWM9CBW2TcVqw6jHStsAHY8T24R4MV+ZGhnf215cy/q4W3iia64Tk=
X-Received: by 2002:adf:e790:: with SMTP id n16mr23450756wrm.292.1555052444163; Fri, 12 Apr 2019 00:00:44 -0700 (PDT)
MIME-Version: 1.0
References: <CABuGu1oE+W7_==GxG0Qmo9WxcPWm5in50EZwU+kSEJ4a0=QZzA@mail.gmail.com> <2560485.41NbCdns5Z@kitterma-e6430>
In-Reply-To: <2560485.41NbCdns5Z@kitterma-e6430>
From: Seth Blank <seth@valimail.com>
Date: Fri, 12 Apr 2019 09:00:33 +0200
Message-ID: <CAOZAAfP0fNxfRV1CGkzqSaznjUWUyJdTS3UdvDSDhn0ZCQK=7w@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008ab20405864fdc62"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/dagqRIwdRNMBaAOhqZvXi83O1gk>
Subject: Re: [dmarc-ietf] Feedback on draft-ietf-dmarc-psd-02
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2019 07:00:50 -0000

On Fri, Apr 12, 2019 at 4:57 AM Scott Kitterman <sklist@kitterman.com>
wrote:

> I think adding a MUST NOT regarding RUF is a good idea.
>

I think this is a bad idea for two very important reasons:

1) Any gTLD being used as a brand domain (i.e. .google, .microsoft, etc.)
may wish to use failure reports on these domains just as they would on
their .com's.

2) We wanted this spec to be the *minimum* delta from DMARC possible.
That's why we added the third lookup but removed all other items. A MUST
NOT for RUF no longer feels like a minimum delta. It also adds extra
overhead to any implementation changes needed to test the experiment.

We should (and I believe do) make the case in privacy consideration that
failure reports for a third lookup is a bad idea. I don't think we need
more of this right now. If during the experiment it becomes clear that this
guidance is needed, then it can be folded into DMARC 2.0 when everything
comes together.

v2.23.0 | Report a Bug | By Email