Re: [dmarc-ietf] Consensus Sought - Ticket #47 (Removal of "pct" tag) - With Interim Notes

"Murray S. Kucherawy" <superuser@gmail.com> Thu, 03 June 2021 03:45 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D83783A2749 for <dmarc@ietfa.amsl.com>; Wed, 2 Jun 2021 20:45:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tCvaXGeuWTdC for <dmarc@ietfa.amsl.com>; Wed, 2 Jun 2021 20:45:46 -0700 (PDT)
Received: from mail-vs1-xe35.google.com (mail-vs1-xe35.google.com [IPv6:2607:f8b0:4864:20::e35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B6113A2748 for <dmarc@ietf.org>; Wed, 2 Jun 2021 20:45:46 -0700 (PDT)
Received: by mail-vs1-xe35.google.com with SMTP id z15so2280140vsn.13 for <dmarc@ietf.org>; Wed, 02 Jun 2021 20:45:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=uQYkA6yV4LJu076VpUDQBlSiAj8sdzraTXoBYkyv2I4=; b=a5SD2myWYOdM3spdBwfnWAV9rlKIcTq23W56AGV5zhX8gNr2NMYej6irdD71rfEoun HZqIQpK3G0JHXlMrUcnZdn20t74tZ3vcAK3QHnT4xH35ok4udccG2hEP2+Ig/sH6Zmlq a5WrzHbIrDXfIJDy744XMWPgkY+EZecySc1CboM2BCSGMzuEXosAF9jFH2/pCI9EQowF NtA1Q2Jwh/oWk6cjDyXIKC4rOmHEQD0XkyrrEVz/8yY3Kel99w5wSeGRuwqskrqzQCRQ /MkL4Q7h8i5cBGv/GFNjTeeEXW9W+kJ+NNIdstHiDk3SyR+4dVxjvkdCJ9eKCi4Gjn+Z pZCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=uQYkA6yV4LJu076VpUDQBlSiAj8sdzraTXoBYkyv2I4=; b=jsswZQHCjbcW09FVt2pKNX5YWalVqD2lR764BLPFUWpjTh/SysepvyjJjXZ+bt6lSd aDTjhD5BJMz/mZmISEKHEyZXMEaPbUhdjrpDmNTFFysgHPBSxyN9q6Davbhz0JLs2uxu 7PJ3OQrbEhA/TaeXs1QkIWtNJQzuLH0l+X02o1c9K3LRTyBYAwlCahaO3V+hFdc6IGDh z4Muux5QawzqDK2LToUVAVNPvfjVVJmWLPnm9xvuYMeKjzujSxFKuSbsrfgWQ/HPv5zh hvZ8d24mTwp447hezv6/i6FLSccneU/Tn9Ygy8OCavofhetGXmdi5RQg/JMh4Z+pmfiZ 5Ekw==
X-Gm-Message-State: AOAM532iIkQuxd/g7EyXzah3x5JJ1Mez/mVM5ZUGYR4KZYgU1X6ng5PA ygTV/76yIqToPn5qbxHTvRuooJSatnICLRKlXoa2jBfZ79/Nqg==
X-Google-Smtp-Source: ABdhPJwNf45sIt6jl9vbvdPYt6nhNmK6L+5wQ/V/x2wEGc3LCv3eOcgOuNQuyOjM48RKYz+j8k8J+wE3SzNbw9LPKxY=
X-Received: by 2002:a67:de17:: with SMTP id q23mr12067003vsk.54.1622691944755; Wed, 02 Jun 2021 20:45:44 -0700 (PDT)
MIME-Version: 1.0
References: <CAHej_8muJPMFY7LXmz9RnCTHP5emwn=bspDtP8_KZNza1oAc6A@mail.gmail.com> <196e1a7d-95f0-9d44-d4c8-8889e508f62c@tana.it>
In-Reply-To: <196e1a7d-95f0-9d44-d4c8-8889e508f62c@tana.it>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Wed, 2 Jun 2021 20:45:33 -0700
Message-ID: <CAL0qLwbdLpjiv7Hb3FfNhtq2VxBnz6PwrrmWZzE8wzpDRR-QZw@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f274e405c3d4680f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/nFIu_-lhg4ezLysrq9EFu5IOm0U>
Subject: Re: [dmarc-ietf] Consensus Sought - Ticket #47 (Removal of "pct" tag) - With Interim Notes
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2021 03:45:51 -0000

I don't understand what "demeaning a domain's policy" means.

On Fri, May 28, 2021 at 10:20 AM Alessandro Vesely <vesely@tana.it> wrote:

> On Fri 28/May/2021 17:43:37 +0200 Todd Herr wrote:
> >
> > Consensus on Ticket #47 <https://trac.ietf.org/trac/dmarc/ticket/47>
> (Removal
> > of "pct" tag) was reached during the May 27 DMARC Interim to keep the
> tag, but
> > to rewrite its definition in whole or in part to make its usage better
> understood.
>
>
> I think the text in RFC 7489 is quite good.  Perhaps a word could be added
> for
> pct=0; for example:
>
> OLD
>     pct:  (plain-text integer between 0 and 100, inclusive; OPTIONAL;
>        default is 100).  Percentage of messages from the Domain Owner's
>        mail stream to which the DMARC policy is to be applied.  However,
>        this MUST NOT be applied to the DMARC-generated reports, all of
>        which must be sent and received unhindered.  The purpose of the
>        "pct" tag is to allow Domain Owners to enact a slow rollout
>        enforcement of the DMARC mechanism.  The prospect of "all or
>        nothing" is recognized as preventing many organizations from
>        experimenting with strong authentication-based mechanisms.  See
>        Section 6.6.4 for details.  Note that random selection based on
>        this percentage, such as the following pseudocode, is adequate:
>
>         if (random mod 100) < pct then
>           selected = true
>         else
>           selected = false
>
> NEW
>     pct:  (plain-text integer between 0 and 100, inclusive; OPTIONAL;
>        default is 100).  Percentage of messages from the Domain Owner's
>        mail stream to which the DMARC policy is to be applied.  However,
>        this MUST NOT be applied to any other use, such as skipping DMARC
>        reports or demeaning a domain's policy.  The purpose of the
>        "pct" tag is to allow Domain Owners to enact a slow rollout
>        enforcement of the DMARC mechanism.  Using this tag, organizations
>        can experiment with strong authentication-based mechanisms while
>        lowering or even voiding the risk of non-delivery.  See Section
> 6.6.4
>        for details.  Note that random selection based on this percentage,
>        such as the following pseudocode, is adequate:
>
>         if (random mod 100) < pct then
>           selected = true
>         else
>           selected = false
>
> jm2c
> Ale
> --
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>