On Sat 30/Jul/2022 21:16:40 +0200 John Levine wrote:
Sorry, but this is just wrong. DMARC and the tree walk have
nothing, and I emphasize nothing, to do with zone cuts.
I thought a zone cut marked the boundary where an organization
delegates control to another one.
No, it's the place where one set of name servers delegates part of
their DNS tree to another set.
Isn't that the same thing?
Sometimes the name servers are in different organizations, sometimes
they are not. I have also seen situations where a company hosts DNS
for several of its customers all in the same zone, with no zone cut
between them.
I understand that it often happens to find servers of Dyndns, Zoneedit
and similar companies. However, not setting a zone cut may make
authorizations difficult, unless those customers use all the same
predefined set of records. What kind of Internet activity can they do
that way?
In many cases, that would be the org domain, no?
Sometimes, but you cannot tell, because DMARC and the tree walk have
nothing to do with zone cuts.
Of course one cannot tell. Wouldn't you agree that if it were
possible to tell zone cuts then we wouldn't need the tree walk, and
the PSL wouldn't have been developed as well?
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc