On 6/16/2020 2:19 PM, Brandon Long wrote:
So you think we should include https://wiki.asrg.sp.am/wiki/Mitigating_DMARC_damage_to_third_party_mail in the actual spec?
In essence, with IETF review to update, clarify, extract parts, simplify, I think there are elements that are candidates as a MUST addition to the spec. They would address the remaining states in the protocol's framework.
With a quick review, my direct involvement experience with the WG ATPS vs TPA proposals, I would take exception to the statement "TPA is intended to replace RFC6541." While it may be the wiki author's opinion, it was not what I experienced in the WG. I found the TPA proposal to be complex and a hard to read draft. I believe it also included trust assessment concepts as well. ATPS was 16 pages. TPA is 40 pages. ATPS was a much simpler protocol to implement asking the basic question "Is this 3rd party (re)signer domain authorized?" ATPS was implemented in my product line, not TPA. I don't know where TPA was implemented. With the TPA proposal's author MIA today, how would it work? Someone else take it over? Nonetheless, it should be added to the list of solutions to review.
Thanks -- Hector Santos, https://secure.santronics.com https://twitter.com/hectorsantos _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
