Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Scott Kitterman
On Thursday, September 14, 2023 5:27:08 PM EDT Wei Chuang wrote: > On Sun, Sep 10, 2023 at 11:34 AM Scott Kitterman > > wrote: > > On Thursday, September 7, 2023 12:28:59 PM EDT Wei Chuang wrote: > > > We had an opportunity to further review the DMARCbis changes more > > > broadly > > > within

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Wei Chuang
On Sun, Sep 10, 2023 at 11:34 AM Scott Kitterman wrote: > On Thursday, September 7, 2023 12:28:59 PM EDT Wei Chuang wrote: > > We had an opportunity to further review the DMARCbis changes more broadly > > within Gmail. While we don't see any blockers in the language in > DMARCbis > > version 28

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Hector Santos
> On Sep 14, 2023, at 10:39 AM, Murray S. Kucherawy wrote: > > On Wed, Sep 13, 2023 at 6:01 PM Douglas Foster > > wrote: >> >> The coverage problem is aggravated if we assume rational attackers. With a >> plethora of domains available for

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Hector Santos
> On Sep 14, 2023, at 7:36 AM, Dotzero wrote: > > On Wed, Sep 13, 2023 at 9:21 PM Hector Santos > wrote: >> >>> On Sep 13, 2023, at 8:51 PM, Dotzero >> > wrote: >>> >>> DMARC does one thing and one thing only. It mitigates against direct

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Murray S. Kucherawy
On Wed, Sep 13, 2023 at 6:01 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote: > Let's analyze the problem Jim raises, using it to answer Hector's question > about where responsibility lies. > > Our assumed reference model is a fully automated, by-the-spec > implementation of RFC

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Dotzero
On Wed, Sep 13, 2023 at 9:01 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote: > Let's analyze the problem Jim raises, using it to answer Hector's question > about where responsibility lies. > > Our assumed reference model is a fully automated, by-the-spec > implementation of RFC

Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-failure-reporting-09.txt

2023-09-14 Thread Alessandro Vesely
On Thu 14/Sep/2023 13:10:16 +0200 internet-drafts wrote: Internet-Draft draft-ietf-dmarc-failure-reporting-09.txt is now available. It is a work item of the Domain-based Message Authentication, Reporting & Conformance (DMARC) WG of the IETF. [...] A diff from the previous version is available

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Dotzero
On Wed, Sep 13, 2023 at 9:21 PM Hector Santos wrote: > > All the best, > Hector Santos > > > > On Sep 13, 2023, at 8:51 PM, Dotzero wrote: > > > > On Wed, Sep 13, 2023 at 5:28 PM Hector Santos wrote: > >> On Sep 11, 2023, at 9:24 AM, Dotzero chastised >> Douglas Foster >> >> Absolutely

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-14 Thread Alessandro Vesely
On Sat 09/Sep/2023 20:16:04 +0200 Douglas Foster wrote: Thus, if I get N messages from example.com , and the "pct" value is X, then the DMARC test is applied only to X% of that N; the simplest way to do this per-message would be to pick a random number between 0 and 1 and

[dmarc-ietf] I-D Action: draft-ietf-dmarc-failure-reporting-09.txt

2023-09-14 Thread internet-drafts
Internet-Draft draft-ietf-dmarc-failure-reporting-09.txt is now available. It is a work item of the Domain-based Message Authentication, Reporting & Conformance (DMARC) WG of the IETF. Title: Domain-based Message Authentication, Reporting, and Conformance (DMARC) Failure Reporting