On Sat, Apr 15, 2023 at 3:58 PM Neil Anuskiewicz <neil= 40marmot-tech....@dmarc.ietf.org> wrote:
> 1. Cousin domains. We all get that dmarc doesn’t touch those. Dmarc is to > stop spoofing of exact domains. There are other technologies and methods > whose responsibility it is to track down and take down fraudsters. > The claim was made that DMARC solves a real problem, which is direct domain attacks. I don't think anyone doubts this to be true when it's used in transaction-only scenarios (the opposite of what we're now calling "general purpose" domains). There are two things I think that are important to resolve, and not dismiss as red herrings: (1) Exactly how much of a win is it when it's used in a way that disrupts normal operations? This may turn out to be a value judgement to some people, pitting the value of what DMARC actually solves against the value of what it breaks. This is extra challenging given the IETF's bias toward preferring things that interoperate. (2) Exactly how much of a win is it when attackers can simply change the domain they're using, use a display name attack, and still successfully attack the same operator? If the size of what it defeats turns out to be small relative to the overall attack space, then I think the answer to this question influences the answer to the first one. I think we should expect that these are the sorts of questions on which we will be challenged when we send this work out to the wider IETF. Punting on them as unimportant is not likely to result in a smooth ride. 2. I would like to know if general purpose domain == org domain in most > cases. Someone suggested the registration of a separate domain for general > purposes. That sounds reasonable as long as the advice is clear that this > isn’t advocating cousin domains. > Yes, that's my understanding of the term. As I recall, Yahoo! moved its people from yahoo.com to yahoo-inc.com, PayPal's from paypal.com to paypal-inc.com, Google's from google.com to google-inc.com, etc. -MSK, participating
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
