Re: [dmarc-ietf] New authentication method, DNSWL

"Murray S. Kucherawy" <> Thu, 01 August 2019 07:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 04110120025 for <>; Thu, 1 Aug 2019 00:05:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dXnJ-XyApzCS for <>; Thu, 1 Aug 2019 00:05:14 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C66E9120141 for <>; Thu, 1 Aug 2019 00:05:13 -0700 (PDT)
Received: by with SMTP id p197so49369317lfa.2 for <>; Thu, 01 Aug 2019 00:05:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hZ5JsWvs8sL7p8FxOtV7C+jqh1eJU4bm9L1VDDl8y6E=; b=X7/NisnWLDC0vOHSskQ0kaD3XcS0M8RD1JP+/bLQTaCixqsR/2r30JfN282uBrPuIY acugfe10tIQg9e7MCFc3NwZO5hLhk0OVg9vb1bBnXSOtGiGpYEYISd874Ng9A4alcBvI uCGWVKZ9rVzsBgHy2/RghkBbe2zN+KZWLPrWkfLIVd/5D8n4jGIPnmlUiMdWNKBfYxG7 WeOnplC3ci0sbQ9AwkFZGXl6cIUZHj4KGK3VXXnmmwrFPmh+orubjmPYWY/SQ+2ZQmgb NdnTbs4Jqi3INtv5xRvpdwcVU1RY3YWJbcXc8R03idPvHlCW86Om5e5my9yLywWtvTRW Rnzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hZ5JsWvs8sL7p8FxOtV7C+jqh1eJU4bm9L1VDDl8y6E=; b=L+fGUwyTNHtFuncclZM4Hz/yfg2wnqns0Wk16sFChHxoqprEmrc1ALUsQNh1TITKQO mb/3/CPu5TKtrOaUhlco8+PmI4QSNR06ZxwafSZKw2GrMUVlwCYShnMiV3Q+a6dfvlbs Thp2TLSxUW7rt3mIxyRaeP/t13NGAi0isZBALFxxGruN5ERa+FQsCXIJZEBOgn49W8Rp TZs9EkfLM/XsRUh7khUShTjXjqDTGPPsH89+iOQg1taxcSRbY7AwUAlkvZO6LVg6i/7N OPY+wOycPCUaA0UxjOGlXMBFlOkHvHoatNukL+/USlshMDPlQOP6PyqWIV3ITgCWsVKl B4Vg==
X-Gm-Message-State: APjAAAU9dQyrw6hTISOPBuFLQ5kl6kIBRln0Y+uuJ0ukzVdR4WQDMjx1 dFh3BPVJU2522Mabc7yHbGBzzXcbrPhBXghFL0A=
X-Google-Smtp-Source: APXvYqyo5mm0Y4vxgjMzRmwqF2QEzs6cONwEhy8FAeDpOmXbKGz+wSZDunfUYeXC2wRR0m/U43ohJrewSheRDKXmJiU=
X-Received: by 2002:a19:6e4d:: with SMTP id q13mr18792001lfk.6.1564643111954; Thu, 01 Aug 2019 00:05:11 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <4783309.BXR8ZdE9c3@l5580> <>
In-Reply-To: <>
From: "Murray S. Kucherawy" <>
Date: Thu, 1 Aug 2019 00:04:59 -0700
Message-ID: <>
To: Scott Kitterman <>
Content-Type: multipart/alternative; boundary="000000000000e36d9b058f08dcc1"
Archived-At: <>
Subject: Re: [dmarc-ietf] New authentication method, DNSWL
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 01 Aug 2019 07:05:16 -0000

On Wed, Jul 31, 2019 at 10:27 PM Murray S. Kucherawy <>

> Appendix C of RFC8601 goes to some length to discourage the practice of
> including all the details that were inputs to the evaluation, specifically
> because the result of the evaluation at the border MTA is the only thing
> that should matter.  I thus have some trouble understanding why "policy.ip"
> and "policy.txt" are desirable things to include.  And even if that were
> not true, I'm concerned that "policy.ip" could be interpreted as an IP
> address even though that's manifestly not what this is.

Section 3 of the draft appears to be commentary about what should go in TXT
records, or how things querying DNSxLs should query and interpret TXT
results.  This doesn't seem to be appropriate for a document about
Authentication-Results; it's implementation guidance for MTAs or receiving
agents.  About the only sentence I see in there that makes sense to include
that's relevant to a registration action is the one about encoding
non-ASCII content.