Re: [DNSOP] PSD records, was Verifying TLD operator authorisation

"John R Levine" <johnl@taugh.com> Sun, 23 June 2019 02:27 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0A7D1200C4 for <dnsop@ietfa.amsl.com>; Sat, 22 Jun 2019 19:27:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=GS0WRpFL; dkim=pass (1536-bit key) header.d=taugh.com header.b=L2Q2zZ5X
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwjnbKxLrBrp for <dnsop@ietfa.amsl.com>; Sat, 22 Jun 2019 19:27:19 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66079120043 for <dnsop@ietf.org>; Sat, 22 Jun 2019 19:27:19 -0700 (PDT)
Received: (qmail 9687 invoked from network); 23 Jun 2019 02:27:16 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=25d2.5d0ee384.k1906; i=johnl-iecc.com@submit.iecc.com; bh=4zLFrN4yAMCNNiePcUQxxfBuHoIOpdysPlGsMk3dqfw=; b=GS0WRpFLQ5wIqtUsxEWDhQDGYpY+F8VDaI3aOLMf7ga4YYDTh8YcPw9+axEjT8FNE7i8V7GvbO1QjaU6P13N4X9lu9W/OU9FqtttSLHE51Sk+s2A/askLD3fU1JkSpnDnl3j7inUFSQvIQPYFfnyr8eloxRwYoQcE3Ic1FOJIIw+IqH9MhylTLTpVxp0LOYD0yFYpYiJEUuge8e/M+dFlMa3kqq+Rkf1Af2IbYb/vV0TqzgaDtx4qih7kIQBcrR/
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=25d2.5d0ee384.k1906; olt=johnl-iecc.com@submit.iecc.com; bh=4zLFrN4yAMCNNiePcUQxxfBuHoIOpdysPlGsMk3dqfw=; b=L2Q2zZ5X87mL6uMeDikzIY3WFL/xfJ3GG7nOOVvN7zT9G+m+UIlVCO+BK4F4TN6w8F5aTNvz+012hu0qg/Tc5tE0hrk3XHW1GiT1CMTGDrSs1UUUcaocyqAv0OcK4mLefHl/RHUfrwtJkrJpq9f6KjQMsT2ZtDiDsyHkknUsOpCQ0H9j9CD+It+sKRpOiHlcJN7LO+duKqw2moZdFulk9p/+giEDbxRqtGaJAvC2+pE1PtyDI12r0bn4DU782d9U
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.2 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 23 Jun 2019 02:27:16 -0000
Date: Sat, 22 Jun 2019 22:27:14 -0400
Message-ID: <alpine.OSX.2.21.9999.1906222224080.58244@ary.local>
From: John R Levine <johnl@taugh.com>
To: Tim Wicinski <tjw.ietf@gmail.com>
Cc: dnsop <dnsop@ietf.org>, Seth Blank <seth@valimail.com>
In-Reply-To: <CADyWQ+GMNMyMYJd1nKeVzQrviSdwG4=NcAxNcDS0Gr5rRYtxzA@mail.gmail.com>
References: <CADyWQ+HVYAfVE0WSEPAG7Zz_OL+uM4DmHRLn6Y=mAPQZE5M7eQ@mail.gmail.com> <20190622030814.2556D201630FF7@ary.qy> <CADyWQ+GMNMyMYJd1nKeVzQrviSdwG4=NcAxNcDS0Gr5rRYtxzA@mail.gmail.com>
User-Agent: Alpine 2.21.9999 (OSX 337 2019-05-05)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/d537jo5dxC32mU_M4KN4kobPalY>
Subject: Re: [DNSOP] PSD records, was Verifying TLD operator authorisation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Jun 2019 02:27:21 -0000

> I've been talking to folks over the past months on this problem space 
> trying to grapple with quantifying what other folks see.  Part of this 
> reason is that my employer has this problem, ...

Sorry, it's not clear what "this problem" is in context.  Applying DMARC 
across all of a TLD or public 2LD (what PSD does)?

PSD can clearly do what it's intended to if DMARC code implements it, and 
since the number of DMARC libraries can be counted on one's fingers, that 
seems plausible.  But the bigger issue of identifying single-owner domains 
at various level, and something that scales better than downloading a text 
file remain open.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly