From: dmarc <dmarc-boun...@ietf.org> On Behalf Of Kurt Andersen (b) Sent: Monday, June 10, 2019 9:08 PM To: Scott Kitterman <skl...@kitterman.com> Cc: dmarc@ietf.org Subject: [EXTERNAL] Re: [dmarc-ietf] PSDs in draft-ietf-dmarc-psd On Tue, Jun 11, 2019 at 6:31 AM Scott Kitterman <skl...@kitterman.com<mailto:skl...@kitterman.com>> wrote: On Friday, June 7, 2019 7:02:59 AM EDT Hollenbeck, Scott wrote: > > It would be helpful to the reader if the draft were either clear about > potential limitations to deployment or more descriptive about the domains > for which the approach can work. Right now, PSD DMARC cannot be deployed > ubiquitously. That reality should not be overlooked. I see your point, but I think it's probably out of scope. This is an IETF document and such restrictions are outside the IETF's control. Also, keep in mind that once an RFC is published, it is immutable. If that guidance changes, then there would be no way to correct the document without spinning up a whole new RFC process. Is there a public, stable reference that describes the restrictions? If so, it might make sense to reference it. If we can, I think that would be much better than 'hard coding' the current external policy in an RFC. Including this information in the draft would be counter-productive. A large part of this effort is to document the desired handling so that the RFC can be used as documentation to support a change in ICANN policy. [SAH]: The draft is targeted for Experimental status. It would be irresponsible to not document conditions under which the experiment can or cannot be conducted. Section 3.2 of RFC 7489 does a good job of describing organizational domain variability; might there be some way of defining a PSD that’s based on the definition of an RFC 7489 organizational domain? That would address my concern, and it seems like it should be possible given that the definition of a “Longest PSD” in Section 2.3 is based on the organizational domain description from RFC 7489. On a slightly different note, Section 2.2 also says this: “PSD DMARC includes all public domains above the organizational level in the tree, e.g., ".gov.uk".” Registration in .gov.uk is restricted (https://www.gov.uk/government/publications/naming-and-registering-government-websites). What exactly is meant by “public domains”? Scott
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc