IETF Logo Mail Archive

Re: [dmarc-ietf] Are Evaluators motivated to switch to Tree Walk?

Alessandro Vesely <vesely@tana.it> Mon, 20 June 2022 07:11 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93F53C15948A for <dmarc@ietfa.amsl.com>; Mon, 20 Jun 2022 00:11:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.002
X-Spam-Level:
X-Spam-Status: No, score=-4.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.876, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=tana.it header.b=eYTCcd60; dkim=pass (1152-bit key) header.d=tana.it header.b=A4piwf6x
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pZngXgGyf47d for <dmarc@ietfa.amsl.com>; Mon, 20 Jun 2022 00:11:48 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CCAFBC159488 for <dmarc@ietf.org>; Mon, 20 Jun 2022 00:11:43 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=tana.it; s=epsilon; t=1655709098; bh=Nh4J7WgU7206Yze1FJRrFjPH22iZCbKfu0z0loqgtX0=; h=Date:Subject:To:References:From:In-Reply-To; b=eYTCcd605kp+/wCeaBC+5LckvObnQQ2AVJNmx9EvYdAiIFwd06s/3p1R6163LUJHO d6vd8DrWhril+X9rk6aAg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1655709098; bh=Nh4J7WgU7206Yze1FJRrFjPH22iZCbKfu0z0loqgtX0=; h=Date:To:References:From:In-Reply-To; b=A4piwf6xncwBzrbXh62VKFwVxnI1DA3v/wqTyT40xE44/3e/hDh/65zq2LKANkJlv +5UW1cHQXW+EeKCelrOi5nWjwAGgaN5CWLFk0vSx9djDrsqNuhnRDjt0yGaAnjJJfM NfBszG9Fd2taMtlANiCTGlESbTmd9heREMAaZI1tMiro4+D+fHOwUn5xa8ODn
Author: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0DC.0000000062B01DAA.000042AE; Mon, 20 Jun 2022 09:11:38 +0200
Message-ID: <2dc08799-7673-93cf-f8a4-43a487d27a68@tana.it>
Date: Mon, 20 Jun 2022 09:11:38 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0
Content-Language: en-US
To: dmarc@ietf.org
References: <CAH48ZfzxqiPQMdRA5SNZOJA2Sd9GsL5dsGdK4aYCHBY4sNmL_Q@mail.gmail.com> <6179411.nDTXd1jgoo@zini-1880>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
In-Reply-To: <6179411.nDTXd1jgoo@zini-1880>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ddzimqdKqOOoihiJbNcvyjBIrX4>
Subject: Re: [dmarc-ietf] Are Evaluators motivated to switch to Tree Walk?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2022 07:11:54 -0000

On Sat 18/Jun/2022 15:47:47 +0200 Scott Kitterman wrote:
> The code to switch from PSL based organizational domain to tree walk based is
> trivial.  I think any marginal cost associated with implementing it or not
> will be in the noise compared to the overall cost of designing, coding,
> testing, and deploying an update from RFC 7489 to DMARCbis.


I disagree.  Coding the tree walk can be somewhat simpler than coding PSL 
lookups.  However, having already coded the latter, the switch is not trivial. 
  For one point, DNS queries can fail for various reasons, can be authoritative 
or not, and replies can change when repeated.

It is certainly easier to do, say, t=.  What other changes are there?


Best
Ale
--

v2.23.0 | Report a Bug | By Email