Since the conflict between DMARC and Mailing Lists is related to the changes that Mailing List apply to a received message, it may be useful to review the purposes that each of those changes serve, with a goal of eliminating unnecessary changes.
Specifically, this list adds a footer to every message. Is the footer a "trust indicator" which serves an imaginary purpose, or a necessary addition for other reasons? If it is added as a trust indicator, perhaps it could be dropped. I would be willing to format my submissions to IETF specifications, if it would protect the integrity of my signature. But IETF has not disclosed a way for that to be done. What I can determine is that the footer addition is currently unconditional, as evidenced by reply messages with multiple copies of the footer, and therefore I cannot prevent my signature from being invalidated. DF -----Original Message----- From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Dave Crocker Sent: Wednesday, July 22, 2020 9:24 AM To: IETF DMARC WG Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations On 7/21/2020 1:08 AM, Laura Atkins wrote: > When we’re basing a protocol on “what the user sees” and “what the > user can trust” then I think we have to. DMARC says “users can trust > that mail from @domain.example is really from @domain.example” but if > the user never sees that, how do they know? I think this can be connected to the query about threats that DMARC is intended to respond to, by virtue of suggesting clarity about /where/ the responding takes place. My contention is that it takes place in a receiving filtering engine and does not take place at the user level. Further, it's one more data point in that engine's analysis process, rather than being in any simple way definitive. In any event, work here really should make a point of creating text that is clear about threats DMARC is intended to respond to, and clear about where such responding takes place. To the extent any of that text makes assertions about the performance of end users, it needs to cite the basis for the assertions. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
