IETF Logo Mail Archive

Re: [dmarc-ietf] Fwd: I-D Action: draft-ietf-dmarc-psd-10.txt

Douglas Foster <dougfoster.emailstandards@gmail.com> Sat, 20 February 2021 14:01 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37CD13A13EE for <dmarc@ietfa.amsl.com>; Sat, 20 Feb 2021 06:01:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kVZeVW2UjTY3 for <dmarc@ietfa.amsl.com>; Sat, 20 Feb 2021 06:01:32 -0800 (PST)
Received: from mail-ua1-x931.google.com (mail-ua1-x931.google.com [IPv6:2607:f8b0:4864:20::931]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0342B3A13ED for <dmarc@ietf.org>; Sat, 20 Feb 2021 06:01:31 -0800 (PST)
Received: by mail-ua1-x931.google.com with SMTP id 62so2815240uar.13 for <dmarc@ietf.org>; Sat, 20 Feb 2021 06:01:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oWvCzfvEOpfUDnZ2SYmkWpqDiimzZZ5vOZTYXu/9znQ=; b=l+ShgNW/Bau+0mzx6SN/DFZyBJbZnYPStQ//9z1RIZ392c9C3fWFO7S6cxz0XnoLH6 juPHReVlbndwLXEri5ygFUCaZiInglf/ZDRucNGciR3G1bvmExHOz2d8ztmmIR09DnW4 J0nkd2ksw3XSVbxKfvvaQub9U/J+S5ZlssY+iuusQxb+BuMp9hvFQZbMJnko3cRfcEXB XHGWDBMf/76E3ZonckG4jL93KGUtu0AGKp14G/AL3T8u+Rv3sPQUlvi1tAkX2m8yjhYy idaN/hvlAjkYt544lwu5L8A5ddixjbvja3vhTX3B9FmTAdhqp4HzYmvFn+Jo9K7wthE1 WReg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oWvCzfvEOpfUDnZ2SYmkWpqDiimzZZ5vOZTYXu/9znQ=; b=g1qnbpoiCAFUYELArJAbG/fFL7eQogWiNZL69sjsl/B7ZrCm6peJh9pD5cyDCJeZF8 MpfBZOTsLxPSvVQErdoyLuBQPCyBDXKJ5/jvhJryvD29QryUAr/JRQ1U3CcFTBend4T7 GI0GIkf2aiIcU++T4uCOmhLAM5DX3OLCHjF0b31T6N3zF8NpBaoV6gvdNBGlZ/H9fR7h m3u7tehUnp2iMlk2o6NlfmqFmAN7htjEUU1Xr1N3R525zh6RAQmNUwzHc+G7UugDg6VD lfRfdFvfE4j4rgq1bDl9eFmBNOBfLe7jM5m7e9FDDAs4gx0MDWjDnGECH3GmDG6RFZhx UyhQ==
X-Gm-Message-State: AOAM53002YRjorKC8BhXUNbqgy1BwvJfw2CG1muq9cUNHsfIF/rRApPm wOl0kVfI0AB8Dw3rRzJUVI5hUSVXshBsqI8xnhI=
X-Google-Smtp-Source: ABdhPJyHHj46BgT/CqOYGHVKJaaY6U1kWf6D3kGw37JJ97PIzNkHVCgGIQidYxu49h3ylXwx0GTShgVl5A6B+Kmsvic=
X-Received: by 2002:ab0:3142:: with SMTP id e2mr10688852uam.110.1613829690459; Sat, 20 Feb 2021 06:01:30 -0800 (PST)
MIME-Version: 1.0
References: <161144436332.13490.10651420808048876097@ietfa.amsl.com> <CADyWQ+EhD0nz71dLtUFwb9V_6uuen-k6E5fpvrCg3ZYzfr2JSw@mail.gmail.com> <ba38a9e4-7f43-c747-2d90-f35de22a8399@gmail.com> <CAL0qLwZJaEBrXdE9JOZNOJAgR7iEzfMA86Csi2sNtE5JC7ROUQ@mail.gmail.com> <c5cd9239-b204-255a-48a3-1cdccf18464a@gmail.com> <CAL0qLwYrcg__sewPO+EWfJf-5uoHcnQpFqtw-QoXxngHTJvkAA@mail.gmail.com> <e0a4c5eb-b047-67fe-8d76-e5beb921e5ae@gmail.com>
In-Reply-To: <e0a4c5eb-b047-67fe-8d76-e5beb921e5ae@gmail.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Sat, 20 Feb 2021 09:01:20 -0500
Message-ID: <CAH48ZfyZmBp91WjfnNb0W35m+5wFGBonG+hoe2RCK_3N3xd6Xw@mail.gmail.com>
To: Dave Crocker <dcrocker@gmail.com>
Cc: "Murray S. Kucherawy" <superuser@gmail.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006d877a05bbc50165"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/lEGAP9PnWpTkwHkXifXJJBl__08>
Subject: Re: [dmarc-ietf] Fwd: I-D Action: draft-ietf-dmarc-psd-10.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Feb 2021 14:01:34 -0000

This wording attempts to address the objections by giving
"registration" a specific context.    I also rewrote some of it for
readability.

