On Wed 03/Nov/2021 04:04:38 +0100 Scott Kitterman wrote:
On November 3, 2021 2:09:04 AM UTC, John Levine <jo...@taugh.com> wrote:
It appears that Scott Kitterman <skl...@kitterman.com> said:
4. Common parent domain not marked PSD. We could add a new tag to the DMARC
records for PSDs to indicate it's a PSD, so it's record shouldn't be used for
alignment. Getting this added to the literal handful of PSD records that
exist and specifying it should be used going forward is doable. To implement
this approach should produce identical (modulo PSL errors and omissions)
results to the RFC 7489 approach. It seems like we've decided to trust that
ICANN and ccTLD operators will effectively manage publication of PSL records
for policy discovery, so this leverages that trust to simplify alignment while
maintaining backward compatibility.
This is a much better worked out version of my DNS tree climbing proposal. I
like it too.
PS: Just out of nosiness, what PSD records exist now?
Thanks. As far as I know, .gov, .mil, .gov.uk, and .police.uk.
Hm... but PSDs don't seem to gain any extras by letting receivers know they're
a PSD, do they?
For a similar extension, subdomains could indicate their Organizational Domain.
That's in case a subdomain wants to override its OD policy, for example to
add themselves to the feedback reporting addresses. A subdomain can still be
interested in letting receivers know what is the actual OD, for example if they
want the receiver to find their BIMI certificate. This sounds similar to SPF's
include or redirect keywords. The receiver would have to load yet another TXT
record and somehow produce a merged policy.
OTOH, a subdomain that wants to distinguish itself from its OD wouldn't publish
any reference to the latter. They can already do this.
jm2c
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
