From a software engineering standpoint, we have an "Lookup" black box
mechanism. It should be left open-ended so the DMARC-bis can move it.
The default mechanism is the existing DMARC one. Consider PSD a
Lookup extension to DMARCbis. DMARCbis can describe "Lookup
Extensions." Remember, we still TPA design issues and we have an
extended lookup ATPS deployed. Until we get a valid TPA method more
systems accept, we will never be done with DKIM Policy modeling.
Can we please move on to completing DMARC as a standard?
On 2/3/2020 10:08 PM, Murray S. Kucherawy wrote:
On Mon, Feb 3, 2020 at 4:24 PM Craig Schwartz <cr...@ftld.com
<mailto:cr...@ftld.com>> wrote:
Hi Murray,
<<<The chairs will not accept hearsay replies or opinions, or
expressions of needing this work but not knowing how to engage;
you either give your feedback on the list or privately to the
chairs or Area Directors, or you are along for whatever ride
results. Please indicate, as soon as possible, where your support
lies given the above.>>>
In my capacity as managing director of fTLD Registry Services
(fTLD), registry operator of the .BANK and .INSURANCE TLDs, I
believe PSD would provide invaluable threat intelligence to domain
registrants and to TLD administrators like ourselves for
NXDOMAINs. PSD has tremendous value to specialized TLDs including,
but not limited to, .BRANDS, community-based domains,
high-security domains, governments, etc. and as such I believe PSD
should proceed. I’ve previously posted to this list expressing
this view and while fTLD cannot participate in experimentation due
to a prohibition by ICANN, we remain committed to supporting and
seeing this work continue.
Craig,
Thanks for this, and for one other person that sent to the chairs
privately (it was a list non-member caught in moderation, nothing secret).
To be clear, however: I think the working group mailing list archive
has enough of a record that participants think the experiment will be
useful or even critical to the evolution of DMARC, though people are
of course welcome to affirm that support for the record. The question
being put, however, goes to the form of the experiment and the current
form of DMARC as a protocol with respect to determining Organizational
Domains, and whether there are indeed risks to the deployed
infrastructure that the experiment could become permanent. That's the
meaty stuff that would really help to move this along.
-MSK
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
--
HLS
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
