Re: [dmarc-ietf] what to document about the tree walk
Dotzero <dotzero@gmail.com> Thu, 14 July 2022 15:26 UTC
Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B942C14F737 for <dmarc@ietfa.amsl.com>; Thu, 14 Jul 2022 08:26:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kJFJ9sYb3G3n for <dmarc@ietfa.amsl.com>; Thu, 14 Jul 2022 08:25:58 -0700 (PDT)
Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65707C15948E for <dmarc@ietf.org>; Thu, 14 Jul 2022 08:25:58 -0700 (PDT)
Received: by mail-pg1-x529.google.com with SMTP id e132so1868567pgc.5 for <dmarc@ietf.org>; Thu, 14 Jul 2022 08:25:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=AMUef31Ajr4CtodPc2SujmsQ2+RAPYKHmW2D57hgIvQ=; b=miIXTmTQmO5ZfI7x9IydJ58DSLlJAp3WH6KTxAD1yt7dzYIxSDOXdZGXkrpMzDWL6A fbo7Jd84XoSz1xEHVTuJcUnpiwIMTysYpb8QafNEX4UQUQb7f/ncF8/SKOpFGmxuViVv xXOo0Qx871FG2qmvDp1kqVRFD6bD2DS1OcQjkAj8+3PYqu8pDzklRXpSgVyrc+rHbw5n fsLwotLDbgWuC0yWTNAyhf/J1dShEwZ4k7E2ERXhlWoalCX1EiJNkB2wHkXXCBZdkfcW rmPbUQjp4Hs+64aVTrkpRPYnC7V7486i4pxZgxqEvEJXuJUN5+7jZxL7uIjrCdG2jXdS 6A7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=AMUef31Ajr4CtodPc2SujmsQ2+RAPYKHmW2D57hgIvQ=; b=6zRLdsUmiXwJVQGYGJ52dAw+X8CBCFF0hpFQ3fdtPJU/dBmURa6GhhdSo+be7DiVyq XoT38XUuVxIVC4WBP3DETgibyWQKQFskvCDKcbW2Im+ZHeBE8/4CJGEDPc+o/ZGq281m FeUgFeaNrzQjphVyL+Puy1D6qnneEDhbElVoge5wZS5IHF0QIvQx18Kjn6utZDMENPR+ tGMAiVpruiCoKHmRKLEQ83QCtBmehmBr3SoR/1IDP6z4bh2/URTD8OIWWNr3tcwrPyw7 w7a8/4/IQUvts67WABuIkwmyahptBXBGL90LtQSKMnJlXZR7yMAwzjwZSPO5YtIgKI1x od3A==
X-Gm-Message-State: AJIora8m1IhLEkNa/bBYhoaHa2mU68dA1BItt6MzZQPe5xiW+xTSDc2/ c8+maf/cYVEY3r0i0/WsRZumUs0ZjVwaldqVxREjYC7SOzQ=
X-Google-Smtp-Source: AGRyM1uDARvJO/vgdSuFGtrOSxV1ml5Xn56wqTiQz8ZoFFG0+Qvr3FbXiulF1cYYaSN8hlqqQQndO9J/tkzXujsd8DM=
X-Received: by 2002:a63:6:0:b0:419:7b89:69ff with SMTP id 6-20020a630006000000b004197b8969ffmr8052375pga.442.1657812357663; Thu, 14 Jul 2022 08:25:57 -0700 (PDT)
MIME-Version: 1.0
References: <20220710010547.DB3B04532F40@ary.qy> <d8716435-8a52-dac4-ede2-6c27fced7f0f@tana.it> <84DDA91C-26E2-4803-8C6C-0369ED67298F@kitterman.com> <c4a7fd03-eae8-497f-3133-73523a9c1ca2@tana.it> <5197ba5f-9de4-d838-1579-eae67683e2d4@taugh.com> <650cadee-db8f-a54a-4d14-082c2d0bed02@tana.it> <0f3a343b-e7ea-7509-ceab-e5670aac8616@taugh.com> <CAH48ZfxHgxZwu3zLh99pc1JS4s==9bxU-0nS78O=7UAnZ=DtUQ@mail.gmail.com> <CAHej_8nkpGo30b9-ZkRc_wokymJ2ry_hsMgzaB2m4EH-WWG_zw@mail.gmail.com> <CAH48ZfzoVocPRKeVTqf6AE6Z48AWKFObm7X5oDa1ic1sQ5V1zg@mail.gmail.com> <CAL0qLwZFO_KK3+RUdzMLyjW0uOnzi4mXcVww1Mqx8tmhe-x2hA@mail.gmail.com> <CAH48ZfwTaf75HiJS2_VJKez8s3FqMh-K_6eD2eqaJatXWwcKww@mail.gmail.com> <CAL0qLwbxoijfdfxpS5-LRPifxg+4e_ndBGQhne5s5of0zxBbMQ@mail.gmail.com> <D3807517-98C3-4F20-A594-F3109BCB831A@kitterman.com> <f5e3f92b-f95e-a3a5-c74d-bd0957bec61a@tana.it> <4293C636-9656-4122-80D6-5E2DE4D790B4@kitterman.com> <CAL0qLwZN8VfB2SLTindAO4P0_h47wphh2OZy8p8U3xM7-ZNGWA@mail.gmail.com>
In-Reply-To: <CAL0qLwZN8VfB2SLTindAO4P0_h47wphh2OZy8p8U3xM7-ZNGWA@mail.gmail.com>
From: Dotzero <dotzero@gmail.com>
Date: Thu, 14 Jul 2022 11:25:46 -0400
Message-ID: <CAJ4XoYc4m3dtH0RSH+JYm9HBVjuGPYY48n4vqcK_BM1_MTVVcQ@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Cc: Scott Kitterman <sklist@kitterman.com>, "Murray S. Kucherawy" <superuser@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000aecf6205e3c58456"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/p7kGUmcDBqbp50ubms39JvoXSgc>
Subject: Re: [dmarc-ietf] what to document about the tree walk
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2022 15:26:02 -0000
