In article <3c89c5f8-853e-8a8a-d026-3a834d26e...@crash.com> you write: >On 1/20/21 15:10, Steven M Jones wrote: >> >> Duplicate reports to the same destination are not >> the base case > >I may be an idiot, or at least too quick to hit Send. Since nobody >implements https:// yet, what does the transition look like? Likely two >URIs to the same report processor, using each method.
Right, that's the question. I suppose we could do some hack like saying that you process the URIs from left to right, and if you succesfully do an https report, skip all subsequent mailto's, or subsequent mailto's in the same domain. For the specific details of https reporting, here's the two options (both already implemented): A) Do an HTTPS POST to the URL with application/gzip contents. This is similar to MTA-STS but has the disadvantage that you don't get the filename of the report. B) Do an HTTPS PUT to the URL appending the filename from sec 7.2.1.1, also with application/gzip contents. I mildly prefer B since the filename can be useful, and this makes it idempotent, since two PUTs of the same filename only store it once. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc