On 6/16/2020 2:19 PM, Brandon Long wrote:
So you think we should include
https://wiki.asrg.sp.am/wiki/Mitigating_DMARC_damage_to_third_party_mail in
the actual spec?

In essence, with IETF review to update, clarify, extract parts, simplify, I think there are elements that are candidates as a MUST addition to the spec. They would address the remaining states in the protocol's framework.

With a quick review, my direct involvement experience with the WG ATPS vs TPA proposals, I would take exception to the statement "TPA is intended to replace RFC6541." While it may be the wiki author's opinion, it was not what I experienced in the WG. I found the TPA proposal to be complex and a hard to read draft. I believe it also included trust assessment concepts as well. ATPS was 16 pages. TPA is 40 pages. ATPS was a much simpler protocol to implement asking the basic question "Is this 3rd party (re)signer domain authorized?" ATPS was implemented in my product line, not TPA. I don't know where TPA was implemented. With the TPA proposal's author MIA today, how would it work? Someone else take it over? Nonetheless, it should be added to the list of solutions to review.

Thanks

--
Hector Santos,
https://secure.santronics.com
https://twitter.com/hectorsantos


_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to