In article <5126347.eOcQ2jtf8Q@kitterma-e6430> you write: >This update removes the IANA registry (which is what I think I was supposed to >do based on the feedback to date). I also bulked up the Privacy/Security >considerations descriptions since they are no longer mitigated. > >I'd like feedback on the best path forward. Essentially this draft replaces >the IANA registry with an undefined way to know where PSD DMARC is >appropriate. I think we need something better than that, but I didn't know >what.
The more I look at this, the less I understand what problem it solves. If you manage a zone that can publish a PSD policy, you have some kind of relationship with the zone members so you should be auditing their policies anyway. To take a non-random example, I looked at the 2700 names in .BANK. There are 122 with no DMARC at all, which PSD might help, but there are also 164 with p=none, 29 with p=quarantine, 7 with pct=N where N is not 100, 4 with multiple policies, and about 30 where the DMARC record is invalid. Assuming your goal is to get everyone to p=none, PSD doesn't impress me as offering significant help. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
