Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

slightly less problematic. Doug Foster From: Tim Wicinski [mailto:tjw.i...@gmail.com] Sent: Thursday, November 19, 2020 11:04 PM To: fost...@bayviewphysicians.com Cc: IETF DMARC WG Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP Doug In looking for

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Sat, Nov 21, 2020 at 5:32 PM Douglas E. Foster wrote: > On tree walk, I was working from John Levine's proposal, which assumes > that a tree walk has to be distance limited for performance reasons. He > tentatively proposed four levels. If you walk up the tree and find no > DMARC entry, th

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

quot; Sent: 11/21/20 8:05 PM To: Doug Foster Cc: "dmarc@ietf.org" Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP On Sat, Nov 21, 2020 at 5:02 PM Murray S. Kucherawy wrote: On Sat, Nov 21, 2020 at 3:12 PM Douglas E. Foster wrote: - If unregistered

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Sat, Nov 21, 2020 at 5:02 PM Murray S. Kucherawy wrote: > On Sat, Nov 21, 2020 at 3:12 PM Douglas E. Foster 40bayviewphysicians@dmarc.ietf.org> wrote: > >> - If unregistered domains are tolerated, PSD for DMARC helps address the >> problem of a unauthorized domains underneath a public suf

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Sat, Nov 21, 2020 at 3:12 PM Douglas E. Foster wrote: > - If unregistered domains are tolerated, PSD for DMARC helps address the > problem of a unauthorized domains underneath a public suffix, such as " > example.uk". But what DMARC policy will solve the problem of an invalid > TLD, such as "

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Sat, Nov 21, 2020 at 11:26 AM Douglas E. Foster < fost...@bayviewphysicians.com> wrote: > Does a transient outage report NXDOMAIN, or a different status? > Depends on the nature of the outage, I suppose. An unreachable nameserver should typically result in a SERVFAIL, but I can imagine miscon

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

2 PM To: Doug Foster Cc: Doug Foster , IETF DMARC WG Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP On Sat, Nov 21, 2020 at 9:02 AM Douglas E. Foster wrote: Restating what we all know: - The Internet is dependent on the reliable operation of the DNS name sy

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

Does a transient outage report NXDOMAIN, or a different status? Original message From: "Murray S. Kucherawy" Date: 11/21/20 2:12 PM (GMT-05:00) To: Doug Foster Cc: Doug Foster , IETF DMARC WG Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Def

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Sat, Nov 21, 2020 at 9:02 AM Douglas E. Foster wrote: > Restating what we all know: > - The Internet is dependent on the reliable operation of the DNS name > system. > - The DNS name system is dependent on the reliable operation of the name > registration processes. > - The registrars are give

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

8:58 AM To: Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP To return briefly to the muddy waters that I created. John is correct that "mail enabled" is not useful for the RFC5322.From address, and my last note expanded on reasons why that is correct. Howe

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Fri, Nov 20, 2020 at 5:57 AM Doug Foster wrote: > > However, spoofing of non-existent subdomains is a potential problem for the > RFC5321.MailFrom domain, which then becomes an attack vector for the > RFC5322.From address as well. The problem exists because because SPF has > no > organization

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Chudow, Eric B CIV NSA DSAW (USA) Sent: Friday, November 20, 2020 6:29 AM To: 'John Levine'; 'dmarc@ietf.org' Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP Thank you, John. I agree that it

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

s not appropriate. Doug Foster From: eric.b.chudow.civ=40mail@dmarc.ietf.org Sent: 11/20/20 6:30 AM To: 'John Levine' , "'dmarc@ietf.org'" Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP In article <553d43c8d961c14bb27c614ac48fc03128116...@umechpa7d.easf.csd.disa.mil> you write: >Section 2.7. defines a non-existent domain as "a domain for which there >is an NXDOMAIN or NODATA response for A

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

On Thu, Nov 19, 2020 at 7:44 PM Douglas E. Foster wrote: > How do I check a domain for presence or absence of A, , or MX records? > I thought most domains were protected from enumeration, so one had to know > a name to find out if it is defined > Do you mean what does the DNS question look l

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

ns were protected from enumeration, so one had to know > a name to find out if it is defined > > DF > > > -- > *From*: "Douglas E. Foster" > *Sent*: 11/19/20 9:27 PM > *To*: "IETF DMARC WG" > *Subject*: RE: [dmarc-ietf] Se

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

In article <553d43c8d961c14bb27c614ac48fc03128116...@umechpa7d.easf.csd.disa.mil> you write: >Section 2.7. defines a non-existent domain as "a domain for which there is an >NXDOMAIN or NODATA response for A, , and MX >records. This is a broader definition than that in NXDOMAIN [RFC8020]." T

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

oster" Sent: 11/19/20 9:27 PM To: "IETF DMARC WG" Subject: RE: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP Thank you for the pointer Eric. Can someone explain why the chosen algorithm, which requires testing multiple conditions, is preferable to a single que

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

From: Doug Foster Sent: Tuesday, November 17, 2020 9:46 AM To: 'IETF DMARC WG' Cc: dmarc-cha...@ietf.org Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP I did not see a definition of a "non-existent domain" (the np policy). A definition i

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

; Cc: dmarc-cha...@ietf.org Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP I did not see a definition of a “non-existent domain” (the np policy).   A definition is needed. To my thinking, the obvious rule should be to query for a NS record for the domain.  If the re

Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

I did not see a definition of a “non-existent domain” (the np policy). A definition is needed. To my thinking, the obvious rule should be to query for a NS record for the domain. If the record exists, then the domain owner could create a DMARC record for that domain, or could create a def