Pardon, I thought John indicated that it was effectively vetoed by two large mailers
On Sun, Jun 11, 2023, 8:27 AM Barry Leiba <barryle...@computer.org> wrote: > Are we *again* questioning the tree walk, which is, recall, a settled > issue? > > Barry > > On Sun, Jun 11, 2023 at 7:53 AM Douglas Foster > <dougfoster.emailstanda...@gmail.com> wrote: > > > > Given that the PSL is subject to errors, it is reasonable to warn > senders that > > > > "Because of the risk of PSL errors, some evaluators MAY NOT accept some > or all forms of relaxed alignment as acceptable authentication." > > > > Technically, this is just stating the obvious, since evaluators MAY do > whatever they want. Then the inference from that warning is: > > > > "Senders SHOULD avoid configurations that depend on the PSL for > authentication. This is accomplished by publishing a DMARC policy on both > the organizational domain and any mail-sending subdomains, and by using > strict alignment on those policies." > > > > But strict alignment will be burdensome for some configurations, so an > intermediate solution would be: > > > > - define an optional "organizational domain" token for DMARC policies. > If present, it must be equal to or a parent of the current domain. > > - If the token is provided AND matches the PSL, then the organizational > domain is considered safe for relaxed alignment. If the token is provided > but does not match the PSL, then the longer of the two domain names will be > used for relaxed alignment. > > > > By using same-domain DMARC policy, senders permit improved efficiency > for evaluators while protecting both senders and evaluators from PSL errors. > > > > Doug Foster > > > > _______________________________________________ > > dmarc mailing list > > dmarc@ietf.org > > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
