We have a request for 8, however weakly documented We set N to prevent using long names as. DoS attack. I am doubtful that such attacks would appear beneficial to an attacker, but a limit is appropriate.
I do not see 8 as a significant incremental performance problem, over 5, so not a DoS issue. On the other hand, we created the ability to have partitioned organizations, so equity considerations come to mind. If any org is to have ability to partition at org+2,:then rhee number should be at least 6, right? On Mon, Apr 15, 2024, 7:43 AM Alessandro Vesely <ves...@tana.it> wrote: > On Mon 15/Apr/2024 13:16:50 +0200 Douglas Foster wrote: > > Our original choice of N was based on the PSL. The PSL could not > detect > > organizational boundaries could not boundaries below level 5, because it > had no > > entries longer than 5 labels, and we determined that the 5-label entries > were > > not used for mail. Therefore, any increase in N is new capability. > That > > new capability is probably desirable, but need not be limitless. Using > an N of > > 8 introduces a lot of new capability. > > > 8 is not needed and not justified. A mail site using 8 labels would have > troubles with the RFC 7489 version, which uses the PSL. They'd have to > ask for > PSL upgrades, right? > > Now, we can relax our ambition to be PSL-free and state N=max number of > labels > of public suffixes used by mail. Or we could put N in an IANA registry > that > can be updated by expert review. Such methods allow to have N low enough, > yet > upgradable and equal for all (compliant) implementations. > > Otherwise we can drop the requirement that N be equal for all > implementations, > and just make it configurable. After all, it is an anti-abuse measure, > akin to > SPF lookup limit. We can also keep it fixed at 5 and be sure that > implementations will differ anyway. > > > Best > Ale > -- > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