On Thu, Jul 14, 2022 at 11:12 AM Murray S. Kucherawy <superuser@gmail.com> wrote: > On Thu, Jul 14, 2022 at 6:13 AM Scott Kitterman <sklist@kitterman.com> > wrote: > >> >> I think a choice within DMARCbis is a bad idea. Effectively the >> choice exists. Evaluators will have the choice to stay with an RFC 7489 >> design or to upgrade to DMARCbis. >> > >> >The incentive to upgrade is not clear. DMARC filters can run based on >> an obsolete version of the PSL with no inconvenience, for a different >> flavor of "upgrade". Indeed, according to John's figures, we could have >> done without any psd= tag. >> > >> Using obsolete data is a bug, not a feature. >> > > Or using data that is accidentally correct most of the time, where > alternatives are available. Either way, +1. > > >Doug's idea of checking the results is a means to draw the attention of >> operators on both the PSL version they use and its agreement with the DNS >> at large. New implementations could be encouraged to track the differences >> and produce some kind of report about them. IME, although running a very >> small mail site, it does happen to hit some PSL entry, a fact which I >> realized by chance —browsing the logs— so I cannot tell figures. >> > >> What would operators do with such a report? Receivers tracking sender >> configuration issues and reporting issues back to them is a very 1990s >> approach to making the Internet work. I don't think it's relevant to >> anything useful these days. >> > > If we think this is important data to put in front of people, this WG > could do that sort of survey once there are implementations and include the > result in an appendix, or put it in the WG's wiki or in the IETF's > collection of implementation reports: > https://www.ietf.org/how/runningcode/implementation-reports/ > > It sounds like we're mostly there already given the analysis John did > previously. > > >> We can't get rid of the PSL without getting rid of the PSL. >> >> >> >> There's no way to constrain it within the document. If we have a >> 'choice', we are essentially signing up the IETF to a future effort to >> produce an update to actually get rid of it. >> > >> >Right, that would be the Internet Standard. >> >> Not really. To drop functionality going to Internet Standard, don't you >> have to show it's not used? How would that even work? >> > > RFC 2026 lays out the criteria for progressing a Proposed Standard to a > Draft Standard and then to Internet Standard, and RFC 6410 later > consolidated the latter two. The criterion to which I think you're > referring asserts that any unused features need to be removed before a > protocol can advance. However, RFC 7489 is not a Proposed Standard, so > we're not constrained by that here. > > In any case, I agree that the longer the PSL remains in the equation, the > longer we have to keep it, due to both inertia and growth of the deployed > base. > > My understanding is that the IETF, based on past experiences, doesn't do >> flag days where everyone has to switch to some new thing by a specific date. >> > > I think that's right, though Barry's memory on this might be better than > mine. At a minimum, they're exceedingly rare. A working group or other > community pushing for a flag day needs to have quite a bit of momentum to > make it work. > > >> Currently we don't have any procedural requirement for backward >> compatibility, since RFC 7489 isn't an IETF document. Based on the working >> group charter and good engineering practice we should limit changes that >> affect existing deployments, but we have more flexibility now than we will >> ever have again. >> >> In my view, standardizing two ways to do policy discovery and alignment >> would be a substantial danger to interoperability and we'd be stuck with it >> approximately forever. >> > > +1 to this, for the reasons John gave in the email right below this one > that just came in. > > Bite the bullet and mark use of the PSL historical for DMARC. As has been pointed out, there will always be a long tail but we are talking rare corner cases where the results from the two approaches diverge. Michael Hammer