- -

DMARC (Domain-based Message Authentication, Reporting, and
Conformance) is a scalable mechanism by which a mail-originating
organization can policies and preferences for validation and
disposition of messages which purport to come from owned domains,
as well as requesting feedback reporting about those message
validation and disposition actions.  These features allow the domain
owner to detect and inhibit domain name abuse.

DMARC is designed for use by domain owners.  Consequently it has no
applicability for domains that have no owner because the domain has
never been registered with an Internet Naming Authority.  Those
authorities have an interest in detecting and inhibiting abuse of the
name registration process, and message recipients have an interest
in preventing deception by entities using unregistered organization
domain names.

Domains at which Internet Naming Authorities perform registration are
referred to as Public  Suffix Domains (PSDs).  This document describes
an extension to DMARC to enable DMARC functionality for PSDs.

 This document also seeks to address implementations that consider a
 domain on a public Suffix list to be ineligible for DMARC
 enforcement.

On Fri, Feb 19, 2021 at 11:12 PM Dave Crocker <dcrocker@gmail.com> wrote:

> On 2/18/2021 9:10 AM, Murray S. Kucherawy wrote:
>
> Circling back to this:
>
> On Fri, Jan 29, 2021 at 12:56 PM Dave Crocker <dcrocker@gmail.com> wrote:
>
>> On 1/29/2021 12:15 PM, Murray S. Kucherawy wrote:
>>
>> On Fri, Jan 29, 2021 at 7:51 AM Dave Crocker <dcrocker@gmail.com> wrote:
>>
>>>    organization can use to improve mail handling.  The design of DMARC
>>>    presumes that domain names represent either nodes in the tree below
>>>    which registrations occur, or nodes where registrations have
>>>
>>> DMARC does not have 'registrations'.
>>>
>>
>> ...
>>
>>
>> I'm struggling to understand the concern here.  I think we all know what
> it means to register a domain, and that the namespace is arranged as a
> tree,
>
>
> With the intent of building upon Barry's note:
>
> <pedanty> Specification writing requires clarity of who the reader is and
> empathy with the experience they will have reading the document.
> </pedantry>
>
> In that context "we all know" is automatically a red flag for requiring
> overly insider expertise.
>
> However in this case, I think the problem is worse.
>
> Simply put, I believe the text does not say what it means to distinguish,
> even for an expert reader.  So, yes, we all know what you say we know.
>
> But in fact that's not the point of the text.  It's trying to make some
> other point,  I assume it's about a type of boundary status, but it doesn't
> say that, nevermind saying it clearly and with enough technical and
> semantic detail to distinguish it.
>
> The text you offer:
>
> Maybe this is better, just for the sake of having something else to look
> at?
>
>    DMARC (Domain-based Message Authentication, Reporting, and
>    Conformance) is a scalable mechanism by which a mail-originating
>    organization can express domain-level policies and preferences for
>    message validation, disposition, and reporting, that a mail-receiving
>    organization can use to improve mail handling.  The design of DMARC
>    presumes that domain names represent nodes in the DNS tree that are either
>    reserved as points below which new domain name registrations are made, or are
>    the results of those registrations; it does not permit a node to have both of these
>    properties simultaneously.  Since its deployment in 2015, use of
>    DMARC has shown a clear need for the ability to express policy for
>    these domains as well.
>
> moves closer to the mark, I think, but still doesn't get there.
>
> EVERY node can have sub-nodes registered.  So it isn't clear what
> 'reserved' means.
>
> Worse is that:
>
>    reserved as points below which new domain name registrations are made, or are
>    the results of those registrations; it does not permit a node to have both of these
>    properties simultaneously.
>
> doesn't make sense to me.  I suspect an average technical reader will be
> at least as confused as I am.
>
> d/
>
>
> --
>
> Dave Crockerdcrocker@gmail.com
> 408.329.0791
>
> Volunteer, Silicon Valley Chapter
> American Red Crossdave.crocker2@redcross.org
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email