On 11/7/20 1:11 AM, Alessandro Vesely wrote:
On Fri 06/Nov/2020 14:57:46 +0100 Todd Herr wrote:
On Fri, Nov 6, 2020 at 7:27 AM Douglas E. Foster wrote:
It makes no sense to allow "p=" missing. Why would we suggest that
all
existing implementations alter their code to tolerate additional
unnecessary complexity, rather than requiring domain administrators
to key
a few more characters so that code changes will not be necessary?
Are there really implementations that choke on missing p=?
How about "v=DMARC1; p=none; p=quarantine;"?
I'm pretty sure both cases would be invalid as DMARC policy records, in
which case they should be ignored. If an implementation is trying to do
something with invalid records like these, particularly one with
multiple "p=" tags, then that would be a problem.
I also don't understand this comment from Alessandro :
"Operators who don't need policy, for example external report
receivers who just want to publish verification records, would find
the relevant
info in the base spec." >>
There is only one policy record, published by the domain owner. The
DNS
record either suggests enforcement (p=quarantine, p=reject) or it
does not
(p=none, p=missing, no DMARC record).
I can't speak for him, but I believe he's referring to the records
that a
report consumer outside the authority of the domain at issue might
publish,
as documented currently in
https://tools.ietf.org/html/rfc7489#section-7.1.
In those cases where, for example, foo.com publishes a DMARC policy
record
with a rua= value of say "repo...@bar.org", there must exist a TXT
record
of "v=DMARC1" at foo.com._report._dmarc.bar.org in order to confirm that
bar.org is consenting to receive these reports.
Exactly! Dropping the requirement allows the definition of DMARC
record to be unique. Not a terrific gain, just a little simplification.
I'm not aware of any requirement for third party report receivers to
publish a DMARC policy record for their domain, in order to operate as
report receivers. If that's what you meant, Ale, can you tell us where
it appears in RFC7489 or the -bis spec?
--S.
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc