> On Apr 10, 2023, at 12:55 PM, Murray S. Kucherawy <superu...@gmail.com> wrote: > > I think the one thing we haven't discussed is: Could the 80-20 rule apply > here? That is, if we start off with something like what > draft-kucherawy-dkim-transform proposed (or even a trivial subset of it), > might it make enough of a dent to get us through this stalemate, and then we > can figure out what to do with the rest of it? >
Speaking of Pareto: - DMARC covers only 22% of the full ranges of signature scenarios with no provision to define nor authorize 3rd party (re)signers. - Occam’s Razor, the solution is often more simpler than its often appears, 80% of the time — ATPS. Your Idea. Champion it and it will get supported by your peers. Want to try inline method? Fine. But explain why more complexity is better to reach same conclusion ATPS provides. Best option; support both to cover the different admin methods. - 80% of those who have been involved since MARID with LMAP, SPF, DKIM/, SSP, ADSP and "Super ADSP” DMARC are disillusioned why the IETF has allowed the same key cogs over 17 years to continue to perpetuate a broken protocol and problem when they never believed in SPF, ADSP and DMARC — their focus was Reputation modeling with no standard in place for an assessment lookup (opening a door for business interest). This is not about heuristics. We should first close the deterministic holes by providing domains a method to expose their 1st vs 3rd party expectations. DMARC is not a protocol complete when it comes to domain policies. Too many closes. 80%??? — HLS _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
