On Fri 21/Jan/2022 18:59:16 +0100 John R Levine wrote:
Yes, that is the plan. Please go back and look at the discussion when we
talked about the tree walk in the first place.
I don't remember that we ever convene that subdomains cannot override the org
domain record.
The "org domain record" is now whatever you find in the tree walk. There is
nothing to override.
No, the concept of Organizational Domain is foundational to DMARC. We cannot
overthrow it to spare an extra lookup. When we talked about tree walk we knew
that additional lookups might well have come out.
To specify that a.b.example.com and c.example.com are not aligned is wrong.
Subdomains do override their org domain policy, in some cases just to add an
extra rua address. This has to still be possible, without disrupting the
alignment.
Todd managed to specify the tree walk under the assumption that every PSD would
fulfill our wish to discover a psd=y tag at the end of the walk. Since that
won't happen, then perhaps the psd= tag is not enough to specify a working tree
walk.
I propose role=, as it is more flexible than psd=. In the example, when
b.example.com realize (from feedback) what damage their record causes, they can
set role=sub in order to allow tree walkers to discover the real org domain.
If Todd devises a better way, he's welcome.
The PSL is gone.
Long live the king.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
