On Wed, 11 Nov 2020, Dave Crocker wrote:
There is a difference between "splitting out existing text, on topic x" from
"revise text on topic x".
The current suggestion is to take the org domain text that is current in the
DMARC spec and to split it out, so that the core DMARC spec does not contain
specification language about organization domain, other than "find the
organizational domain".
The current text says (in many more words), take a list of public
suffixes, find the longest match, and the Org domain is one below that
match. If we consider the Org domain to be found via a list of public
registration points, that won't change. We might change where the list
comes from, and perhaps some hackery like my DNS wildcards to make the
implementation of the search faster. This tells me the separate document
is on the order of one sentence saying where the list is.
The other alternative is forget public suffixes and walk up the tree until
you find a _dmarc record or you hit the root. That has a lot of
advantages: it's easy to describe, everyone gets the same answer, and
Scott automatically gets his superdomain check. I believe the main
argument against it is that the DNS crowd has has been allergic to tree
walks, but the cost of potentially malicious tree walk names like
a.b.c ... x.y.z.example.com is not a big deal any more since RFC 8020.
If you mean that we would punt a potential change this large into a
different document, that seems like a stretch.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
