On Wed, Apr 12, 2023 at 6:31 AM Murray S. Kucherawy <superu...@gmail.com> wrote:
> To my mind, there's a substantial difference between something like TLSv1 > or HTTP whose deprecation excludes you from participating in something > until you upgrade, versus the DMARC situation where because of an > unfortunate interaction between A (e.g., me) and B (e.g., you) through > intermediary C (e.g., this list), D (e.g., someone else) is negatively > impacted. > Sorry, that's not quite right: You don't need "D"; if "A" sets a policy and "B" generally enforces anyone's policies, "B" will be impacted by messages from "A" transiting "C". I think your analogy would be more apt of "C" simply refused to accept anything from "A", or refused to let "B" subscribe. But that doesn't seem to be the kind of mitigation on which we've settled. And there's no way for "C" to know that "B" is enforcing until it's seen a bounce. And "C" would need to be sure about the reason for the bounce. -MSK, participating
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc