Re: [dmarc-ietf] Inconsistencies in DMARC Aggregate Report XML Schema

Wed, 15 Nov 2023 05:22:52 -0800 

On Tue 14/Nov/2023 20:09:52 +0100 John Levine wrote:

Thanks for doing this work.  It cleans up a messy corner of DMARC.

It appears that OLIVIER HUREAU  <olivier.hur...@univ-grenoble-alpes.fr> said:
I was personally thinking about the following options: 
1) Specify Version "2" ...

2) Explore a JSON Format for Aggregated Reports: ...
3) Create an Extended XML Schema for Interoperability: Developing an extended XML schema that ensures interoperability across all versions could be a comprehensive solution. I have identified a working draft ( [ https://github.com/jorritfolmer/TA-dmarc/blob/master/bin/dmarc/rua_ta_dmarc_relaxed_v01.xsd | https://github.com/jorritfolmer/TA-dmarc/blob/master/bin/dmarc/rua_ta_dmarc_relaxed_v01.xsd ] ) that demonstrates promise, having resulted in approximately 10 times fewer reports with errors. I am inclined towards the third option as it offers a holistic approach to interoperability. 

If we were starting from scratch, 1 or 2 would be worth considering
but as you suggest, at this point nobody would do it.  So I agree
that it makes sense to build a schema that matches the reports
people are sending.



We've had quite some discussion on that scheme, which resulted in
https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-aggregate-reporting/blob/main/dmarc-xml-0.2.xsd
included in the current draft.

At a glance, some differences between our xsd (I) and jorritholmer's one (J) 
are as follows:
* I specifies targetNamespace, xmlns and elementFormDefault,
* I redundantly specifies min/max occurs on almost every element,
* J has an added empty disposition string "because Splunk returns an empty 'sp' 
string",
* I has an ActionDispositionType for disposition whereas J misses the "pass" 
element,
* I has a DiscoveryType, added after tree walk,
* in PolicyPublishedType, I has testing, J has pct, fo, rf, ri, rua, ruf and v,
* J adds uppercase Pass and Fail in DMARCResultType,
* J has a minOccurs="0" for the case of no DKIM signatures (neither specify 
unbounded),
* I has IP regexes that fit RFC column limitation,
* J adds "unknown" and "error" to SPFResultType,
* I adds "human_result" to SPFAuthResultType,
* I adds an ExtensionType to the feedback element.

Some of that may deserve a bit of review.

Best
Ale
--






_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to