Re: [Gen-art] [dmarc-ietf] Genart last call review of draft-ietf-dmarc-psd-08
"Kurt Andersen (b)" <kboth@drkurt.com> Thu, 09 April 2020 21:04 UTC
Return-Path: <kurta@drkurt.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D1B33A0E7E for <gen-art@ietfa.amsl.com>; Thu, 9 Apr 2020 14:04:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4BuW3IHoXJ5i for <gen-art@ietfa.amsl.com>; Thu, 9 Apr 2020 14:04:38 -0700 (PDT)
Received: from mail-il1-x134.google.com (mail-il1-x134.google.com [IPv6:2607:f8b0:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3171D3A0E80 for <gen-art@ietf.org>; Thu, 9 Apr 2020 14:04:37 -0700 (PDT)
Received: by mail-il1-x134.google.com with SMTP id z12so69304ilb.10 for <gen-art@ietf.org>; Thu, 09 Apr 2020 14:04:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HfODZfzH1vNOUq2d9Z5QHP7U5mvYvCmSDvHLGdv9XkY=; b=BPnGceJhMBKq/eB5QJWpFtleGriLjqE9oweXREbr9C1V5qXqG8cfmV49gUhC+kV4IG VwHWlzVhM1LxNSJFpJn87JeqSjHS3QAglUrwNxNItE3fwRJsnVY+hd3CRF1IwFyrTRaF 8Ho6W/wU39gVFXbrYo5P9L85DJCv7BEYvmzjU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HfODZfzH1vNOUq2d9Z5QHP7U5mvYvCmSDvHLGdv9XkY=; b=Qal10cSYqpw1vtmmtU4Ar4aT0WHY3em1sc90qk9n/nKpUiE9zg9dxTve1Cp2VeFUmY 1b8J2V6TItzrUPc+QRhwTgMHvOAjsQPSiDol1S/UOi9bgXN52+NUutiamKmP0ZlDzWum htlDXUH9zlrgWtk0OYX7DZj4dq3zm/kex7N/iPCMzDjDFXPoznGFDkcuUr5/xshgYTKA KQzvDYQEXNw3/x1BD1uoHKAlLKekTorhrNDZaWMO+B5SYVRXalPv62GEcfsi27n/JFKl 4ZOyZ9mhyn5weC0J90XcFgL5zsFgdrt80o+oFUnd8mS//3W29VgJ6UXzVsZhg03wJ0/q hfTg==
X-Gm-Message-State: AGi0PubPMu39cb8hQC/eXiGKWy/TZsjDHeaL75Mz2gXBfHI5Y34+8Wy7 KoR1PB0WPNxKlsabK5iXkrHqbDFm/XboKCQ67ibSSg==
X-Google-Smtp-Source: APiQypLj2xK2esJYg6UaJMRA7nJP6/oZzbaLFdd7XnS1k9H8VSUGmj8kZSYXpFXf8HRT2qMNQwj53NuEwqzK1z2GKdw=
X-Received: by 2002:a92:db04:: with SMTP id b4mr1813287iln.120.1586466277029; Thu, 09 Apr 2020 14:04:37 -0700 (PDT)
MIME-Version: 1.0
References: <158613543159.15216.5517593808552135017@ietfa.amsl.com> <CA+Wg=gt1SMO0n9pLOY_CKemEHimr+mnWCpNcoJWq+Da9Np7UuA@mail.gmail.com> <CAL0qLwbpSLCqe05ctGfHRS3NCH+XN51-XKYt376avf5i19JJUA@mail.gmail.com>
In-Reply-To: <CAL0qLwbpSLCqe05ctGfHRS3NCH+XN51-XKYt376avf5i19JJUA@mail.gmail.com>
From: "Kurt Andersen (b)" <kboth@drkurt.com>
Date: Thu, 09 Apr 2020 14:04:22 -0700
Message-ID: <CABuGu1rekWo3mRkK_OpRksYNrSmPaFHD6k1_K=a7a_Sx7aMhBQ@mail.gmail.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: Todd Herr <toddmherr@gmail.com>, dmarc <dmarc@ietf.org>, General Area Review Team <gen-art@ietf.org>, Dale Worley <worley@ariadne.com>
Content-Type: multipart/alternative; boundary="000000000000e41ee005a2e1f607"
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/Y1M1kl7-L6Wrbyr751N9cuAaQGw>
Subject: Re: [Gen-art] [dmarc-ietf] Genart last call review of draft-ietf-dmarc-psd-08
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2020 21:04:41 -0000
On Thu, Apr 9, 2020 at 1:36 PM Murray S. Kucherawy <superuser@gmail.com> wrote: > > That seems like it paints a much clearer picture, which is what Dale was > after. A great start! > > On Thu, Apr 9, 2020 at 12:54 PM Todd Herr <toddmherr@gmail.com> wrote: > >> Having reviewed the comments, I'm wondering if perhaps the following >> draft rewrite of the Abstract section might be a first step to address many >> of the points raised? >> >> *AbstractDMARC (Domain-based Message Authentication, Reporting, and >> Conformance) is a scalable mechanism by which a mail-originating >> organization can express domain-level policies and preferences for message >> validation, disposition, and reporting, that a mail-receiving organization >> can use to improve mail handling. * >> >> *The original design of DMARC applies only to domains that are registered >> with a domain name registrar (called “Organizational Domains” in RFC 7489) >> and nodes in the tree below Organizational Domains. Organizational Domains >> are themselves nodes in the tree below domain names reserved for >> registration, with the latter commonly referred to as “Top Level Domains” >> (TLDs) (e.g., ‘.com’, ‘.co.uk <http://co..uk>’, etc.), although in this >> document they will be referred to as Public Suffix Domains (PSDs).* >> >> *Since its deployment in 2015, use of DMARC has shown a clear need for >> the ability to express policy for PSDs. This document describes an >> extension to DMARC to enable DMARC functionality for PSDs.* >> >> *RFC 7489 describes an algorithm for a mail-receiving organization to use >> in determining the Organizational Domain of an inbound mail message, and >> this algorithm recommends the use of a “public suffix list” (PSL), with the >> most common one maintained by the Mozilla Foundation and made public at >> <http://publicsuffix.org/ <http://publicsuffix.org/>>. Use of such a PSL by >> a mail-receiving organization will be required in order to discover and >> apply any DMARC policy declared by a PSD.* >> >> *This document also seeks to address implementations that consider a >> domain on a public Suffix list to be ineligible for DMARC* >> > I have two concerns with the proposed abstract: 1. ".co.uk" is not a TLD. TLDs are single label domains - there are ccTLDs and gTLDs. 2. The invocation of the PSL compounds the issue that was raised by Dave Crocker. How DMARC (RFC 7489) determines the organizational domain is orthogonal to this proposal which simply calls for a conditional additional check at the "org - 1" level. I recommend striking the penultimate paragraph in the proposal. --Kurt
- [Gen-art] Genart last call review of draft-ietf-d… Dale Worley via Datatracker
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Todd Herr
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Murray S. Kucherawy
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Kurt Andersen (b)
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… worley
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Scott Kitterman
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Seth Blank
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Murray S. Kucherawy
- Re: [Gen-art] [dmarc-ietf] Genart last call revie… Murray S. Kucherawy
- Re: [Gen-art] [Last-Call] [dmarc-ietf] Genart las… Scott Kitterman
- Re: [Gen-art] [Last-Call] [dmarc-ietf] Genart las… worley
- Re: [Gen-art] [Last-Call] [dmarc-ietf] Genart las… Tim Wicinski
- Re: [Gen-art] [Last-Call] [dmarc-ietf] Genart las… worley