On 11/8/2018 1:19 PM, Murray S. Kucherawy wrote:
On Thu, Nov 8, 2018 at 3:53 PM Alessandro Vesely <ves...@tana.it
<mailto:ves...@tana.it>> wrote:
> and maybe it can solve the "PSL problem" if we can constrain the problem
> space to just the DMARC issues instead of recreating the
> DBOUND-solve-for-all morass.
This problem is simpler than DBOUND. Looking up text policies is
common to a
handful of protocols. A careful wording might make some
statements reusable in
general, even if the focus is kept on DMARC.
Sure, the DMARC case is half of what DBOUND tried to tackle. If
DBOUND had focused just on the DMARC use case, it would've succeeded.
If possible, we should be careful to create a solution that's
extensible to other use cases, not exclusive of them. Reviewing what
DBOUND tried to do might be very instructive here.
+1 (although I am not too keen on depending on a new RRTYPE)
I think we should be focusing on working on a DMARC proposed standard,
Standard Track status document and codify the many implementation
issues, including:
- The Author Domain identity (ADID) policy Lookup procedure with
support for minimal organizational lookup concepts,
- alignment issues (clarifications),
- rejection logic (clarifications), and
- ADID Rewriting implementation logic for List Systems, in order to
maintain (as much as possible) the original organizational POLICY
security.
The above are the key implementation issues I am currently going
through as I am updating/migration/augmenting DMARC into my existing
ADSP/ATPS/DKIM package but one where we would like to finally add and
honor the (risky) policy disposition logic (rejection, quarantine).
For all these years, we did the Auth-Res header generation/recording
with the idea of using a future filtering module. We are at this point
now, especially since the industry has finally "accepted" after more
than a decade, the original proof of concept, DKIM Author Domain
Policy model.
Anyway, there is good new proposed work, but in my opinion, since this
is really all time consuming (and costly), and it will take a long
time, I think we should view the new work as part of DMARC and finally
focus on working on the IETF-sanctioned DMARC "Standard Track" status
specification and get all the learned implementation details codified
and worked out.
Have a good weekend,
Hector Santos/CTO
Santronics Software, Inc.
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
