It appears that Murray S. Kucherawy <superu...@gmail.com> said: >-=-=-=-=-=- > >On Sat, Feb 18, 2023 at 5:07 AM Alessandro Vesely <ves...@tana.it> wrote: > >> I was thinking of current time minus t=, which should be the real flight >> time >> from signature to verification. Thinking twice, it may also make sense to >> report how much time was left (or beyond) w.r.t x=, that is x= minus >> current time. >> > >I'm a little worried about scope creep here. Are we turning aggregate >reporting from something DMARC-specific into an all purpose delivery >reporting mechanism?
I would more characterize it as mission gallop. So I agree, DMARC reports are DMARC reports, not anything else, and they should include other stuff (SPF and DKIM) only enough to help diagnore DMARC failures. DKIM replay is *not* a DMARC failure. If we end up tweaking DKIM somehow, DMARC can use the tweaked DMARC but that is way, way down the road. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc