Re: [dmarc-ietf] Genart last call review of draft-ietf-dmarc-psd-08

John Levine <johnl@taugh.com> Thu, 09 April 2020 23:09 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 036333A12CA for <dmarc@ietfa.amsl.com>; Thu, 9 Apr 2020 16:09:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.852
X-Spam-Level:
X-Spam-Status: No, score=-1.852 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=W/pdj5K5; dkim=pass (1536-bit key) header.d=taugh.com header.b=JpetNRHz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WGDB5tfxoFSN for <dmarc@ietfa.amsl.com>; Thu, 9 Apr 2020 16:09:35 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FEE23A12C9 for <dmarc@ietf.org>; Thu, 9 Apr 2020 16:09:35 -0700 (PDT)
Received: (qmail 3492 invoked from network); 9 Apr 2020 23:09:34 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=d9f.5e8fab2e.k2004; bh=F8ar9fiXFLqQgWz3BLVeWiECivOFp9OqRCCudjVXsL4=; b=W/pdj5K56eDI7xb8lclXOOB/EInseLqUa2Ss2B6pLyLw/TCw6c/AbjVPsMU4lO1hE7ztdmS+qN/CThbFmd/y5aEMFyiAbq5lbtfN+jAN+27AGx6aNxT7tg9cbjJ05q6mSF10eDsI1Gzyzd5se7zsRlleP1EucwYhBRy0tRAMXN4R/J3o55x3eUqgIfr89yG05/g65hlHUjAWBcDIGVOby1lIWj5sTsW+Z51zzhGVlkA1dDkUSxQ0egLSgXadGpmh
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=d9f.5e8fab2e.k2004; bh=F8ar9fiXFLqQgWz3BLVeWiECivOFp9OqRCCudjVXsL4=; b=JpetNRHznp358XLVwpfauwenGJ03S1eF9DB6zP9JILT6kT8chpgZZpnJwGO5OgzZJXoQvX1ym4+0mDVaRn0g0jhx0JfI8sL1+vH5JUS+mLzJ/W1Q3E2o0xa1PfhKDSY6LOViRhUqAaB98/dZEoRVx3CBsmNIsegnP4sHS+cC7fbbn2AfuFiedMfkt+/eqGa4rhUver6Q1ZaPZNIH7wbYVVZhuZQ5QCzo9+fCAqeAcIa7GgTaXGWxgGjZ8WpN/BaX
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 09 Apr 2020 23:09:33 -0000
Received: by ary.qy (Postfix, from userid 501) id E0CBD17638B4; Thu, 9 Apr 2020 19:09:33 -0400 (EDT)
Date: 9 Apr 2020 19:09:33 -0400
Message-Id: <20200409230933.E0CBD17638B4@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dmarc@ietf.org
Cc: kboth@drkurt.com
In-Reply-To: <CABuGu1rekWo3mRkK_OpRksYNrSmPaFHD6k1_K=a7a_Sx7aMhBQ@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/h7tLGg6Ji42HBg-xsMrJngsqjTA>
Subject: Re: [dmarc-ietf] Genart last call review of draft-ietf-dmarc-psd-08
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2020 23:09:37 -0000

In article <CABuGu1rekWo3mRkK_OpRksYNrSmPaFHD6k1_K=a7a_Sx7aMhBQ@mail.gmail.com> you write:
>   1. ".co.uk" is not a TLD. TLDs are single label domains - there are
>   ccTLDs and gTLDs.

Right.

>   2. The invocation of the PSL compounds the issue that was raised by Dave
>   Crocker. How DMARC (RFC 7489) determines the organizational domain is
>   orthogonal to this proposal which simply calls for a conditional additional
>   check at the "org - 1" level. I recommend striking the penultimate
>   paragraph in the proposal.

I'd suggest weasel wording it to say that the domain above an org
domain is often known as a public suffix domain, which typically
delegates the org domains below it to a unrelated parties.  This spec
allows public suffix domains to publish policies to supplant those of
their child org domains ...

I agree we should stay as far from mentioning the PSL and its specific
implementation as possible.  Who knows, someday people might get
around to trying my dbound in DNS implementation instead.

R's,
John