Re: [dmarc-ietf] org domain and levine-dbound and dns-perimeter drafts

John Levine <johnl@taugh.com> Wed, 18 November 2020 20:44 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 802313A0C43 for <dmarc@ietfa.amsl.com>; Wed, 18 Nov 2020 12:44:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=Cm2HKPdK; dkim=pass (2048-bit key) header.d=taugh.com header.b=IggIG/L8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aXQAKvuBf4tN for <dmarc@ietfa.amsl.com>; Wed, 18 Nov 2020 12:44:38 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C9603A07C8 for <dmarc@ietf.org>; Wed, 18 Nov 2020 12:44:38 -0800 (PST)
Received: (qmail 95365 invoked from network); 18 Nov 2020 20:44:37 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=17483.5fb587b5.k2011; bh=Oj7cljWsVIGOQG9LmCds56UtNhzwSgQb1BM2nWTPP00=; b=Cm2HKPdKePz02Gh2YBvzClYiIlQZqsvWdE9W8nO9d3WiyVM/IcO137+YS7CywFC4OwjBj/JyexPo9TtGlyhCvugi1fGDVgonyzK49C7PPf8TbcTPItFgNZTHoe8L8wlf9h52+R5U60t5gKvxzYf+Z+26H0uhchz9IiJpz//AVq1yJK02PxUZx1K5PLj4VvMEdD90xX+U5L3mdPgTRlGiR6Y6mniVq4as3pqGxhqWew1cmKHAb3HZPDoLi/v0XeKt/pyHUALEFzHVheQ+jcyDA6/XJS3lnbZmt0yfUQeQwCQztQaL5bsdqmMadlniEjMyxpEsfJbBk7OlkerzcUmkEw==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=17483.5fb587b5.k2011; bh=Oj7cljWsVIGOQG9LmCds56UtNhzwSgQb1BM2nWTPP00=; b=IggIG/L8Lx1lJ9EKF+W+3Nn3IZkIqg/bimU+/hukGx8GsNrSzsIKyO84WLd6EvUvbJcaDvobt7KfeUIIES5+cW6CYVlMDruJfLWYYhzukfHRp4j0OhoOkDxKJ/ZOPaB3zoygOINa/uZxnPCfmbTjBMP7JitW38sPurADNqNcfXno9R1PUvXaXxB2VwWbeMo3fkb5UwGoNmKgmETFZDra/fS2G3IMmoxPxSTMfH147nE1Uo9sNgTVBUqyBcAVXglHzhhbZn6jPp8zuU5f4XKJU4XIuBTJK/K7yH9d/FEHy6hPPAD6/8slW6RTAl2RapLcdmHzCPcmvBjOx3Mryl0OFA==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 18 Nov 2020 20:44:36 -0000
Received: by ary.qy (Postfix, from userid 501) id 5BE81278D997; Wed, 18 Nov 2020 15:44:36 -0500 (EST)
Date: 18 Nov 2020 15:44:36 -0500
Message-Id: <20201118204436.5BE81278D997@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dmarc@ietf.org
Cc: dcrocker@bbiw.net
In-Reply-To: <9c1dc4dd-48b2-9d2c-4cb4-dac733169a0f@dcrocker.net>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/vqJhXjAmExz-1wGqoms6V5ckHL4>
Subject: Re: [dmarc-ietf] org domain and levine-dbound and dns-perimeter drafts
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2020 20:44:41 -0000

If we're going to refight the DBOUND battle, here's another entry,
which even has running code. I see no reason to think that we are any
more likely to endorse one of these now than we were a few years ago
so I encourage the group to limit the debate to the existing Org/PSL
kludge and a tree walk.

Draft: https://datatracker.ietf.org/doc/draft-levine-dbound-dns/

Code: https://github.com/jrlevine/bound

Abstract

   The organization that manages a subtree in the DNS is often different
   from the one that manages the tree above it.  We describe an
   architecture to publish in the DNS the boundaries between
   organizations that can be adapted to various policy models and can be
   queried with a small number of DNS lookups.

R's,
John


In article <9c1dc4dd-48b2-9d2c-4cb4-dac733169a0f@dcrocker.net> you write:
>Given the renewed discussion about organizational domain and alternative 
>boundaries, I'll suggest that this draft from last year might be relevant:
>
>
>    DNS Perimeter Overlay
>
>    <https://tools.ietf.org/html/draft-dcrocker-dns-perimeter-01>
>
>
>> Abstract
>> 
>>    The Domain Name System (DNS) naming syntax provides no meta-data for
>>    indicating administrative transitions through the hierarchy.  For
>>    example, it does not distinguish the higher-level portions that
>>    operate as public registries, versus those that operate as private
>>    organizations.  This specification creates a basic overlay mechanism
>>    for defining a logical Perimeter between administrative entities
>>    through the naming hierarchy.  The mechanism can then be applied for
>>    a variety of independent administrative indications.
>
>
>d/
>-- 
>Dave Crocker
>Brandenburg InternetWorking
>bbiw.net
>