Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd
Scott Kitterman <sklist@kitterman.com> Mon, 10 June 2019 22:31 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C0391200E5 for <dmarc@ietfa.amsl.com>; Mon, 10 Jun 2019 15:31:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=juyUmlnb; dkim=pass (2048-bit key) header.d=kitterman.com header.b=aUCLChf9
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xnbcmLniu7Wo for <dmarc@ietfa.amsl.com>; Mon, 10 Jun 2019 15:31:10 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF615120025 for <dmarc@ietf.org>; Mon, 10 Jun 2019 15:31:09 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) by interserver.kitterman.com (Postfix) with ESMTPS id F2000F807AB for <dmarc@ietf.org>; Mon, 10 Jun 2019 18:30:38 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1560205838; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=ZFzWRGP+RX0JLe6g8eg71uDoaLJsDiH8SwB0sl6id4Y=; b=juyUmlnbzflUuK5u4ZbiNaeFqKYuj0NPFPAJy1TXnia3/Pizxp580BfF apa7bMNvEAt73M9htS5DBjkImYP7DA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1560205838; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=ZFzWRGP+RX0JLe6g8eg71uDoaLJsDiH8SwB0sl6id4Y=; b=aUCLChf9bj91L5Vlue9kPX6D81vJbxKapyfJOF4DnR0udhQFUx83cA63 mFHUFZJxgGYs+sGeYzoUxc3ryKsFkxNoXAekSIQzimLQvtOcA9/5OOU0HN 4VVYBGjkdbVm9gT6RSQwzAXZqA1jMml5NNmkYCLP1m18F+UW07FqYnXutQ MsSccBs2+U/KnL0auOGtlxjWo5s01qhGDObhwZLlIe6/wPlRmbM2frQtqj 5QocRsLVFXvKXD7HMRcsVlllXEp+WY/mNHlh/Sa56eH7uMug1njQN0FDA9 uKy2St45o0N9ZV02XEDQr38G5jcm8D21WtkHa2GDLM2oHwmoMAdFOg==
Received: from l5580.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id B9FAEF8001B for <dmarc@ietf.org>; Mon, 10 Jun 2019 18:30:38 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Mon, 10 Jun 2019 18:30:38 -0400
Message-ID: <2221039.c73XDibtHi@l5580>
In-Reply-To: <bb2dff4230404b0c8845f0a78d943e3a@verisign.com>
References: <5130c7f40b444b97ab95864e6fc243ce@verisign.com> <CAJ+U=1oa1jWbc00-+r=btA_4Tn9zx_rkpq7W4oEEngD674y9JA@mail.gmail.com> <bb2dff4230404b0c8845f0a78d943e3a@verisign.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/w8q_3YJhv2pz8QRtDT_WgSOknwI>
Subject: Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jun 2019 22:31:12 -0000
On Friday, June 7, 2019 7:02:59 AM EDT Hollenbeck, Scott wrote: > From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Craig Schwartz > Sent: Thursday, June 6, 2019 2:52 PM > To: Hollenbeck, Scott <shollenbeck=40verisign.com@dmarc.ietf.org> > Cc: dmarc@ietf.org > Subject: [EXTERNAL] Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd > > > > > > > >On Thursday, June 6, 2019 at 1:12 PM EDT Scott Hollenbeck wrote: > > > > >I recently had a chance to read through draft-ietf-dmarc-psd. If I > >understand it correctly (and I'm not sure that I do), the document > >suggests that it's possible for a TLD like ".com" >to be a PSD and a TXT > >record like "_dmarc.com<http://dmarc.com/>" can be published in the com > >zone. I found this part of the draft confusing because it's not possible > >to add TXT records like that >to the com zone. It might help to explicitly > >note somewhere (perhaps in Section 2.2) that there may be policy > >restrictions in place that disallow the publication of DMARC policy > >>records in some DNS zones, including some top-level domain zones. > > > > > The purpose of the document is to convey technically how PSD DMARC can be > accomplished rather than who can or cannot undertake this due to policy > considerations. As the operator of .BANK and .INSURANCE, fTLD initiated > this stream of work with the IEFT because of the explicit prohibition by > ICANN from inserting TXT records in the DNS. The goal is to get to an RFC > that specifies the technical aspect of PSD DMARC and ultimately seek > ICANN's approval to allow publication of such a record in the DNS. In > contrast, gTLDs not under contract with ICANN such as .MIL and .GOV, who > are both involved in this work, do not have a contractual relationship with > ICANN and thus are not prohibited from this activity, and the same goes for > ccTLDs. > > > It would be helpful to the reader if the draft were either clear about > potential limitations to deployment or more descriptive about the domains > for which the approach can work. Right now, PSD DMARC cannot be deployed > ubiquitously. That reality should not be overlooked. I see your point, but I think it's probably out of scope. This is an IETF document and such restrictions are outside the IETF's control. Also, keep in mind that once an RFC is published, it is immutable. If that guidance changes, then there would be no way to correct the document without spinning up a whole new RFC process. Is there a public, stable reference that describes the restrictions? If so, it might make sense to reference it. If we can, I think that would be much better than 'hard coding' the current external policy in an RFC. Scott K
- [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Hollenbeck, Scott
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Craig Schwartz
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Hollenbeck, Scott
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Scott Kitterman
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Kurt Andersen (b)
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Hollenbeck, Scott
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Murray S. Kucherawy
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd John Levine
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd Hollenbeck, Scott
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd John Levine
- Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd John Levine