- [dmarc-ietf] "psd=" tag early assignment Barry Leiba
- Re: [dmarc-ietf] "psd=" tag early assignment Douglas Foster
- Re: [dmarc-ietf] "psd=" tag early assignment John Levine
- Re: [dmarc-ietf] "psd=" tag early assignment Alessandro Vesely
- Re: [dmarc-ietf] "psd=" tag early assignment Barry Leiba
- Re: [dmarc-ietf] "psd=" tag early assignment Scott Kitterman
- Re: [dmarc-ietf] "psd=" tag early assignment Barry Leiba
- Re: [dmarc-ietf] "psd=" tag early assignment Douglas Foster
- Re: [dmarc-ietf] "psd=" tag early assignment Alessandro Vesely
- Re: [dmarc-ietf] "psd=" tag early assignment John Levine
- Re: [dmarc-ietf] "psd=" tag early assignment Douglas Foster
- Re: [dmarc-ietf] "psd=" tag early assignment Alessandro Vesely
- Re: [dmarc-ietf] "psd=" tag early assignment Murray S. Kucherawy
- Re: [dmarc-ietf] "psd=" tag early assignment Barry Leiba
- Re: [dmarc-ietf] "psd=" tag early assignment John R Levine
- Re: [dmarc-ietf] "psd=" tag early assignment Douglas Foster
- Re: [dmarc-ietf] "psd=" tag early assignment Barry Leiba
- Re: [dmarc-ietf] "psd=" tag early assignment Alessandro Vesely
- Re: [dmarc-ietf] "psd=" tag early assignment Scott Kitterman
- Re: [dmarc-ietf] "psd=" tag early assignment John Levine
- Re: [dmarc-ietf] "psd=" tag early assignment Alessandro Vesely
- Re: [dmarc-ietf] "psd=" tag early assignment Scott Kitterman
- Re: [dmarc-ietf] "psd=" tag early assignment John R Levine
- Re: [dmarc-ietf] "psd=" tag early assignment Scott Kitterman
- Re: [dmarc-ietf] "psd=" tag early assignment Alessandro Vesely
- Re: [dmarc-ietf] what to document about the tree … John R Levine
- Re: [dmarc-ietf] "psd=" tag early assignment Douglas Foster
- Re: [dmarc-ietf] what to document about the tree … Alessandro Vesely
- Re: [dmarc-ietf] what to document about the tree … John R Levine
- Re: [dmarc-ietf] what to document about the tree … Douglas Foster
- Re: [dmarc-ietf] what to document about the tree … Todd Herr
- Re: [dmarc-ietf] what to document about the tree … Douglas Foster
- Re: [dmarc-ietf] what to document about the tree … John Levine
- Re: [dmarc-ietf] what to document about the tree … Scott Kitterman
- Re: [dmarc-ietf] what to document about the tree … Murray S. Kucherawy
- Re: [dmarc-ietf] "psd=" tag early assignment Murray S. Kucherawy
- Re: [dmarc-ietf] what to document about the tree … Alessandro Vesely
- Re: [dmarc-ietf] what to document about the tree … Alessandro Vesely
- Re: [dmarc-ietf] what to document about the tree … Douglas Foster
- Re: [dmarc-ietf] what to document about the tree … Murray S. Kucherawy
- Re: [dmarc-ietf] what to document about the tree … Murray S. Kucherawy
- Re: [dmarc-ietf] what to document about the tree … Scott Kitterman
- Re: [dmarc-ietf] what to document about the tree … Barry Leiba
- Re: [dmarc-ietf] what to document about the tree … John Levine
- Re: [dmarc-ietf] what to document about the tree … Douglas Foster
- Re: [dmarc-ietf] what to document about the tree … Alessandro Vesely
- Re: [dmarc-ietf] what to document about the tree … Scott Kitterman
- Re: [dmarc-ietf] what to document about the tree … John R Levine
- Re: [dmarc-ietf] what to document about the tree … Murray S. Kucherawy
- Re: [dmarc-ietf] what to document about the tree … Dotzero
- Re: [dmarc-ietf] what to document about the tree … Alessandro Vesely
- Re: [dmarc-ietf] PSDs still aren't important, aga… John Levine
- Re: [dmarc-ietf] what to document about the tree … John R. Levine
- Re: [dmarc-ietf] what to document about the tree … Scott Kitterman
- Re: [dmarc-ietf] what to document about the tree … Alessandro Vesely
- Re: [dmarc-ietf] PSDs still aren't important, aga… Alessandro Vesely
- Re: [dmarc-ietf] PSDs still aren't important, aga… John Levine