Re: [dmarc-ietf] https reports, or nits in draft-ietf-dmarc-aggregate-reporting-02

Seth Blank <> Sat, 08 May 2021 18:22 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C751A3A0C84 for <>; Sat, 8 May 2021 11:22:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id pgJakM3w6DcE for <>; Sat, 8 May 2021 11:22:22 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::92e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B37C23A0C83 for <>; Sat, 8 May 2021 11:22:22 -0700 (PDT)
Received: by with SMTP id g24so3873381uak.11 for <>; Sat, 08 May 2021 11:22:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZhMfTf0FzhL1TVL/Jt1Xbwual22tFSYWXtr7gdy3AcU=; b=DQrGVX1KXC/4kFtBR7KguveHvPkCYEMKbG3/+jcaAqteX75W1qOe6QEJOUJxYXqmyI 314naSDeWgNjb/gCyEHWsN4L7l6lteikHV/+SGVWTJ+EzyDO44M6iNvDd3ssPYJWTaj7 Va6dGe03ZOPCZ0yPqsal22bR6VRa010fRdsBdt/XZ3uZFXCfJbTn5/kFV9xP9HNxBkEb zXeyoaSQfaoijdiWLe72trDBfUjfDuOsE2Le/JD38ciYeEyesWaUgWGA3JtcNHKg8aX2 KYWsbMaG0huD/JlFw3dXrTeQKM5B1njDfaPQiZBJ2dntv1CQRn2sMEihZ8iw6yNc3UAM s65Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZhMfTf0FzhL1TVL/Jt1Xbwual22tFSYWXtr7gdy3AcU=; b=gLQgzLAsWahhb1ci1JVBHeq9s6Ojxs9bscHIhkWn6UjGkANcKX/mKxXfzxQfXhKsN3 1MOjVBe+NhvAwhWILVwIGg3sZFtU4h0XHGOMvk5BCxs01zdeBhR5q5w5PIglVDCFqHmM 4uI/2esRNgFmZpbGL7aD8i1YIEBPsfy9SfmK8uNbFyMBYZKdL2sU1fDpN1/fmbc3uJKx g0Ijmcb73c2TZj3mrqz+hWdUFo5vrnXODzzz8widPAqhrOp9GCv5A/eIhdB7gaXQVCg/ gY2nOYjwjelAxS104hHKNxvVhfu/n7Xl+PgNDO+u1tID5Xzsxp7Gz0/VgmkPdbcCK+Q2 075Q==
X-Gm-Message-State: AOAM533HfwXzQtOXRjTnHCapIeQFB5maLwQTkrzLbsjxepEVkvs+1LeU bp4x8ptiDU5dr0yHiqDu9xH20bHxPHK3zfsKlLR567ee3yk=
X-Google-Smtp-Source: ABdhPJxiwJkoCiDE8iNRdeFALRcViJX1BZUw1ebiC/VG3Xo4LwerOxq+k4zGAitM1Pkt2i0Musr4MXYxb+HaXddhK+E=
X-Received: by 2002:ab0:2712:: with SMTP id s18mr14026312uao.88.1620498140838; Sat, 08 May 2021 11:22:20 -0700 (PDT)
MIME-Version: 1.0
References: <> <20210507164115.462AE720C41@ary.qy> <> <> <>
In-Reply-To: <>
From: Seth Blank <>
Date: Sat, 8 May 2021 11:22:07 -0700
Message-ID: <>
To: "Murray S. Kucherawy" <>
Cc: IETF DMARC WG <>, John R Levine <>
Content-Type: multipart/alternative; boundary="0000000000000b4fbc05c1d5a00b"
Archived-At: <>
Subject: Re: [dmarc-ietf] https reports, or nits in draft-ietf-dmarc-aggregate-reporting-02
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 08 May 2021 18:22:28 -0000

(With Chair hat off and Valimail hat on)

Email works fine for reports, even huge ones at scale. HTTPS adds nothing
for us and adds complexity to report processing (multiple paths to
ingestion) that we’d rather avoid.

Of course, were HTTPS added to the spec, we’d implement it.


On Sat, May 8, 2021 at 11:14 Murray S. Kucherawy <>

> On Fri, May 7, 2021 at 12:22 PM John R Levine <> wrote:
>> On Fri, 7 May 2021, Murray S. Kucherawy wrote:
>> > [ mail and web departments don't talk to each other ]
>> > If that logic also holds for mail people and web people,
>> > I imagine the lack of interest here has a similar basis; we're talking
>> > about standing up a whole service or endpoint here, not just adding
>> records
>> > to a zone file.
>> That's true but there's also the fact that a handful of analysis services
>> like dmarcian and valimail collect a large fraction of DMARC reports.  If
>> a few of them were interested in https reports, it'd be worth adding.
> Ah, that's a good point.
> I think both of them are represented here, and maybe some other report
> processors.  Any feedback on this from them?
> -MSK
> _______________________________________________
> dmarc mailing list

*Seth Blank* | VP, Product
*p:* 415.273.8818

This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.