There are a few tickets that may break report ingestion systems due to structure and/or value changes. Should we decide that's an implementation issue, or that we truly can't change the format of the reports? I'm sure most ingestion systems are rather flexible given the number of reports that appear to not match what 7489 states/suggests.
If we are going to allow changes to the structure, and there is some concern about which version the receiver supports (or prefers?), should we put a flag into the DMARC record? And of course, that may dependent on the receiver, if multiple are listed, so that would have to belong to each individual receiving address. -- Alex Brotman Sr. Engineer, Anti-Abuse & Messaging Policy Comcast > -----Original Message----- > From: dmarc <dmarc-boun...@ietf.org> On Behalf Of Matthäus Wander > Sent: Thursday, May 13, 2021 5:29 PM > To: dmarc@ietf.org > Subject: Re: [dmarc-ietf] Versioning and XML namespaces in aggregate > reports (#33, #70) > > Alessandro Vesely wrote on 2021-05-10 18:29: > > On Mon 10/May/2021 17:28:20 +0200 Dave Crocker wrote: > >> If an new spec merely /adds/ to a previous spec, then the presence of > >> the new constructs is self-declaring. The only requirement is to > >> have the base specification declare that unrecognized constructs are > >> to be ignored. So, versioning adds the illusion of utility, but > >> really only adds unnecessary complexity. > > > > > > I think the format we'll end up with will be pretty compatible with > > the existing practice, meaning that existing report consumers that use > > a proper XML parser and ignore unknown tags can work unchanged. I > > don't think any consumer parses reports "by hands". > > Alright, introducing incompabilities is off the table and backward compability > is a must. This brings #51 into question, which may affect backward > compability. > https://urldefense.com/v3/__https://trac.ietf.org/trac/dmarc/ticket/51__;!! > CQl3mcHX2A!RCdb_46_lcqdxdM882JSzD-hjS- > 66H5H0OL8qTxqEITjJ7dViYTApbhFoP1sF8sc-3FowsLllQ$ > > > Regarding the existing top-level <version> below <feedback>: > Even if parsers don't require the version to function, it remains useful for > measuring the adoption of the different DMARC specifications (as requested > in #70). In fact, one implementation I looked at (parsedmarc) uses it for only > this purpose. A missing <version> is logged as "draft" > schema version. > > > Regarding the XML namespace declaration: > The XML schema serves not only as specification for developers, but can be > also used for automatic syntax checks of reports -- provided that the > namespace declaration is fixed. XSD validation is an immensely useful tool for > testing the output of report generators. It helped me to discover two nasty > bugs in an implementation, which appeared in 2 out of ~10k reports and > would have gone unnoticed otherwise. > A version number within the schema is not necessary for this use case. > > A different matter is whether automatic XSD validation on the report > consumer side is a supported use case. There is some value in it: two lines of > code suffice to perform input validation. However, the validation is strict > and > does not allow for being liberal in what you accept (might be handy for > protocol police, though). Achieving upward compatibility is not trivial, > because there is no general "ignore all unknown elements" statement in > XSD. It is possible to define a <xs:any> placeholder in the schema, but this > element must be inserted explicitly into each place where extensibility is > desired. This would require careful foresight in the schema design. > > Regards, > Matt > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmarc > __;!!CQl3mcHX2A!RCdb_46_lcqdxdM882JSzD-hjS- > 66H5H0OL8qTxqEITjJ7dViYTApbhFoP1sF8sc-3GZUejGJQ$ _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
