Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

Doug In looking for domain presence most folks will look at the domain itself. There are a few web tools to enumerate such as https://dnschecker.org/ Some examples https://dnschecker.org/#MX/dmarc.org https://dnschecker.org/#TXT/dmarc.org https://dnschecker.org/#TXT/_dmarc.dmarc.org There are

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

In article <553d43c8d961c14bb27c614ac48fc03128116...@umechpa7d.easf.csd.disa.mil> you write: >Section 2.7. defines a non-existent domain as "a domain for which there is an >NXDOMAIN or NODATA response for A, , and MX >records. This is a broader definition than that in NXDOMAIN [RFC8020]."

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

Thank you for the pointer Eric. Can someone explain why the chosen algorithm, which requires testing multiple conditions, is preferable to a single query for a name server record? Minimizing DNS traffic has been part of our recent discussion, and minimizing software complexity is always a

Re: [dmarc-ietf] Proposed Introduction and Abstract (was I-D Action: draft-ietf-dmarc-dmarcbis-00.txt)

This thread hasn't generated any discussion or momentum yet, and I know that's not because y'all have found the proposed text for the Abstract and Introduction to be acceptable, so I'm going to add the text to this thread and see where the discussion leads.

Re: [dmarc-ietf] How does PSD for DMARC affect tree walk issue?

For domains and organizational domains that have DMARC policies, then there is no difference. For ones that don't, there is only one extra check and I think that often it will be cached to minimize the actual lookups needed in practice. Thanks, Eric Chudow DoD Cybersecurity Mitigations From:

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

Section 2.7. defines a non-existent domain as "a domain for which there is an NXDOMAIN or NODATA response for A, , and MX records. This is a broader definition than that in NXDOMAIN [RFC8020]." This should be sufficient for determining that the domain is not intended to be used and

[dmarc-ietf] How does PSD for DMARC affect tree walk issue?

PSD for DMARC specifies moving up one additional layer of the DNS tree to look for the PSD policy, but it has the effect of adding DMARC policies to all levels of participating public suffixes.How do we judge whether this workload will be acceptable or not if widely implemented? I ask

[dmarc-ietf] Minutes for DMARC meeting

All I've uploaded the minutes into the datatracker. Please take a look to make sure I captured everyone's comments correctly, and let us know updates. https://datatracker.ietf.org/meeting/109/materials/minutes-109-dmarc-00 thanks tim (for Alexey/Seth) # DMARC (Domain-based Message

Re: [dmarc-ietf] org domain and levine-dbound and dns-perimeter drafts

On Thu, Nov 19, 2020 at 7:39 AM Alessandro Vesely wrote: > On 18/11/2020 22:33, John R Levine wrote: > >> On 11/18/2020 12:44 PM, John Levine wrote: > >>> so I encourage the group to limit the debate to the existing Org/PSL > >>> kludge and a tree walk. > >> > >> "and a tree walk" is not a minor

Re: [dmarc-ietf] org domain and levine-dbound and dns-perimeter drafts

On 18/11/2020 22:33, John R Levine wrote: On 11/18/2020 12:44 PM, John Levine wrote: so I encourage the group to limit the debate to the existing Org/PSL kludge and a tree walk. "and a tree walk" is not a minor 'and'.  neither conceptually nor operationally.  assurances to the contrary