Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-psd-11.txt

Alessandro Vesely <vesely@tana.it> Sat, 20 March 2021 11:41 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8AF63A2080 for <dmarc@ietfa.amsl.com>; Sat, 20 Mar 2021 04:41:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iYo7sduoniuo for <dmarc@ietfa.amsl.com>; Sat, 20 Mar 2021 04:41:29 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D47133A207F for <dmarc@ietf.org>; Sat, 20 Mar 2021 04:41:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1616240482; bh=8QaoTC/qkTz3UOXU0SG1jfaQ+5Np+Np19vGWxwMM3nc=; l=1557; h=To:References:From:Date:In-Reply-To; b=Br1IQA/CvgXfF9erPP5M4bQLJXCYn1rfN4CZHjOxP3XuG4MIhgUnGl2bhz/mj9+8r sTImZj5zF4y1DSzFN1QuD7nkx+bmCZyChsauiRZ9gQki+CnNdAfVkUhh+TE6jsYoND PJFfIXuflo1RRRfYtlGpjSnTFk45KDJI8w4N31lr6tp1HFtFFN2Rtl4+RCt8c
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0CB.000000006055DF62.00007A45; Sat, 20 Mar 2021 12:41:22 +0100
To: Tim Wicinski <tjw.ietf@gmail.com>, IETF DMARC WG <dmarc@ietf.org>
References: <161616297099.26288.5532647192522385084@ietfa.amsl.com> <b6acffdb-9700-b078-6cd2-e76d7f677f32@tana.it> <CADyWQ+Gvu3Nw0kMLkJ=kAVZkG+yf-Zo+nJ+PwL0pekXcG7TDbw@mail.gmail.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <27e3365b-0e7f-f6c1-b702-ab9ab4ba8379@tana.it>
Date: Sat, 20 Mar 2021 12:41:22 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0
MIME-Version: 1.0
In-Reply-To: <CADyWQ+Gvu3Nw0kMLkJ=kAVZkG+yf-Zo+nJ+PwL0pekXcG7TDbw@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/xYlGH36tK9CZ7YgyBGff9HfTAnA>
Subject: Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-psd-11.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Mar 2021 11:41:31 -0000

On Sat 20/Mar/2021 01:38:40 +0100 Tim Wicinski wrote:
>> NEW
>>      o  Branded PSDs (e.g., ".google"): These domains are effectively
>>         Organizational Domains as discussed in [RFC7489].  They control
>>         all subdomains.  These are effectively private
>>         domains, but listed in the Public Suffix List.  They are treated
>>         as Public for DMARC purposes.  They require the same protections
>>         as DMARC Organizational Domains, but are currently unable to
>>         benefit from DMARC.
>>
> Hmm, "Public Suffix List" is in this paragraph.  Needs rethinking.


Oops, I missed a couple of those "Public Suffix List" entries.  That term was 
where the conundrum stemmed from, possibly because we're unsure how much we 
want to bind DMARC to the only PSL implementation we know.  That's why we want 
to avoid that term.

OTOH, the term "Public Suffix Domain" (PSD), seems to be sound.  It is often 
defined as "a domain under which multiple parties that are unaffiliated with 
the owner of the public suffix domain may register subdomains."  We can say 
that a domain "formally is a PSD" rather than it "is listed in the PSL".  The 
faint semantic difference between the two phrases is the source of the conundrum.

Being a PSD refers to a kind of contract.  ICANN mentions the above definition 
in a Policy Update issue[*], referring it to an expired IETF draft.  Should our 
I-D include such a definition?


Best
Ale
-- 

[*]
ICANN Policy Update | Volume 15, Issue 5 | Pre-ICANN53, June 2015
https://www.icann.org/resources/newsletter/policy-update-2015-06-16-en