On Thu 12/Nov/2020 22:31:25 +0100 Dave Crocker wrote:
On 11/12/2020 1:23 PM, John Levine wrote:
The semantics are definitely not the same. You now can put a DMARC
record on a name below the org domain to shadow a subtree,
that's why the group should first focus on the semantics it wants/doesn't want,
independent of how the semantics are achieved. The statement of what is wanted
should be administrative/authority language, not technical language.
Agreed. And I don't think that a tree walk would match DMARC semantics.
AIUI, the Organizational Domain must be a domain recognized by all "subdomains"
as authoritative on policies.
Of course, if every organization had the ability to generate DNS records for
each domain, there would've been no need to use the PSL. SPF experience taught
that even "smart" organizations may lack the ability to do so. Hence, the
Organizational Domain must be such that its admins are entitled to generate
those records if they wanted to.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
