On Wednesday, July 27, 2022 4:05:27 AM EDT Alessandro Vesely wrote: > On Mon 25/Jul/2022 17:15:34 +0200 Scott Kitterman wrote: > > On Monday, July 25, 2022 9:59:02 AM EDT Alessandro Vesely wrote: ...
> > Here's what's currently in Git between the shortcuts and the numbered > > steps > > > > (it's in Markdown, vice final RFC text, but I think it's clear enough): > >> To discover the Organizational Domain for a domain, perform the DNS Tree > >> Walk described in (#dns-tree-walk) as needed for any of the domains in > >> question. > > What are the "domains in question"? > > >> For each Tree Walk that retrieved valid DMARC records, select the > >> Organizational Domain from the domains for which valid DMARC records were > > > >> retrieved from the longest to the shortest: > > If we change this to: > >> To discover the Organizational Domain for these domains, perform the DNS > >> Tree Walk described in (#dns-tree-walk) as needed for the domains in > >> question. For each Tree Walk that retrieved valid DMARC records, select > >> the Organizational Domain from the domains for which valid DMARC records > >> were> > >> retrieved from the longest to the shortest: > > Does that resolve your concern? I changed "for a domain" to "for these > > domains" to address your concern about relaxing requirements. I think > > you're wrong and it makes absolutely no difference, but if you think it's > > better, believe it would do. I do think the two sentences would better > > be in one paragraph as they are not really separate ideas. > > How about moving the reference to the Tree Walk right to the first > sentence at the beginning of the section, for example like so: > > > For Organizational Domain discovery, in general it is necessary to > perform two DNS Tree Walks (#dns-tree-walk)" in order to determine > if any two domains are in alignment. Noteworthy exceptions are > described in (#shortcuts). A DNS Tree Walk to discover an > Organizational Domain can start only at one of the following > locations: > > * The domain in the RFC5322.From header of the message. > * The RFC5321.MailFrom domain if there is an SPF pass result for > the message. > * Any DKIM d= domain if there is a DKIM pass result for the > message for that domain. > > For each Tree Walk that retrieved valid DMARC records, select the > Organizational Domain from the domains for which valid DMARC > records were retrieved from the longest to the shortest: > > 1 ... Let's focus on this part, as I think it's most important. In general, I think that's reasonable, but I think it needs work yet. How about this (and I'm fine with moving the note to the end): > For Organizational Domain discovery, it will be necessary to perform one or more DNS Tree Walks (#dns-tree-walk) to determine if any two domains are in alignment. This means that a DNS Tree Walk to discover an Organizational Domain will start at once of the following locations: > > * The domain in the RFC5322.From header of the message. > * The RFC5321.MailFrom domain if there is an SPF pass result for the > message. > * Any DKIM d= domain if there is a DKIM pass result for the message for > that domain. > To determine the Organizational Domain for any of thes domains, perform the > DNS Tree Walk as needed the selected domain. For each Tree Walk that > retrieved valid DMARC records, select the Organizational Domain from the > domains for which valid DMARC records were retrieved from the longest to the > shortest: > > 1. If a Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc