On May 30, 2014, at 6:46 PM, Steven M Jones <s...@crash.com> wrote: > On 05/30/2014 10:20 AM, Scott Kitterman wrote: >> On Friday, May 30, 2014 17:07:30 Elizabeth Zwicky wrote: >>> On 5/29/14, 8:44 PM, "Scott Kitterman" <skl...@kitterman.com> wrote: >>>> DMARC change is even more off the table than MLM software change >>> DMARC changes are not off the table for Yahoo. ... >> Great. Then instead of submitting DMARC as is via a non-IETF process, let's >> have a working group chartered to do that work. > > The Independent Submissions stream is an IETF process. However it does > not involve a working group. > > Whether due to too much concern over potentially incompatible changes, > or too much alarm at the language used to try to avoid it, past attempts > to form a working group failed. More than one attempt was made. The > Independent Submission stream was not the first choice. > > I have wanted to see DMARC - and any other necessary protocols - become > the subject of a working group for two years. I hope we can find a way > to make that happen.
Dear Steven, I agree with this view. I am confident a fairly effective protocol can allow a DMARC domain to communicate whether another domain forwards their messages. This could be seen as a type of federation similar to how single-sign-on works. Once such abilities have been instantiated between the domain asserting DMARC and the domain enforcing DMARC, nothing else really needs to change. There would be less concern about the negative impact DMARC could have on other email uses. Since this communication would serve a very small faction of overall email traffic from a DNS perspective, DNS should be fine. Results could be cached for 300 seconds or more to improve scaling and at the same time reduce latency. Even then, DMARC feedback would be a minor fraction of email related DNS traffic. Not offering feedback would be analogous to a parent denying the existence of their own children then having them fend for themselves. This attitude burdens receivers lacking knowledge about which exceptions are valid. No other domain should offer these answers. With that said, DNAME would also allow several DMARC domains to select a common feedback zone. It seems this would be close to what John Levine described, except each DMARC domain would be their own trust anchor for all their related email traffic. Regards, Douglas Otis _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc