From nobody Mon Dec 2 07:56:56 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EA7712080D for ; Mon, 2 Dec 2019 07:56:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VQS0Uta0jdhr for ; Mon, 2 Dec 2019 07:56:52 -0800 (PST) Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A61A1120800 for ; Mon, 2 Dec 2019 07:56:52 -0800 (PST) Received: by mail-io1-xd30.google.com with SMTP id s2so5541176iog.10 for ; Mon, 02 Dec 2019 07:56:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1QX0JEIXcKyMlZ9mGUh9umjBeqzrZ6cyZYQ/AV3E+eU=; b=BejhXMtWdCvk6aKp783/wfwoYStnQSqjCsUC9cg6Zopd1Rxe8rbtDpURkgfDg2KrpT nF/6OJim6YPJBDBhQ1ELgdE5Gr8ygEoQIQNRAQAsq+UL1HgJAuUKuaQbeeCnFru6WdJi NO3cXXMh1BL3OHfCkTD+RfYNGrqPk3xpZ94o0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1QX0JEIXcKyMlZ9mGUh9umjBeqzrZ6cyZYQ/AV3E+eU=; b=lstxK1JVZTMkhftB3GX3V7tTYJU20DgnaK2Y9gPpYtt/qhamtS5WNRIJP0OXMofkIJ TZ1luQQhF+UDz9vVXyTTVWu4E7t7cg9THBLoew66Dlo1Lg22YKrQ4G3W72E/4itYSDFT 997sH1q81ZIJNdFTi+QKZHW79M6Ms9WJM+sBenn9FqVL3iqXKtgodg1ChFzez/IdDRPm r7Ofrj2byzPWe/lncLCw7tZd+moCOS2Q9hBs91hBBegryjkQy8aRl41yM27N2pLEmshH aQNRT38PR7lVAvuvynF1Y4UYtUNHu5SDCojAaxLnEH+CyYKW7jVxfLzCzzaVPfCse4nR n1Bw== X-Gm-Message-State: APjAAAXSSIV2jUVKEq5wKQ3x0LfMERDS9sdcpboes43HryHkqJPWkQuu 5/eBwzEOtNX1B06atnLvN4DO4THlGiluyH1DrCkuaw== X-Google-Smtp-Source: APXvYqygdzkd6cGKBVrPb6WrCPqjHnS1qXUrhy9dVwzibS7FDKiRRFMGAy/clXijtdqZaX4b0sq6bGuh5IalZjo4aDs= X-Received: by 2002:a02:c009:: with SMTP id y9mr15625jai.111.1575302211693; Mon, 02 Dec 2019 07:56:51 -0800 (PST) MIME-Version: 1.0 References: <458060E1B9558124988A46B7@PSB> <2E5DE6BD20354824E99E564F@PSB> <84F1134E-5031-46BB-8C78-9E76FF971100@episteme.net> <79130263-06d5-6a63-e6c6-81b67695eb48@tana.it> In-Reply-To: From: "Kurt Andersen (b)" Date: Mon, 2 Dec 2019 07:56:37 -0800 Message-ID: To: Dave Crocker Cc: Alessandro Vesely , dmarc-ietf , John C Klensin Content-Type: multipart/alternative; boundary="000000000000be0f100598baa029" Archived-At: Subject: Re: [dmarc-ietf] From: rewriting, was Email standard revision X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2019 15:56:55 -0000 --000000000000be0f100598baa029 Content-Type: text/plain; charset="UTF-8" There's also already RFC7960 which expands upon 5598 with specific reference to DMARC's impact. On Sat, Nov 30, 2019 at 7:37 AM Dave Crocker wrote: > On 11/30/2019 4:40 AM, Alessandro Vesely wrote: > > Let me quote this from the ietf-smtp mailing list: > > On Sat 30/Nov/2019 00:12:53 +0100 John C Klensin wrote: > > --On Friday, 29 November, 2019 11:16 -0600 Pete Resnick wrote: > [...] > > Even the "From: rewriting" issue is > a gatewaying issue, not a message format issue per se. > > That is less clear. It fits into the gray area that has existed > for years about just exactly what a mailing list exploder / > redistribution system really is. > > > This view is reasonable only if one re-defines accepted terminology and ignores some basic technical facts. > > A user specifies a recipient address. The message is posted and then > delivered to that address. > > That simple process describes basic email handling, and has been the > accepted view for roughly 40 years. > > And it describes the /first/ leg of a message sent /through/ a mailing > list. > > For the second leg, a bot at that address /re-/posts the message. In > simple, formal email technical terms, this is an entirely new email > transaction. > > It isn't 'gatewaying' per se, since that term applies to transit between > heterogeneous systems, but it /is/ a higher-level process. > > If only we had a document that discussed all this coherently, defined > basic terminology, and had undergone IETF review and approval. If only we > had RFC 5598... > > > d/ > > -- > Dave Crocker > Brandenburg InternetWorkingbbiw.net > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > --000000000000be0f100598baa029 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There's also already RFC7960 which expands upon 5598 w= ith specific reference to DMARC's impact.

On Sat, Nov 30, 2019 at 7:37 A= M Dave Crocker <dcrocker@gmail.com= > wrote:
=20 =20 =20
On 11/30/2019 4:40 AM, Alessandro Vesely wrote:
Let me quote this from the ietf-smtp mailing list:

On Sat 30/Nov/2019 00:12:53 +0100 John C Klensin wrote:

--On Friday, 29 November, 2019 11:16 -0600 Pete Resnick wrote:
[...]=20

Even the "From: rewriting" issue is
a gatewaying issue, not a message format issue per se.

That is less clear.  It fits into the gray area that has existed
for years about just exactly what a mailing list exploder /
redistribution system really is.  


This view is reasonable only if one re-defines accepted terminolog=
y and ignores some basic technical facts.
A user specifies a recipient address. The message is posted and then delivered to that address.=C2=A0

That simple process describes basic email handling, and has been the accepted view for roughly 40 years.

And it describes the /first/ leg of a message sent /through/ a mailing list.

For the second leg, a bot at that address /re-/posts the message.=C2=A0 In simple, formal email technical terms, this is an entirely new email transaction.=C2=A0

It isn't 'gatewaying' per se, since that term applies to= transit between heterogeneous systems, but it /is/ a higher-level process.

If only we had a document that discussed all this coherently, defined basic terminology, and had undergone IETF review and approval.=C2=A0 If only we had RFC 5598...


d/
--=20
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
--000000000000be0f100598baa029-- From nobody Mon Dec 2 08:29:44 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 459CB120077 for ; Mon, 2 Dec 2019 08:29:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6OsqDeIgF4r3 for ; Mon, 2 Dec 2019 08:29:41 -0800 (PST) Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDB10120018 for ; Mon, 2 Dec 2019 08:29:41 -0800 (PST) Received: by mail-ot1-x333.google.com with SMTP id k14so15963802otn.4 for ; Mon, 02 Dec 2019 08:29:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=pKsYmGVyiTTfmOfWvPjUwUTLBHT26IeAEDHL2DA+Kdc=; b=u+Y3QEdKrGfX81KP0qO2FUT2jojg3QKyzvrCKMGgXsODACILsudiDhAYEYVjO2aX3l fWwVr8m9bFfr1cpcyOm5TeMxnBLDi9KAWG8c4mxErmFzrMYMVkhaW8kz6zQ0AlmsaE8S ghJeYZ1n/NkWIQ40hImOldkQ/jV2uqtJsk4rl3V57FaFJ6FcGAzGZRYulxn9gLpRyz7y GamSaB9iqu0XLaeB/cwC+7UcjvJm5XdPtT9HKGFSzIqvTUNkb28b6p9Y9r25jba3dT9f ibAY7RvJktZMkAn13z1nu8RObNPnKZ/ztujRtKQD0vmojyMZApcWBimYeGfEWjwrmS0Q bl9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=pKsYmGVyiTTfmOfWvPjUwUTLBHT26IeAEDHL2DA+Kdc=; b=lRxGAZeOah6ikZTu2817iCyyU3+smk8Nm0cdntudIvZrcFa9LpArieyiU5KXjW24pi xBaDMRu2rgrTvRvYB53AtFht/p41JAN6Wb+KhBAWeVXMY0ltFgQ1/+jpNHMEGNmaBKVp KJx2twdPVwc0rn5aDi7BOYwlvVLQWhAR2LBVCie/+YUJ+X46e79mFcOmHCIbspPlqLH1 LkD5LYk3QVhCFZ5pNdilI/81m653GOMNamZWW0FL4bvd6MvGlwPWjur6KuN9I9XUmepq lphQN06qk6jMcHj7Hy36veYHusdnRrBmLESPJikgoYyT2LV7aUyKTzL5VkILdbiNFktN htkA== X-Gm-Message-State: APjAAAWv7ce/k2Eoj4cOAT/Oba1rtPrrRCOk+GOU4FFMtolon+sHZYyF lIqVqpI524Bu4scmoZZvMSw= X-Google-Smtp-Source: APXvYqx453d6/xPBofwQMS/JGS0Lm3nIdUwMPuT5GyHAtzSxQ8vC1uXm5PDW92FNx81mcS6tjW13Tw== X-Received: by 2002:a9d:66ca:: with SMTP id t10mr10762271otm.352.1575304180841; Mon, 02 Dec 2019 08:29:40 -0800 (PST) Received: from ?IPv6:2600:1700:a3a0:4c80:918d:344a:cfb0:d1b? ([2600:1700:a3a0:4c80:918d:344a:cfb0:d1b]) by smtp.gmail.com with ESMTPSA id 47sm320579otf.54.2019.12.02.08.29.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Dec 2019 08:29:40 -0800 (PST) To: "Kurt Andersen (b)" Cc: Alessandro Vesely , dmarc-ietf , John C Klensin References: <458060E1B9558124988A46B7@PSB> <2E5DE6BD20354824E99E564F@PSB> <84F1134E-5031-46BB-8C78-9E76FF971100@episteme.net> <79130263-06d5-6a63-e6c6-81b67695eb48@tana.it> From: Dave Crocker Message-ID: <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> Date: Mon, 2 Dec 2019 08:29:35 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------EEC363E82FB7674D63E4EA84" Content-Language: en-US Archived-At: Subject: Re: [dmarc-ietf] From: rewriting, was Email standard revision X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2019 16:29:43 -0000 This is a multi-part message in MIME format. --------------EEC363E82FB7674D63E4EA84 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit On 12/2/2019 7:56 AM, Kurt Andersen (b) wrote: > There's also already RFC7960 which expands upon 5598 with specific > reference to DMARC's impact. ahh. thanks. It will help to have folk comment on the IETF mailing list, so that Klensin's comments don't just get responses from me. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net --------------EEC363E82FB7674D63E4EA84 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit
On 12/2/2019 7:56 AM, Kurt Andersen (b) wrote:
There's also already RFC7960 which expands upon 5598 with specific reference to DMARC's impact.

ahh. thanks.

It will help to have folk comment on the IETF mailing list, so that Klensin's comments don't just get responses from me.

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net
--------------EEC363E82FB7674D63E4EA84-- From nobody Mon Dec 2 09:12:00 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E3B812081B for ; Mon, 2 Dec 2019 09:11:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2FLxnZJ-GAaS for ; Mon, 2 Dec 2019 09:11:56 -0800 (PST) Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7372120817 for ; Mon, 2 Dec 2019 09:11:56 -0800 (PST) Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from ) id 1ibpEn-0000Ex-E3; Mon, 02 Dec 2019 12:11:53 -0500 Date: Mon, 02 Dec 2019 12:11:47 -0500 From: John C Klensin To: Dave Crocker , "Kurt Andersen (b)" cc: Alessandro Vesely , dmarc-ietf Message-ID: <457C81343E3DB1B1D58910E4@PSB> In-Reply-To: <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> References: <458060E1B9558124988A46B7@PSB> <2E5DE6BD20354824E99E564F@PSB> <84F1134E-5031-46BB-8C78-9E76FF971100@episteme.net> <79130263-06d5-6a63-e6c6-81b67695eb48@tana.it> <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-SA-Exim-Connect-IP: 198.252.137.10 X-SA-Exim-Mail-From: john-ietf@jck.com X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false Archived-At: Subject: Re: [dmarc-ietf] From: rewriting, was Email standard revision X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2019 17:11:58 -0000 --On Monday, December 2, 2019 08:29 -0800 Dave Crocker wrote: > On 12/2/2019 7:56 AM, Kurt Andersen (b) wrote: >> There's also already RFC7960 which expands upon 5598 with >> specific reference to DMARC's impact. > > ahh. thanks. > > It will help to have folk comment on the IETF mailing list, so > that Klensin's comments don't just get responses from me. Unfortunately, 7960 does not explicitly update 5598, so that relationship is difficult for anyone not heavily involved to discover (that neither Dave nor I was aware of the relationship is probably symptomatic). This may eventually call for an update that replaces both documents or may further justify a more or less comprehensive Applicability Statement for the core email protocols. Given that neither is Standards Track, it is not clear what aspects of them require incorporation into 5321bis and/or 5322bis. If we are going to open the latter documents, I look forward to that discussion at the appropriate time. john From nobody Mon Dec 2 09:21:06 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA587120849 for ; Mon, 2 Dec 2019 09:21:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0LagxhKFv0r0 for ; Mon, 2 Dec 2019 09:21:02 -0800 (PST) Received: from mail-io1-xd35.google.com (mail-io1-xd35.google.com [IPv6:2607:f8b0:4864:20::d35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58385120817 for ; Mon, 2 Dec 2019 09:21:02 -0800 (PST) Received: by mail-io1-xd35.google.com with SMTP id x1so139247iop.7 for ; Mon, 02 Dec 2019 09:21:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oTfDMpDWI3JqpFjFO1FQ/bhO5Dji3LjL/ITzABnsuQA=; b=fxi1AuDQokinha1kktQNOckoR7OaxAoyRoG/kUdo2Nm/WyYCCwyPMBZf6lW377hleZ 6egrAI89Jg7uWxD8n20v09/5ztkoGxq8VbCU6OUObXzYIHorgjsYDWVdLmPD6MfX/gnd ie5LSRSZOefWQV0d9Biz6NRm2R08erL8bCVR8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oTfDMpDWI3JqpFjFO1FQ/bhO5Dji3LjL/ITzABnsuQA=; b=q5wKTyQt+hUQZuVYateK8nb+i9iFBGaaVGJ3lqKgq1hMf+xQvH+tZdwW+EwIuFTQM4 dyZUpPCLp6q4O6J7k3RgcbsojPKFiIID9vxL9qupO/P6gNS1EDx06UuD5OMLZugDVuzf aGRWTL/87hfFOo7I+8T14mQWaK0q+AKeURAdhu6qIyV6u701P3kBsE182oMxtEhfCYAY cZxTrQhYUUz0xTYJ2vZv4zmuWW5Ber35agLoZvyfqnOvwdGExcNj0SY9K1A7b448/uwO HrHpFqgdAuiT6CORJ7e1rk7i7rYajj7G3fhwkTUcXQFZZbt1khZy7xajC3anP6yRs4J1 MJLA== X-Gm-Message-State: APjAAAWLX4yuuaKD0Fp9ksLZ8BaYwQoqI496Ze2h4dkB1m+4udqFSUTb pC5aXL3Q/8xD/9cpBQqhOPR4BLrEbKzf3aZZ6qtOvg== X-Google-Smtp-Source: APXvYqxUidYOpRhm82K9fG0RUU78MqRLhPJklEBQdVDjTZGFhSuvnWEDvnJDXOYrgdU3Va/LCSLTRQ/47D3VC0Ly1kQ= X-Received: by 2002:a5d:94ca:: with SMTP id y10mr57546075ior.104.1575307261297; Mon, 02 Dec 2019 09:21:01 -0800 (PST) MIME-Version: 1.0 References: <458060E1B9558124988A46B7@PSB> <2E5DE6BD20354824E99E564F@PSB> <84F1134E-5031-46BB-8C78-9E76FF971100@episteme.net> <79130263-06d5-6a63-e6c6-81b67695eb48@tana.it> <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> <457C81343E3DB1B1D58910E4@PSB> In-Reply-To: <457C81343E3DB1B1D58910E4@PSB> From: "Kurt Andersen (b)" Date: Mon, 2 Dec 2019 09:20:46 -0800 Message-ID: To: John C Klensin Cc: Dave Crocker , Alessandro Vesely , dmarc-ietf Content-Type: multipart/alternative; boundary="000000000000b8f0c50598bbcd98" Archived-At: Subject: Re: [dmarc-ietf] From: rewriting, was Email standard revision X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2019 17:21:06 -0000 --000000000000b8f0c50598bbcd98 Content-Type: text/plain; charset="UTF-8" On Mon, Dec 2, 2019 at 9:11 AM John C Klensin wrote: > > --On Monday, December 2, 2019 08:29 -0800 Dave Crocker > wrote: > > > On 12/2/2019 7:56 AM, Kurt Andersen (b) wrote: > >> There's also already RFC7960 which expands upon 5598 with > >> specific reference to DMARC's impact. > > > > ahh. thanks. > > > > It will help to have folk comment on the IETF mailing list, so > > that Klensin's comments don't just get responses from me. > > Unfortunately, 7960 does not explicitly update 5598, so that > relationship is difficult for anyone not heavily involved to > discover (that neither Dave nor I was aware of the relationship > is probably symptomatic). This may eventually call for an > update that replaces both documents or may further justify a > more or less comprehensive Applicability Statement for the core > email protocols. In this regard I think that something like Hector's "practitioner's guide" (probably as a BCP rather than a protocol standard) would be immensely helpful and meet this need. Maybe we need to look for making a trilogy of docs rather than just a duet: *21, *22, *23 :-) --Kurt --000000000000b8f0c50598bbcd98 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Dec 2, 2019 at 9:11 AM John C Kle= nsin <john-ietf@jck.com> wro= te:

--On Monday, December 2, 2019 08:29 -0800 Dave Crocker
<dcrocker@gmail.= com> wrote:

> On 12/2/2019 7:56 AM, Kurt Andersen (b) wrote:
>> There's also already RFC7960 which expands upon 5598 with
>> specific=C2=A0 reference to DMARC's impact.
>
> ahh. thanks.
>
> It will help to have folk comment on the IETF mailing list, so
> that Klensin's comments don't just get responses from me.

Unfortunately, 7960 does not explicitly update 5598, so that
relationship is difficult for anyone not heavily involved to
discover (that neither Dave nor I was aware of the relationship
is probably symptomatic).=C2=A0 This may eventually call for an
update that replaces both documents or may further justify a
more or less comprehensive Applicability Statement for the core
email protocols.=C2=A0

In this regard I th= ink that something like Hector's "practitioner's guide" (= probably as a BCP rather than a protocol standard) would be immensely helpf= ul and meet this need. Maybe we need to look for making a trilogy of docs r= ather than just a duet: *21, *22, *23 :-)

--Kurt
=C2=A0
--000000000000b8f0c50598bbcd98-- From nobody Mon Dec 2 09:41:19 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 174DD120048 for ; Mon, 2 Dec 2019 09:41:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D2PwV9JuLC7W for ; Mon, 2 Dec 2019 09:41:14 -0800 (PST) Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FB8212003E for ; Mon, 2 Dec 2019 09:41:14 -0800 (PST) Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from ) id 1ibphA-0000HA-A8; Mon, 02 Dec 2019 12:41:12 -0500 Date: Mon, 02 Dec 2019 12:41:06 -0500 From: John C Klensin To: "Kurt Andersen (b)" cc: Dave Crocker , Alessandro Vesely , dmarc-ietf Message-ID: In-Reply-To: References: <458060E1B9558124988A46B7@PSB> <2E5DE6BD20354824E99E564F@PSB> <84F1134E-5031-46BB-8C78-9E76FF971100@episteme.net> <79130263-06d5-6a63-e6c6-81b67695eb48@tana.it> <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> <457C81343E3DB1B1D58910E4@PSB> X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-SA-Exim-Connect-IP: 198.252.137.10 X-SA-Exim-Mail-From: john-ietf@jck.com X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false Archived-At: Subject: Re: [dmarc-ietf] From: rewriting, was Email standard revision X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2019 17:41:16 -0000 --On Monday, December 2, 2019 09:20 -0800 "Kurt Andersen (b)" wrote: > On Mon, Dec 2, 2019 at 9:11 AM John C Klensin > wrote: > >> >> --On Monday, December 2, 2019 08:29 -0800 Dave Crocker >> wrote: >> >> > On 12/2/2019 7:56 AM, Kurt Andersen (b) wrote: >> >> There's also already RFC7960 which expands upon 5598 with >> >> specific reference to DMARC's impact. >> > >> > ahh. thanks. >> > >> > It will help to have folk comment on the IETF mailing list, >> > so that Klensin's comments don't just get responses from me. >> >> Unfortunately, 7960 does not explicitly update 5598, so that >> relationship is difficult for anyone not heavily involved to >> discover (that neither Dave nor I was aware of the >> relationship is probably symptomatic). This may eventually >> call for an update that replaces both documents or may >> further justify a more or less comprehensive Applicability >> Statement for the core email protocols. > > > In this regard I think that something like Hector's > "practitioner's guide" (probably as a BCP rather than a > protocol standard) would be immensely helpful and meet this > need. Maybe we need to look for making a trilogy of docs > rather than just a duet: *21, *22, *23 :-) Already proposed on the IETF list and in private interactions with the ADs. It is probably a good sign that several of us seem to be reaching similar conclusions. john From nobody Mon Dec 2 10:00:13 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE34B120048 for ; Mon, 2 Dec 2019 10:00:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ET55PZeuvj7U for ; Mon, 2 Dec 2019 10:00:10 -0800 (PST) Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com [IPv6:2607:f8b0:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B897612003E for ; Mon, 2 Dec 2019 10:00:10 -0800 (PST) Received: by mail-oi1-x22d.google.com with SMTP id b8so494594oiy.5 for ; Mon, 02 Dec 2019 10:00:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:references:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=tNn1SG8lwwyKHC9XtVbB1aK8bIgTSme9+fpZAgH2Adg=; b=bgyDHca7ehtha3foEdPuFBW6zCbpO8oApQocaH+dbkf71yoMa0uGrFzp2hLjdRD56A rz5hJnotdJLo4CZ6Nezm0jmzcuSHh04s7Aj1T/A6V/rYokToQh/32WgfLm8n1LxlQbAe mZvW9maScpKDjaSCp3FzHjW92YfXM1fQ2n5GlXRG5a1tFoJdhrvO3CCJyxHnsEzp4OfD 9NHz3sbF7P7U0howXlL7wwN0tgdgW04Q8JSYmkHuNbcUTWdODhleDG/Uv15PQgrIYFPN 9/tBVPiDtirHK15HhwKkDBn/D6HtcAxKCsl0wYKbh3p1BrdJTkgNI1LnHmjV1tfAVjTO YVNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=tNn1SG8lwwyKHC9XtVbB1aK8bIgTSme9+fpZAgH2Adg=; b=Bpq5VEnJ8+1mb4q+klb+5SO5n3EM7CpdoXWmF1QBg7k+ss6KHUE35TfEhnUdTbxEMS V5dKhVXg0x0BdeRNBpb+Hkk9/9yl739Q5Eo6H6E/PZkxDu1s3Qc+usKKzFOPIlllO7jD 1xfugYQm7r0DwU8HfiqaJcCawurvjI/C5gGUvQy7/008QkW4LTzKJjYzkW4JKP2SZBeO o5UD4ALhoSUirje66nAqBITRUI4iG7GMKYpRVMb1prVHyiyHN1hOIWU9Pz0q2KnXX+8s FdaL9eMMldgOdqQZAc4yZjGW+Q8b3oBmkL2zFoWRDW35iUojGJpGBZaXXNRI93ZcH5tI 8Qlg== X-Gm-Message-State: APjAAAXsElQaz7e/dKFssvc9pPUDcMBaN1zOW+i3oEYflpYw3/+eEsrs K7D+R0iMYA7pz+2HCjwd2YmPdKRr X-Google-Smtp-Source: APXvYqxFL2VFtMTuOvmOpM8uMp7cV/Hj1HmtziiiuzlU+eigTRatmAe9+upDi2ridqMkpjWtnluvvQ== X-Received: by 2002:a05:6808:682:: with SMTP id k2mr248782oig.66.1575309609536; Mon, 02 Dec 2019 10:00:09 -0800 (PST) Received: from ?IPv6:2600:1700:a3a0:4c80:918d:344a:cfb0:d1b? ([2600:1700:a3a0:4c80:918d:344a:cfb0:d1b]) by smtp.gmail.com with ESMTPSA id g8sm25189otq.19.2019.12.02.10.00.08 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Dec 2019 10:00:08 -0800 (PST) From: Dave Crocker To: dmarc-ietf References: <458060E1B9558124988A46B7@PSB> <2E5DE6BD20354824E99E564F@PSB> <84F1134E-5031-46BB-8C78-9E76FF971100@episteme.net> <79130263-06d5-6a63-e6c6-81b67695eb48@tana.it> <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> Message-ID: Date: Mon, 2 Dec 2019 10:00:05 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: <9dc4e992-db54-a9b9-edca-629e3285a1a7@gmail.com> Content-Type: multipart/alternative; boundary="------------83ACE310754A86F8EEAA8F5F" Content-Language: en-US Archived-At: Subject: Re: [dmarc-ietf] From: rewriting, was Email standard revision X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2019 18:00:12 -0000 This is a multi-part message in MIME format. --------------83ACE310754A86F8EEAA8F5F Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit On 12/2/2019 8:29 AM, Dave Crocker wrote: > It will help to have folk comment on the IETF mailing list, so that > Klensin's comments don't just get responses from me. Sorry, wrong venue. The discussion is on the ietf-smtp mailing list, but the request for others to participate remains! d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net --------------83ACE310754A86F8EEAA8F5F Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
On 12/2/2019 8:29 AM, Dave Crocker wrote:
It will help to have folk comment on the IETF mailing list, so that Klensin's comments don't just get responses from me.


Sorry, wrong venue.  The discussion is on the ietf-smtp mailing list, but the request for others to participate remains!


d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net
--------------83ACE310754A86F8EEAA8F5F-- From nobody Tue Dec 3 12:22:45 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C301F120033 for ; Tue, 3 Dec 2019 12:22:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZaeJ6_b9ICxu for ; Tue, 3 Dec 2019 12:22:42 -0800 (PST) Received: from mail-vk1-xa29.google.com (mail-vk1-xa29.google.com [IPv6:2607:f8b0:4864:20::a29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECC8A12000F for ; Tue, 3 Dec 2019 12:22:41 -0800 (PST) Received: by mail-vk1-xa29.google.com with SMTP id i18so1467028vkk.7 for ; Tue, 03 Dec 2019 12:22:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4/3gEX4+uo4vNfdHZv0rB3sQ6Kkwjp1BKc/+0PLlN7o=; b=Zjiappp1PEtwb9pakc9MNX9CK+7Hos3S4wMa6r3ZVt3lQM7Z4Z1VcTcdbziKEw5ZN7 zne5Fm825r2wlCi9HBzMqMTi8YOdZKKUpIzomtjZphC++XUGL5EA2n4swjrnE2dhXBjg E6f3IcviuPlnTma/oGDNeOg3hosmYy4+CRRYJmuzrchoygtO1ZxckipuTbf/sognXPTN 8a5/0lplTfNPC64E3ZHueywHRo40FkMbHcS5d4Z6t+jFM9oLxtODJ+YpjJU1g9wOjVxM MUs2gf4hceN94XqnRoZO/CkV2f6xlaLENaB6VAkx0wxDmxFQMVfagKz8OkLR1odEseqz PZEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4/3gEX4+uo4vNfdHZv0rB3sQ6Kkwjp1BKc/+0PLlN7o=; b=XUoGyEYE8LvCSU6nfY4iUcZrMMpS5hyE3ldbtZ26abJ6d/thiLsz8LIvtK8VybvfId fpwGl0hz941ueaC3qYLrijQrfYXgfrXxN+4THvhry0DOi0ZxFAUva59MMIfyQeKoQHNs 8IthHlkhJbxXeRv+50Vf1vHOG5+dnF/gtCzzUUQiD2U3IoSzcPxCvJ64H/UdEssprOBK OSg1TvsrIfEDzrce4bVgURyxmuV0RkbqUx/+D/fhs9hGBYX/NEK+0Hk2L+DCgZEsGaRa Og9xuN9RQ4qZLfFceRVeu8V1tnilUQk0EWbB84/U5vtyzqk97uVWsV49M4JHN1nzJo/t YDVw== X-Gm-Message-State: APjAAAXpdaYtBgcnaKth5nPwFM2EFpE8z8N8ebI3D5XXGHVPKyB9QHgO eS6PdCkp8Ll/ISQedzPG4+T99WzanjurJfBXRJRy7w== X-Google-Smtp-Source: APXvYqwg3qLRyFL9nPKeICKT9b0j+svgRJ1CfSQ9dzSdE23vTR+ZTRtQjb/tqc/+5WA+o+zRfV/ZfqpuFf2EWphTmHI= X-Received: by 2002:a1f:2a82:: with SMTP id q124mr4898601vkq.8.1575404560663; Tue, 03 Dec 2019 12:22:40 -0800 (PST) MIME-Version: 1.0 References: <20191111155410.12A31E9E35A@ary.qy> In-Reply-To: <20191111155410.12A31E9E35A@ary.qy> From: "Murray S. Kucherawy" Date: Tue, 3 Dec 2019 12:22:28 -0800 Message-ID: To: John Levine Cc: IETF DMARC WG Content-Type: multipart/alternative; boundary="0000000000003749560598d2759d" Archived-At: Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:22:44 -0000 --0000000000003749560598d2759d Content-Type: text/plain; charset="UTF-8" On Mon, Nov 11, 2019 at 7:54 AM John Levine wrote: > In article dxK5w@mail.gmail.com> you write: > >Just to be clear: The policy for changes to that registry is "Expert > >Review", but since the action that put it there was a document with IETF > >consensus, I'm pretty hesitant about just approving this change based on a > >formal request. I'd rather at least see some consensus discussion about > >it, or even better, a revision/update to RFC8601. > > Hey, wait, Expert Review is supposed to be considerably looser than RFC > Required. > Sure is. Since there's no danger of running out of token names, I'd encourage > you to accept new ptypes if they have a clear spec and a plausible use > case. In this instance, I think the description in the I-D is OK, but > for the use case I would like some evidence that someone, somewhere is > implementing it and doing something with the result. > As far as I know we're talking about "dnswl" which is a method, not a ptype. There is one known implementation (CourierMTA, I believe) which is the impetus for the registration. I think the name is constrained to whitelists even though DNS-published lists might have the opposite meaning, so I wish there had been some discussion before there was an implementation. But unless someone wants to argue a risk of actual harm from that, I don't see any reason not to approve it given its very limited deployment so far. Assuming the ptype we're talking about is "dns" which is defined in the same document, the definition is terse and there's not much guidance for the designated expert about what things should be allowed with respect to future registrations. I think Scott basically said the same thing. I'd like to see those points addressed before green lighting it. -MSK --0000000000003749560598d2759d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Nov 11, 2019 at 7:54 AM John Levi= ne <johnl@taugh.com> wrote:
In article <CAL0qLwbo1AtJ6LG1UuSSoBC-GwjdQsc5CA2h6q5VqMxH=3D<= a href=3D"mailto:dxK5w@mail.gmail.com" target=3D"_blank">dxK5w@mail.gmail.c= om> you write:
>Just to be clear: The policy for changes to that registry is "Expe= rt
>Review", but since the action that put it there was a document wit= h IETF
>consensus, I'm pretty hesitant about just approving this change bas= ed on a
>formal request.=C2=A0 I'd rather at least see some consensus discus= sion about
>it, or even better, a revision/update to RFC8601.

Hey, wait, Expert Review is supposed to be considerably looser than RFC Req= uired.

Sure is.

Since there's no danger of running out of token names, I'd encourag= e
you to accept new ptypes if they have a clear spec and a plausible use
case.=C2=A0 In this instance, I think the description in the I-D is OK, but=
for the use case I would like some evidence that someone, somewhere is
implementing it and doing something with the result.
<= br>
As far as I know we're talking about "dnswl" wh= ich is a method, not a ptype.=C2=A0 There is one known implementation (Cour= ierMTA, I believe) which is the impetus for the registration.=C2=A0 I think= the name is constrained to whitelists even though DNS-published lists migh= t have the opposite meaning, so I wish there had been some discussion befor= e there was an implementation.=C2=A0 But unless someone wants to argue a ri= sk of actual harm from that, I don't see any reason not to approve it g= iven its very limited deployment so far.

Assum= ing the ptype we're talking about is "dns" which is defined i= n the same document, the definition is terse and there's not much guida= nce for the designated expert about what things should be allowed with resp= ect to future registrations.=C2=A0 I think Scott basically said the same th= ing.=C2=A0 I'd like to see those points addressed before green lighting= it.

-MSK
--0000000000003749560598d2759d-- From nobody Tue Dec 3 12:36:07 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97C5F120072 for ; Tue, 3 Dec 2019 12:36:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.499 X-Spam-Level: X-Spam-Status: No, score=-1.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, PDS_BTC_ID=0.499, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hW7x40fxWd4T for ; Tue, 3 Dec 2019 12:36:02 -0800 (PST) Received: from mail-vs1-xe29.google.com (mail-vs1-xe29.google.com [IPv6:2607:f8b0:4864:20::e29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EECB12002F for ; Tue, 3 Dec 2019 12:36:02 -0800 (PST) Received: by mail-vs1-xe29.google.com with SMTP id y13so3290706vsd.9 for ; Tue, 03 Dec 2019 12:36:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jIWsRGVN+TVw2C9fOxSampYR+iDsQazZ1qvtdylJbh8=; b=Y4Zf+P6V7rEJnYGVwbOuxuarGfxiwMVhhA6KD4XsHI5o2OXf7aZHaN2kMA9FPnRomc Aov/W4qp9sFodjlxgVm4CXM36dQ9Mnh0yLl4Ci0hnyM5UqyLwiDyZaL2WvwMGqF3DnAa 99jgWcC8NSnEFpcFoprw6D8WfYjo8IElQHGGAO7rqFB/NQkrmxRqgcTEtVw41bnzh5ci D5ykMA8TlQ02wc9OaeVFdri/i9KNM7ynKmGyIBt5FcZaOZcL77ve8D6QUWCEf4XJMUvz +5bMEKXYBhrLXLvNLLxeG+mjufmASXpZwGdKp96OwsxOMctLIViFe/KZSl5P7iQg/68J 7YNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jIWsRGVN+TVw2C9fOxSampYR+iDsQazZ1qvtdylJbh8=; b=O15pAOoo5vxSZp5ZpUQqo18Ts2ePaaerT4hjI5EmYMkQMiB3eMzR4GjHhowFE+io/Z ttKhFHwhTIq/Kzc8g5gA3SH49HeklI8q0Is8YBRgRRplNqEsj86XtPpIhoefPt1Pi/pZ 26LE41wLFN9DdQ8ObuX7vPCUXcuzGsNviszqNDZsnZ5IyJMHlTxhlEb/24j+m9IgxC+Y imUN50TuENp7MzZ7yjjmbCXcKM9eALbzrlLYhHoTHN3D1h/LzBv61bFK0oMd1KeiPvtx ZLAR2CCtZBG9AfJXg5wcQDQPlu4jzK2Wgg6gpbtwa/lHHjEpNGrDGk+CWrcof9MlNa3l gBMg== X-Gm-Message-State: APjAAAV+0Vzc9xVmpoCxi15Rx8RNS2cmxkyGTV9mDEz4MDf9xxdNMeab Seb83TulnqDu5oUhxQoDR3weoU6uQIvt7c64hgo= X-Google-Smtp-Source: APXvYqx7nIQhdJhCBQuwJ9UeIHJdY+4fvn7yl0oR0gZMPv3cTDowblnk9GQkZW/PW0+OQODch/8Kg/kwG7BaOO1nSO8= X-Received: by 2002:a67:d198:: with SMTP id w24mr4260938vsi.13.1575405361324; Tue, 03 Dec 2019 12:36:01 -0800 (PST) MIME-Version: 1.0 References: <4783309.BXR8ZdE9c3@l5580> <7a21b80b-e6bb-d8b9-cf63-601a8d1e47e7@tana.it> In-Reply-To: From: "Murray S. Kucherawy" Date: Tue, 3 Dec 2019 12:35:49 -0800 Message-ID: To: Alessandro Vesely Cc: "Kurt Andersen (b)" , IETF DMARC WG Content-Type: multipart/alternative; boundary="000000000000f069620598d2a451" Archived-At: Subject: Re: [dmarc-ietf] Call for rfc8601 erratum (smtp.remote-ip), was Do is need a new ptype? X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:36:05 -0000 --000000000000f069620598d2a451 Content-Type: text/plain; charset="UTF-8" On Mon, Nov 11, 2019 at 1:23 AM Alessandro Vesely wrote: > >> That's not what the RFC Editor erratum system is for. The document > >> reflects what the WG intended to publish at the time, so this isn't an > >> erratum, it's a new change to the specification. > > Yes, as DE you could change it without an erratum. However, an erratum > would > serve as a justification to any reader who followed the definitions and > noticed > a mismatch. > No, I don't believe the designated experts are free to make edits to the registry spontaneously. I've never seen an erratum used to cause a change to a registry, but there's a first time for everything. The thing I note is that you're proposing here an erratum that retroactively claims a change to RFC8601 in anticipation of an RFC that came later (RFC8617). But it doesn't seem like the WG really thought of this at the time it advanced RFC8601 for publication. Indeed, the explicit definition of the "smtp" ptype in RFC8601 Section 2.3 is unchanged from the document it replaced. So again, this doesn't seem like proper use of an erratum. I think this group would make a better use of its time by discussing > rfc7489bis > than rfc8601bis. Indeed, yet here we are... :-) > If group consensus can be enough for the time being, an > erratum can also serve as a reminder. So I ask for it: > [...] > I think we need guidance from our Area Directors here. I think I'm fine with making the change, but I believe this is the wrong way to do it. -MSK --000000000000f069620598d2a451 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, Nov 11, 2019 at 1:23 AM Aless= andro Vesely <vesely@tana.it> w= rote:
>> T= hat's not what the RFC Editor erratum system is for.=C2=A0 The document=
>> reflects what the WG intended to publish at the time, so this isn&= #39;t an
>> erratum, it's a new change to the specification.

Yes, as DE you could change it without an erratum.=C2=A0 However, an erratu= m would
serve as a justification to any reader who followed the definitions and not= iced
a mismatch.

No, I don't believe the= designated experts are free to make edits to the registry spontaneously.
I've never seen an erratum used to cause a change to a= registry, but there's a first time for everything.

The thing I note is that you're proposing here an erratum that re= troactively claims a change to RFC8601 in anticipation of an RFC that came = later (RFC8617).=C2=A0 But it doesn't seem like the WG really thought o= f this at the time it advanced RFC8601 for publication.=C2=A0 Indeed, the e= xplicit definition of the "smtp" ptype in RFC8601 Section 2.3 is = unchanged from the document it replaced.=C2=A0 So again, this doesn't s= eem like proper use of an erratum.

I think this group would make a better us= e of its time by discussing rfc7489bis
than rfc8601bis.

Indeed, yet here we are...= :-)
=C2=A0
If group consensus can be enough for the time being, an
erratum can also serve as a reminder.=C2=A0 So I ask for it:
[...]

I think we need guidance from our= Area Directors here.=C2=A0 I think I'm fine with making the change, bu= t I believe this is the wrong way to do it.

-M= SK
--000000000000f069620598d2a451-- From nobody Tue Dec 3 12:40:57 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF95B120046 for ; Tue, 3 Dec 2019 12:40:55 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kzh6_aCcvr_l for ; Tue, 3 Dec 2019 12:40:53 -0800 (PST) Received: from mail-vk1-xa32.google.com (mail-vk1-xa32.google.com [IPv6:2607:f8b0:4864:20::a32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9BF512002F for ; Tue, 3 Dec 2019 12:40:53 -0800 (PST) Received: by mail-vk1-xa32.google.com with SMTP id t184so1496071vka.1 for ; Tue, 03 Dec 2019 12:40:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=nKrKSyqdkFtH/zTYwbgEeCSR7GFS8kq2GQQKYMTVh+k=; b=szL2ntEpt6dZETpKfP2qCXmuocJtk/hDVocQkjrbZeJ83pDdKwMcmt03VZZi4geA17 CmWlXMZZb3bIBGmDlxZFwQjKOXPGXKVemRGDTdW3ElTiUTJ6lsODbMi3JBW1GZUmrMGC TQ6GmoHypyd5kIp2TR1AHp/ACdRuCKAdH259pvqvi83DRbGcUJLf59GwP0LOJ2tnh4hx Hieb02Tz/OjMTGRSdO8h38kyOB7b+Tkg6ZltK0VtQ4hYg3yjuJLQ1lJqSGhoVI18KuDv mGdA/U9J9MSyEla0+KqAARgIoqJBl1W3XZLiftCfoOSFB7WXvwMcK97q1mWJGBheHOt5 4VeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=nKrKSyqdkFtH/zTYwbgEeCSR7GFS8kq2GQQKYMTVh+k=; b=A/od8fI7SGQmme/l6SXJv51nHE5uNdD04Dyj0/eWQwdXxmBztaP33q3OsROe3rFWrh 7iUUnLj3S1BViTo9rVmnmBXbYBYKTvbh5HV77XCcX+9/8S4XKK0SWsXPiShHc6Fkg+g2 4lm9JljohZkDtbjYxnbfUs11S2nT5V7dGWWQpiYjDcap32JBt2SYC8Ifzt41nfeDX99n NjSJFGpvoK7Fqm+myvYMx8OPdQG4U6nPUUOOlzF2vOVYA2X+D3+lPRiLIqlDFkoxkEyW ndpyW0zPPk4BwZTGoB4Qg2lz3kHdnuGKg4XQmCx7HzPKqfsCbCfqiwplHDBYLLQZaoBs XppA== X-Gm-Message-State: APjAAAXryvn3QW6Xupy6KYHxAsZv3MUAKw6Cl64yNPvQcdBen7JNkK9b 9UMIBRyblASDyfxHm5SQ/oT3Hrjq1suGmZym5I3Y+A== X-Google-Smtp-Source: APXvYqxIgUupsIMgY00efye39BVB3MtBUuIMsu/rIaPebu/Bp8AbZ9CKh76oERXfuTr7IW4TDSro+ThCR4RjVJ6vLNg= X-Received: by 2002:a1f:ccc7:: with SMTP id c190mr5085628vkg.15.1575405652623; Tue, 03 Dec 2019 12:40:52 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> In-Reply-To: <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> From: "Murray S. Kucherawy" Date: Tue, 3 Dec 2019 12:40:41 -0800 Message-ID: To: Dave Crocker Cc: "Kurt Andersen (b)" , Tim Wicinski , IETF DMARC WG , Scott Kitterman Content-Type: multipart/alternative; boundary="0000000000004d466d0598d2b692" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:40:56 -0000 --0000000000004d466d0598d2b692 Content-Type: text/plain; charset="UTF-8" On Mon, Nov 11, 2019 at 2:21 PM Dave Crocker wrote: > On 11/10/2019 11:34 PM, Murray S. Kucherawy wrote: > > * add text to the PSD draft making it clear that what it's describing is > an experiment whose outcome will be taken only as feedback to the revision > of the standard (i.e., this is not intended to be the final form of > anything), and it is not intended to be deployed outside of the > experiment's participants; > > Forgive me, but while everyone involved in this has extensive experience > and is trying to solve a real and serious issue, this is an astonishingly > naive view. > > The IETF does standards, not experiments. Not /real/ experiments. What > it calls an experiment mostly serves as market testing, with a smidgen of > engineering tuning later. For the most part, IETF experiments produce an > accepted/failed/needs-small-revisions range of results. What it does /not/ > produce is results along the lines of "that was interesting, now let's > start fresh and do the real standard." > > Perhaps there are exampls of IETF experiments that have permitted entirely > starting over, but mostly those only happen when there is a complete > failure, and those typically are called experiments. > Should I take this as advocating for running the experiment without publishing an RFC about it? Or do you have another suggestion? I don't think the idea of going back and fixing the DMARC-PSL separation issue first is tenable given how long it will take, compared to the urgent need to get some data here. -MSK --0000000000004d466d0598d2b692 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Nov 11, 2019 at 2:21 PM Dave Croc= ker <dhc@dcrocker.net> wrote:=
=20 =20 =20
On 11/10/2019 11:34 PM, Murray S. Kucherawy wrote:
=20
* add text to the PSD draft making it clear that what it's describing is an experiment whose outcome will be taken only as feedback to the revision of the standard (i.e., this is not intended to be the final form of anything), and it is not intended to be deployed outside of the experiment's participants; =20

Forgive me, but while everyone involved in this has extensive experience and is trying to solve a real and serious issue, this is an astonishingly naive view.

The IETF does standards, not experiments.=C2=A0 Not /real/ experiments.=C2=A0 What it calls an experiment mostly serves as marke= t testing, with a smidgen of engineering tuning later.=C2=A0 For the mo= st part, IETF experiments produce an accepted/failed/needs-small-revisions range of results.=C2=A0 What it does /not/ produce is results along the lines of "that was interesting, now let's start fresh and do the real standard."= ;

Perhaps there are exampls of IETF experiments that have permitted entirely starting over, but mostly those only happen when there is a complete failure, and those typically are called experiments.

Should I take this as advocating for running the experimen= t without publishing an RFC about it?=C2=A0 Or do you have another suggesti= on?

I don't think the idea of g= oing back and fixing the DMARC-PSL separation issue first is tenable given = how long it will take, compared to the urgent need to get some data here.

-MSK
--0000000000004d466d0598d2b692-- From nobody Tue Dec 3 12:42:00 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 505EE12003E for ; Tue, 3 Dec 2019 12:41:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G7FHZSD7aaGP for ; Tue, 3 Dec 2019 12:41:56 -0800 (PST) Received: from mail-vk1-xa35.google.com (mail-vk1-xa35.google.com [IPv6:2607:f8b0:4864:20::a35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7926212002F for ; Tue, 3 Dec 2019 12:41:56 -0800 (PST) Received: by mail-vk1-xa35.google.com with SMTP id x199so1484629vke.6 for ; Tue, 03 Dec 2019 12:41:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dNtdwIU28g06pJOELUKtguSfAxY2ta9Q3vH7xTJtYrk=; b=fBb2/xww5+iYzFjAbrLVABs9rH/5nT5Z12UHXC0HNiTKXVUoaUa7/Y5F2JXYHyr7Zv 419UfHayTLUBM9/iSd4XZMM9GC7039vV0+DzFlrGetObISt5zAIauz/MB7T+JuTB/3aq N05e9s3sBxwgoq9G5GOSeA6EcehxJEvgTEXrp9G7OnsPOGp6vYXkk8XV+a+Q9tVoXo6Q 4yv24ugHGmdGl2E8KjW7CFPFLS8s33YjHE9uwZNkxupTqx1W1svmi2IXAtCsAOG1EX2G wStgChlI9cBJDO6/yvLGKLgsTvRGiaNi3F27LQpde6inwjTCfhEG4n6h3qcHH4SfYjRn W4RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dNtdwIU28g06pJOELUKtguSfAxY2ta9Q3vH7xTJtYrk=; b=jue0snEJOQ8s5McEnLxRN4Zf/pDQpmk+pRinWlJsTMqP/qgwrLfvchq/T6QymJWMK5 V60xwjl83s4ovy2f4fDQChpb8W+F5bgX8XqamBi2J6Gx2adlml4wYOthwCwihrPff51v w3pCHqVVHN8PlteJhGbH4Xjh05tHQ2yAhns6/IQtOYe7ZTZpkd6EgAvadW8S5j8/z/Vy fFBO1gQr8SudBojv3/gFiz1s4dEa0ez+u7oNwHvb8Fl7+cUogmmkfTRW/NhHnkBhAUUA TpsgEy1a36gWnwawQdpo1WbohZEhgukEOcPOLIINUMM7vy8cF3y9MVpFLzwNM2sVAOmc /dyA== X-Gm-Message-State: APjAAAWAfQg3+bL03VAheNzdY9pC1UOzxyVUwRKueXE2ah3yT5TWggBX 8DIAfI1Z5PdTxKgLkkbkmZj2Eex2Q942kD1nnw04Lg== X-Google-Smtp-Source: APXvYqzSzCWJUIaaLXne9h6zNrWeAkqJM/0p/vE8ulcTXz7IoDTJx4gGJ5N7UAXP3xfPAyNPAhCfdGJ3Fvqt3c13D5I= X-Received: by 2002:a1f:3a8a:: with SMTP id h132mr5053461vka.95.1575405715078; Tue, 03 Dec 2019 12:41:55 -0800 (PST) MIME-Version: 1.0 References: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> In-Reply-To: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> From: "Murray S. Kucherawy" Date: Tue, 3 Dec 2019 12:41:43 -0800 Message-ID: To: =?UTF-8?B?0JTQuNC70Y/QvSDQn9Cw0LvQsNGD0LfQvtCy?= Cc: Seth Blank , IETF DMARC WG Content-Type: multipart/alternative; boundary="0000000000000646010598d2badd" Archived-At: Subject: Re: [dmarc-ietf] DMARCbis / Re: Collecting DMARC issues and nits for DMARC WG phase III - DMARC standardization X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:41:58 -0000 --0000000000000646010598d2badd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Nov 18, 2019 at 7:49 AM =D0=94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0=B0= =D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2 wrote: > who is going to work on DMARCbis document and is it realistic to finish i= t > with a year? > We haven't started the process of selecting editor(s) for it, but if anyone wants to volunteer, please do. -MSK --0000000000000646010598d2badd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Nov 18, 2019 at 7:49 AM =D0=94=D0= =B8=D0=BB=D1=8F=D0=BD =D0=9F=D0=B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2 <= dilyan.palauzov@aegee.org&= gt; wrote:
who is going to work on DMARCbis document and is it r= ealistic to finish it with a year?

We h= aven't started the process of selecting editor(s) for it, but if anyone= wants to volunteer, please do.

-MSK
--0000000000000646010598d2badd-- From nobody Tue Dec 3 12:46:48 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9676B12003E for ; Tue, 3 Dec 2019 12:46:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HrQoOkGT3Zs7 for ; Tue, 3 Dec 2019 12:46:44 -0800 (PST) Received: from mail-il1-x12e.google.com (mail-il1-x12e.google.com [IPv6:2607:f8b0:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BD2612002F for ; Tue, 3 Dec 2019 12:46:44 -0800 (PST) Received: by mail-il1-x12e.google.com with SMTP id z90so2442084ilc.8 for ; Tue, 03 Dec 2019 12:46:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=fyYZnX5QCsf+g3/fi1d3+Z7cisepkSce8RmE9OhCHy0=; b=IjENUW7SwLpjlywgj9lbdHQBg7aDXWLmsRZWfyuDsNmpFqoXR3xyts40wUhgRM2iHu KH+iYJL5wahrSApyOvlMx6U1cpzX8ZNb6DIP4ehxtUA0q5bt2AfRcLHuVzHiIgkPkOcG cByA/m2/ds6PbdOHy4id8mCcKjU+gPVNM2GL8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=fyYZnX5QCsf+g3/fi1d3+Z7cisepkSce8RmE9OhCHy0=; b=U3Z2y0DCrMTe0pOEXgRkvbisdCvotXUAI0tLCGFt6t2ExSNRiIzb2NIV47WG+eWJqM jwe0sp2yHqY540eshexEVU9LRBgNe/1ss5Ec6cJhhdSsQeI6JcMMkUNZg8a/ksnyVTO7 N6vIJcIkRWTTQNYITiag97THziQbrn6AE1GouwVrRA4a1LAD+uwg67NeLB5xsPzxRxxS mLk+zUUmAHsPUQ3qi39MFpum5YvZIUjCtU87g+YhazDl91tXXqfrX/Cbx1FgTKgN9SZK LEiUdk/mknoHuJu7xnj2JDvg5+soBfEq7gCB3TFIUrgLgovEb/VusDlRsahl049wmneF qpaQ== X-Gm-Message-State: APjAAAXOQ+kO4m3uAwi0UDdpk/fdgrUaY3A6YA8hqF5W9BN4ao9DJBOD wNlIFpGjJeHSuR5IriFjiKf6CtgKqsD9uxMhzqxg8Q== X-Google-Smtp-Source: APXvYqxczGULsU5K6V2EAFzHvHMIolhFdfB2ViKgVZ6Wdq6huIQMGanx4xQSe4LdyS9/scBzEkJQiYB9tyQEB5YQd0Y= X-Received: by 2002:a92:2450:: with SMTP id k77mr98751ilk.120.1575406003081; Tue, 03 Dec 2019 12:46:43 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> In-Reply-To: From: "Kurt Andersen (b)" Date: Tue, 3 Dec 2019 12:46:29 -0800 Message-ID: To: "Murray S. Kucherawy" Cc: Dave Crocker , Tim Wicinski , IETF DMARC WG , Scott Kitterman Content-Type: multipart/alternative; boundary="00000000000030e3c60598d2cb1b" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:46:47 -0000 --00000000000030e3c60598d2cb1b Content-Type: text/plain; charset="UTF-8" I think that if we could get a core set of receivers who would be willing to test this and report on their findings in 3-6 months, that would be great. --Kurt On Tue, Dec 3, 2019 at 12:40 PM Murray S. Kucherawy wrote: > On Mon, Nov 11, 2019 at 2:21 PM Dave Crocker wrote: > >> On 11/10/2019 11:34 PM, Murray S. Kucherawy wrote: >> >> * add text to the PSD draft making it clear that what it's describing is >> an experiment whose outcome will be taken only as feedback to the revision >> of the standard (i.e., this is not intended to be the final form of >> anything), and it is not intended to be deployed outside of the >> experiment's participants; >> >> Forgive me, but while everyone involved in this has extensive experience >> and is trying to solve a real and serious issue, this is an astonishingly >> naive view. >> >> The IETF does standards, not experiments. Not /real/ experiments. What >> it calls an experiment mostly serves as market testing, with a smidgen of >> engineering tuning later. For the most part, IETF experiments produce an >> accepted/failed/needs-small-revisions range of results. What it does /not/ >> produce is results along the lines of "that was interesting, now let's >> start fresh and do the real standard." >> >> Perhaps there are exampls of IETF experiments that have permitted >> entirely starting over, but mostly those only happen when there is a >> complete failure, and those typically are called experiments. >> > Should I take this as advocating for running the experiment without > publishing an RFC about it? Or do you have another suggestion? > > I don't think the idea of going back and fixing the DMARC-PSL separation > issue first is tenable given how long it will take, compared to the urgent > need to get some data here. > > -MSK > --00000000000030e3c60598d2cb1b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I think that if we could get a core set of receivers who w= ould be willing to test this and report on their findings in 3-6 months, th= at would be great.

--Kurt

On Tue, Dec 3, 2019 at 12= :40 PM Murray S. Kucherawy <super= user@gmail.com> wrote:
On Mon, Nov 11, 2019 at 2:2= 1 PM Dave Crocker <dhc@dcrocker.net> wrote:
=20 =20 =20
On 11/10/2019 11:34 PM, Murray S. Kucherawy wrote:
=20
* add text to the PSD draft making it clear that what it's describing is an experiment whose outcome will be taken only as feedback to the revision of the standard (i.e., this is not intended to be the final form of anything), and it is not intended to be deployed outside of the experiment's participants; =20

Forgive me, but while everyone involved in this has extensive experience and is trying to solve a real and serious issue, this is an astonishingly naive view.

The IETF does standards, not experiments.=C2=A0 Not /real/ experiments.=C2=A0 What it calls an experiment mostly serves as marke= t testing, with a smidgen of engineering tuning later.=C2=A0 For the mo= st part, IETF experiments produce an accepted/failed/needs-small-revisions range of results.=C2=A0 What it does /not/ produce is results along the lines of "that was interesting, now let's start fresh and do the real standard."= ;

Perhaps there are exampls of IETF experiments that have permitted entirely starting over, but mostly those only happen when there is a complete failure, and those typically are called experiments.

Should I take this as advocating for running the experimen= t without publishing an RFC about it?=C2=A0 Or do you have another suggesti= on?

I don't think the idea of g= oing back and fixing the DMARC-PSL separation issue first is tenable given = how long it will take, compared to the urgent need to get some data here.

