IETF Logo Mail Archive

Re: [dmarc-ietf] WGLC review of draft-ietf-dmarc-dmarcbis-30

Jim Fenton <fenton@bluepopcorn.net> Sun, 31 March 2024 15:20 UTC

Return-Path: <fenton@bluepopcorn.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06008C14F5EE for <dmarc@ietfa.amsl.com>; Sun, 31 Mar 2024 08:20:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bluepopcorn.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 81r0TVIePibR for <dmarc@ietfa.amsl.com>; Sun, 31 Mar 2024 08:20:48 -0700 (PDT)
Received: from v2.bluepopcorn.net (v2.bluepopcorn.net [IPv6:2607:f2f8:a994::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D321FC14F5EB for <dmarc@ietf.org>; Sun, 31 Mar 2024 08:20:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bluepopcorn.net; s=supersize; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=VkJJsy4P3/bEfYPqKGpn6T4oGTOLGF3qaEZF8Kjfer8=; b=uztyz3rL7mgeZOTDJ0yVWbHwpI ZAn/QtkgdiTZqsbZALh6tOxas3XEYwA2ApcHTqVpe9OuZzuPHil2SueKxXz6cCe8d7P9Y8VCA2V9d GpXQ9wrwWMjDhA/jQd6n7acYZvIQYucUx7GmrgJL3BLo62dLXXx47WJTbBK17oWgnI3Q=;
Received: from [2601:647:6801:6430:79ea:229:ba17:b341] (helo=[10.10.20.233]) by v2.bluepopcorn.net with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <fenton@bluepopcorn.net>) id 1rqwz3-0007fJ-GV; Sun, 31 Mar 2024 08:20:46 -0700
From: Jim Fenton <fenton@bluepopcorn.net>
To: "John R. Levine" <johnl@iecc.com>
Cc: dmarc@ietf.org
Date: Sun, 31 Mar 2024 08:20:41 -0700
X-Mailer: MailMate (1.14r5852)
Message-ID: <CEC36155-584E-46FD-AE3E-AB511CBD843F@bluepopcorn.net>
In-Reply-To: <4d462513-6c1a-c1da-d62c-68d41bba6465@iecc.com>
References: <F5158C76-BD86-4540-965D-F0D8664B6CD9@bluepopcorn.net> <85761761-ad6a-2a19-da82-344ed52c2391@iecc.com> <B4365E6E-00DF-425E-9974-6EE1DE057319@bluepopcorn.net> <4d462513-6c1a-c1da-d62c-68d41bba6465@iecc.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/p8YV4bNe_EHBo8bTI6f40B004k4>
Subject: Re: [dmarc-ietf] WGLC review of draft-ietf-dmarc-dmarcbis-30
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2024 15:20:53 -0000


On 30 Mar 2024, at 17:22, John R. Levine wrote:

>>>> Entities other than domains: Public suffixes aren’t (necessarily) domains,
>>>
>>> Of course they're domains.  What else could they be?  The things that are out of scope are IP addresses, ASNs, magic tokens in the messages, stuff like that.
>>
>> I’m probably being pedantic here: is “gov” a domain?
>
> Let's check:
>
> $ dig gov soa
>
>  ; <<>> DiG 9.10.6 <<>> gov soa
>  ;; global options: +cmd
>  ;; Got answer:
>  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63612
>  ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>
>  ;; OPT PSEUDOSECTION:
>  ; EDNS: version: 0, flags:; udp: 1232
>  ;; QUESTION SECTION:
>  ;gov.				IN	SOA
>
>  ;; ANSWER SECTION:
>  gov.			300	IN	SOA	a.ns.gov. dns.cloudflare.com. 1711843800 3600 900 604800 300
>
> Yup, it's a domain.

I stand corrected on that.

>> Mine wasn’t a good example. There are a few public suffixes that have more than 5 labels. Presumably that means there are registered domains that are 6 levels down, and my reading of the tree walk is that a policy published there would never be seen. But who knows if they’re actually sending email.
>
> There aren't any in the PSL.  That's where the limit of 5 came from. We've had people say there are deeper ones; if there are it wouldn't be hard to bump up the limit from 5 to whatever.

Might be worth bumping up. Examples:

execute-api.cn-north-1.amazonaws.com.cn
cn-northwest-1.eb.amazonaws.com.cn

(Amazon seems to have most of the really long ones)

-Jim

v2.23.0 | Report a Bug | By Email