In article <3881693.rR9BVk4Dlq@kitterma-e6430> you write: >2. Externalize signaling about PSD participation. As discussed in the >Privacy Considerations (section 4.1), we were concerned about the privacy >implications of feedback on organizational domain traffic for organizational >domains that don't participate in DMARC being inappropriately captured by >public suffix operators.
It seems to me this horse left the barn a long time ago. Mail systems routinely check domains in HELO and in MAIL FROM against DNSBLs, which is at least as loggy as anything a DNS version of this check will do. Also, if you really want to keep people from logging your queries, you can set up a local mirror of the DNS zone, and update it in the usual way with AXFR and IXFR. Whatever one might have in mind for a text version of this, a binary AXFR would be about as fast and IXFR of just the occasional change faster. Take a look at my DBOUND proposal. I think it would be just the ticket for this application. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
