It appears that Scott Kitterman <skl...@kitterman.com> said: >> b. walk up from both, stop at the first DMARC record. If they're at >> the same name and it's not a PSD, they are aligned and that's the org domain >> >> b+. walk up from both, if the DMARC records are at the same name, it has >> psd=y, and they have the same name below the PSD, they are aligned and the >> name below the PSD is the org domain >> >> c and c+. like b or b+ but allow other non-PSD DMARC records below the org >> domain.
>I think a challenge with your definition for "b" and "c" is that there aren't >necessarily two domains at issue. It could be three. If you take the DKIM >signing domain and the 5322.From domains as an input that might yield a >different "org domain' than is yielded by the 5321.Mailfrom domain and the >5322.From domain (for SPF). ... I was thinking that you only compare them pairwise, 5322.From vs 5221.Mailfrom for SPF, or 5322.From vs DKIM signature domain. You'd start with the 5322.From to see what the org domain is, then check the other two if they get to the same place. >it would be useful to preserve this property. I think we can do this either >by walking up to the last domain with a non-PSD DMARC record or by walking >down to the first domain with a non-PSD DMARC record (I made an admittedly >poor >first attempt at this that's in the current draft). That could work too, so long as we believe that domains that use relaxed alignment consistently publish DMARC records. Any stats on that? >I support the idea of a separate draft, but I don't think it's essential to >making progress on DMARCbis. I don't see the point of a separate draft but I don't think it'll hurt anything. After the discussion of PSDs I think it is unlikely that this alignment will be useful for anything other than DMARC. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
