> On Jun 30, 2023, at 3:32 PM, Murray S. Kucherawy <superu...@gmail.com> wrote: > > On Fri, Jun 30, 2023 at 12:21 AM Jan Dušátko > <jan=40dusatko....@dmarc.ietf.org <mailto:40dusatko....@dmarc.ietf.org>> > wrote: >> Scott, Barry, >> as far as I understand, SPF are historic technology, > > Not in any official capacity. RFC 7208 is a Proposed Standard. In fact, in > IETF terms, it enjoys higher status than DMARC does right now. > > The status of these protocols is not under discussion. The only question is > whether DMARC should continue to factor SPF results into its output.
If I am reading the group right, using the suggested `auth=` tag for explanation, it appears the editor wants the new DMARCbis default to be: auth=dkim And it would required an explicit tag like; auth=spf,dkim to express a desire for spf to be in the evaluation. This offers DMARCbis backward compatibility. This would be the one “upgrade” change a domain would need to make, an optional “extended behavior” to make it behave like DMARC today. The default behavior today is auth=spf,dkim. DMARCbis’s default would be auth=dkim. I am saying it sounds like this. Overall, imo, it is never a good idea to exerted changes on domains with bis specs, requiring them to change their current DMARC record to reinforce the security level they want using SPF in DMARC evaluation. — HLS
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc