Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL

["Murray S. Kucherawy" <superuser@gmail.com>]

On Mon, Nov 11, 2019 at 7:54 AM John Levine <johnl@taugh.com> wrote:

> In article <CAL0qLwbo1AtJ6LG1UuSSoBC-GwjdQsc5CA2h6q5VqMxH=
> dxK5w@mail.gmail.com> you write:
> >Just to be clear: The policy for changes to that registry is "Expert
> >Review", but since the action that put it there was a document with IETF
> >consensus, I'm pretty hesitant about just approving this change based on a
> >formal request.  I'd rather at least see some consensus discussion about
> >it, or even better, a revision/update to RFC8601.
>
> Hey, wait, Expert Review is supposed to be considerably looser than RFC
> Required.
>

Sure is.

Since there's no danger of running out of token names, I'd encourage
> you to accept new ptypes if they have a clear spec and a plausible use
> case.  In this instance, I think the description in the I-D is OK, but
> for the use case I would like some evidence that someone, somewhere is
> implementing it and doing something with the result.
>

As far as I know we're talking about "dnswl" which is a method, not a
ptype.  There is one known implementation (CourierMTA, I believe) which is
the impetus for the registration.  I think the name is constrained to
whitelists even though DNS-published lists might have the opposite meaning,
so I wish there had been some discussion before there was an
implementation.  But unless someone wants to argue a risk of actual harm
from that, I don't see any reason not to approve it given its very limited
deployment so far.

Assuming the ptype we're talking about is "dns" which is defined in the
same document, the definition is terse and there's not much guidance for
the designated expert about what things should be allowed with respect to
future registrations.  I think Scott basically said the same thing.  I'd
like to see those points addressed before green lighting it.

-MSK