On 05/03/2024 21:47, Scott Kitterman wrote:
On March 5, 2024 8:10:46 PM UTC, Todd Herr
<todd.herr=40valimail....@dmarc.ietf.org> wrote:
On Tue, Mar 5, 2024 at 1:30 PM Scott Kitterman <skl...@kitterman.com> wrote:
On March 5, 2024 2:47:47 PM UTC, Todd Herr
<todd.herr=40valimail....@dmarc.ietf.org> wrote:
On Tue, Mar 5, 2024 at 6:12 AM Alessandro Vesely <ves...@tana.it> wrote:
Section 5.3, in the format description of psd:
n: The DMARC policy record is published for a PSD, but it is the
Organizational Domain for itself and its subdomain. There is
no need to put psd=n in a DMARC record, except in the very
unusual case of a parent PSD publishing a DMARC record without
the requisite psd=y tag.
Perhaps a "not" is missing between "is" and "published"? I'd
just say the domain is not a PSD /and/ it is the
Organizational Domain for itself and its subdomain. >>>>>
You may be correct in your assertion here; I'll wait for others to weigh
in.
In the meantime, Issue 126 has been opened to track this.
I think it's missing a not, but is overwise fine.
John Levine commented directly on issue 126
<https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-dmarcbis/issues/126>,
indicating that he believes the text should read (emphasis added by me):
n: The DMARC policy record is published for a PSD, but it is NOT the
Organizational Domain for itself and its subdomain. There is
no need to put psd=n in a DMARC record, except in the very
unusual case of a parent PSD publishing a DMARC record without
the requisite psd=y tag.
I think this is the correct place to put the 'not', as it's consistent with
the second sentence here, as well as this text from the following sections:
I thought psd=n means the domain is not a PSD. Why would the text say
the opposite?
4.8 Organizational Domain Discovery - "If a valid DMARC record contains the
psd= tag set to 'n' (psd=n), this is the Organizational Domain, and the
selection process is complete."
This says psd=n means the domain IS the org domain.
11.8 Determination of Organizational Domain for Relaxed Alignment - "If a
PSD domain publishes a DMARC record without the appropriate psd=y tag,
organizational domain owners can add psd=n to their organizational domain's
DMARC record so that the PSD record will not be incorrectly evaluated to be
the organizational domain."
Ditto.
Besides, to say that a record is "published for" may sound as indicating
who are the target readers of such publication. Holding that a domain
owner publishes psd=n in the hope that its PSO will read it and
consequently amend its own record is not a valid interpretation of the
text proposed above...
Shouldn't it be thus:
n: The domain is NOT a PSD, it is the Organizational Domain for
itself and its subdomain. There is no need to put psd=n in a
DMARC record, except in the very unusual case of a parent PSD
publishing a DMARC record without the requisite psd=y tag.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc