On Saturday, July 16, 2022 7:16:12 AM EDT Alessandro Vesely wrote: > On Fri 15/Jul/2022 18:03:36 +0200 John Levine wrote: > > On Fri, 15 Jul 2022, Alessandro Vesely wrote: > >> Organizational Domains are defined as PSD+1, and can have DMARC records > > > > I think this would be a good time to review the way relaxed alignment > > works in sections 4.5 through 4.8 of the draft. > > I think this statement in 4.8 is inexact: > > OLD: > If this process does not determine the Organizational Domain, then > the initial target domain is the Organizational Domain. > > NEW: > If this process does not determine the Organizational Domain, then > the initial target domain is the Organizational Domain, unless it > is a PSD. > > > Indeed, since we said an org domain is PSD+1, a PSD cannot be an org > domain. OTOH, you can happen to start the process with a PSD. > > Perhaps we should take a position of treating a domain as if it were > an org domain albeit it isn't, for uk.com and similar?
I think the proposed change is incorrect. To pick a real example, gov.uk is a PSD with a DMARC record. It's one that I expect will add psd=y once the tag is assigned. There is no benefit from preventing gov.uk from sending mail and having it pass DMARC. We have discussed this concept before. With the draft as it stands, even if gov.uk had psd=y in its DMARC record, if the 5322.From, 5321.MailFrom, and DKIM d= were all gov.uk, uk.gov would be the organizational domain. With your change there would be no organizational domain determined and so nothing would align. Why would we want to do that? > > Perhaps 0.01% of the time, a tree walk will find a record with a psd > > tag. The other 99.99% of the time it's the shortest name with a DMARC > > record, and PSDs are completely irrelevant. > > Yes, you seem to be repeating this argument and I'm unable to grasp > its implication. The Internet itself wouldn't exist if there were no > PSDs, however rare. Programmers have to know what to do when they > find one. It's true that without PSDs there would be no Internet as we know it, but that's not relevant to DMARC. The only PSDs relevant to DMARC are those with DMARC records, so I don't think that's a relevant point. I think we have adequately specified what programmers should do. In the other thread I've suggested adding a PSD example to make the concept clear. I think that's enough. If there is something that's not adequately specified, please suggest changes to the document. While I disagree with your suggestion above, the fact that you proposed specific alternate text made it very easy to understand what you were proposing and I appreciate that. Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
