On 11/24/2020 9:21 AM, John Levine wrote:
With the tree walk, I was thinking that if the tree walk finds a _dmarc record, 
that acts
as the organizational domain, so finance.acme.example can only allow alignment 
with itself
or its descendants.

This is different from the way that OD works now, but the questions are is it 
worse, and what
will break if we do it.


Let's consider some attributes, starting with a trivial initial set...


*Accuracy:*       How accurate is the data that gets retrieved?

*Reliability*:    How likely is it that a query will complete successfully?

*Latency:*        How long does it take for a query to complete?

*Vulnerability:*  How easily/likely is it that the service can be compromised?

*Scaling:*        How well does it operate, at Internet scale?


*PSL* *Tree-Walk*

*Accuracy: *       Known problematic        100%

*Reliability:* High                     Mixed

*Latency: * None                     Potentially high

*Vulnerability:*     Generally none           DOS

*Scaling:*           Poor admin, good ops     Good admin, potentially poor ops


d/

--
Dave Crocker
dcroc...@gmail.com
408.329.0791

Volunteer, Silicon Valley Chapter
American Red Cross
dave.crock...@redcross.org

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to