Just to be clear, I'm not challenging the need. Rather I'm just looking
for text that explains the need. And I'm not finding it...
On 11/24/2020 7:28 AM, Todd Herr wrote:
There are two reasons (at least) for needing the Organizational
Domain, and they are discussed in RFC 7489:
1. DMARC also allows for the explicit or implicit expression of
policy for sub-domains at the Organizational Domain level. This
matters for those times when _dmarc.RFC5322.From.domain is
non-existent and RFC5322.From.domain is a sub-domain of the
Organizational Domain.
2. The default mode for authenticated identifier alignment, relaxed,
requires only that the Organizational Domains for both identifiers
are the same, and so the Organizational Domain must be known in
order for relaxed alignment to be ascertained.
Except that I do not find either of these points provided in the document.
What is perhaps missing from RFC 7489 is the reason that the authors
chose to make these two items part of the specification.
That would, of course, also be nice to include.
d/
--
Dave Crocker
dcroc...@gmail.com
408.329.0791
Volunteer, Silicon Valley Chapter
American Red Cross
dave.crock...@redcross.org
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