-MSK
--00000000000030e3c60598d2cb1b-- From nobody Tue Dec 3 12:47:36 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A1EF12003E for ; Tue, 3 Dec 2019 12:47:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z1CjgVdYwCGF for ; Tue, 3 Dec 2019 12:47:33 -0800 (PST) Received: from mail-io1-xd35.google.com (mail-io1-xd35.google.com [IPv6:2607:f8b0:4864:20::d35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26F9B12002F for ; Tue, 3 Dec 2019 12:47:33 -0800 (PST) Received: by mail-io1-xd35.google.com with SMTP id z26so5365841iot.8 for ; Tue, 03 Dec 2019 12:47:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1vE+VZD59oBP+g5JIItgLCLCe2Ivvwco/9x0Kg/4QPY=; b=PDOF9wmWddy/BsAlScsvQ6nmFPCN9QWUKqKHMgVueNiywBFJSra9UJJAN7UgwEHsoP Xbs/def/Au5G3L2lRFB76kvTQ/0ZKHtm4EdeWdS5b70vWZw6HyHFuAlexlRTEf6v6A2D IKPY62ATMRcSvqC2DQTdGrYHfGDWo4h6VGdsE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1vE+VZD59oBP+g5JIItgLCLCe2Ivvwco/9x0Kg/4QPY=; b=lUSAsiQ47+dLiV7tMgG+myEvBtgpEL3LnL598mhksBbznXbsEjq9E6shxET4B0RLJW vfXVbpBcv39rWzlLOI8nUKzhlHnPoLCGZsn6WSdwZS+hMLrcQgt3syXiwCcj/HGGpE3r RO4nVsg5HCwq/iyo3gSxaSrANTBzsgK2rTzFosq0wxZ0DUYO2SJHt7g2vUgUC53xeIQ2 E+QTH1WDwdeb4pxR3do/nFwCWe6gWCOOfofTAEzYvmIqZ/mOsHjP6lUhDAZTx7+XkaRP sf+kuA42vDS/LkZE7EL05AeqPyhvOMw9ibYEHKOjkeNsyboNc+bEHXVIYGCUQvofeYpN X3IQ== X-Gm-Message-State: APjAAAUInuvEnM/zjqPg/aS6M+KeWuRMG4hDN6p+OgJViSe7T7088mja FqfXZK4FRqGLXesaKkqdO6o9JjqcwgGYod/XCxMemAwzAjubTw== X-Google-Smtp-Source: APXvYqzvHfGsenxzlnmoS4bO4rJz7NCg+dDqURuhp6oam84/+q2w7HEcF3LHPqGhL0OqauYiyMiZt94IVacffwAAbco= X-Received: by 2002:a6b:f60f:: with SMTP id n15mr28347ioh.263.1575406052150; Tue, 03 Dec 2019 12:47:32 -0800 (PST) MIME-Version: 1.0 References: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> In-Reply-To: From: "Kurt Andersen (b)" Date: Tue, 3 Dec 2019 12:47:19 -0800 Message-ID: To: "Murray S. Kucherawy" Cc: =?UTF-8?B?0JTQuNC70Y/QvSDQn9Cw0LvQsNGD0LfQvtCy?= , IETF DMARC WG , Seth Blank Content-Type: multipart/alternative; boundary="0000000000001db7630598d2ce4d" Archived-At: Subject: Re: [dmarc-ietf] DMARCbis / Re: Collecting DMARC issues and nits for DMARC WG phase III - DMARC standardization X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:47:35 -0000 --0000000000001db7630598d2ce4d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I'm willing to volunteer. On Tue, Dec 3, 2019 at 12:42 PM Murray S. Kucherawy wrote: > On Mon, Nov 18, 2019 at 7:49 AM =D0=94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0= =B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2 > wrote: > >> who is going to work on DMARCbis document and is it realistic to finish >> it with a year? >> > > We haven't started the process of selecting editor(s) for it, but if > anyone wants to volunteer, please do. > > -MSK > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > --0000000000001db7630598d2ce4d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I'm willing to volunteer.

On Tue, Dec 3, 2019 at 12:42 = PM Murray S. Kucherawy <superuser= @gmail.com> wrote:
On Mon, Nov 18, 2019 at 7:49 A= M =D0=94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0=B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE= =D0=B2 <d= ilyan.palauzov@aegee.org> wrote:
who is going to work on = DMARCbis document and is it realistic to finish it with a year?

We haven't started the process of selecting ed= itor(s) for it, but if anyone wants to volunteer, please do.

=
-MSK
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
--0000000000001db7630598d2ce4d-- From nobody Tue Dec 3 12:48:38 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAC07120044 for ; Tue, 3 Dec 2019 12:48:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sethblank-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kwkYu4ue5-Nb for ; Tue, 3 Dec 2019 12:48:34 -0800 (PST) Received: from mail-oi1-x22f.google.com (mail-oi1-x22f.google.com [IPv6:2607:f8b0:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD63D12002F for ; Tue, 3 Dec 2019 12:48:34 -0800 (PST) Received: by mail-oi1-x22f.google.com with SMTP id v140so4565310oie.0 for ; Tue, 03 Dec 2019 12:48:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sethblank-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KJylNCjqeHWXf73beq2Wh+SfqUyWAesStpVz0MICkO4=; b=x1nIQRIwLSBW7fCrDkFU2FBEoW47NgjLA7fcjQl6jRn1duiGZHIeQc19tfLIxQhkUF n8oWrNo54u/IKVaHKJ6uzX1cv+Nr43uRa/X94SX2gIHhIuDeqys+gRCo4hw38REsIoI8 VcZgBpDRpAyXVFjntFG+eQzF1m+O5D9iD/2XeUok3jNdoWVmfGPTsdN6f00Z2g5oGsW+ M9JKhkcfSh4euvgLa2ym98Mt+0mJF4t2UU30Gsjn3mb88ClTKBNUVN4etXr6QDRsjmfy pfP5MoUfgmMBGUCLMXsxfb9dUU2m5ZoK+UQCv6DzEz50ZRlGf4jV/0aUIZPrs+WhnzUy 9Wmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KJylNCjqeHWXf73beq2Wh+SfqUyWAesStpVz0MICkO4=; b=ItPRWjJp7BIkXc7zSSkX3P9PlHyxq/S/5AUHUQXOrT2WLW4GLO3HM9d3DXk6qMx1P9 ZwUbhxoY9fghrbNrOtwtXYCUUZtI9qAwm3LrUl4MvVoRpPldkCoP3nCtzo+aaM3kVDrU N1z/nkNzwPAP6/J55fPxIyXLCkDh+FKpplOP91iXht0+rN5weLsI+MYNU1QqiPyrR3UZ HLlFkQAqhn8ndIpv6TjuGNGmpDG5Z8tSC15Jja68jPqxQkc55bgaUniQFWVyV3NkLcAx KvAesFyu2PlOGAY/zWlC2c1RMZg4uWrAkaaK4Duh07KeZOsBsnfFeIg1r+gYebXX6VmI lrCg== X-Gm-Message-State: APjAAAX1isMt1az2qDfUyAQkn3tAZH8TR4c0a26/+rSzAUP144oBYnnP Z2pF6lUlx4eDo2GLsJU9tXMfvJyk22lk1e/IB7pK+A== X-Google-Smtp-Source: APXvYqzYEeJOKI7FeZ363d0Bw2f9iTgznaiE6k4o5hjUVHwcYUwqtVkZ5Dkk9ahT1CJJEb+vFZRiWjMdEJnv2mHQlUw= X-Received: by 2002:aca:c507:: with SMTP id v7mr5561235oif.157.1575406113699; Tue, 03 Dec 2019 12:48:33 -0800 (PST) MIME-Version: 1.0 References: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> In-Reply-To: From: Seth Blank Date: Tue, 3 Dec 2019 12:48:22 -0800 Message-ID: To: "Kurt Andersen (b)" Cc: IETF DMARC WG , "Murray S. Kucherawy" , =?UTF-8?B?0JTQuNC70Y/QvSDQn9Cw0LvQsNGD0LfQvtCy?= Content-Type: multipart/alternative; boundary="000000000000c8d0bc0598d2d140" Archived-At: Subject: Re: [dmarc-ietf] DMARCbis / Re: Collecting DMARC issues and nits for DMARC WG phase III - DMARC standardization X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:48:36 -0000 --000000000000c8d0bc0598d2d140 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable As am I On Tue, Dec 3, 2019 at 12:47 Kurt Andersen (b) wrote: > I'm willing to volunteer. > > On Tue, Dec 3, 2019 at 12:42 PM Murray S. Kucherawy > wrote: > >> On Mon, Nov 18, 2019 at 7:49 AM =D0=94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0= =B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2 >> wrote: >> >>> who is going to work on DMARCbis document and is it realistic to finish >>> it with a year? >>> >> >> We haven't started the process of selecting editor(s) for it, but if >> anyone wants to volunteer, please do. >> >> -MSK >> _______________________________________________ >> dmarc mailing list >> dmarc@ietf.org >> https://www.ietf.org/mailman/listinfo/dmarc >> > -- -mobile --000000000000c8d0bc0598d2d140 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
As am I=C2=A0

On Tue, Dec 3, 2019 at 12:47= Kurt Andersen (b) <kboth@drkurt.com= > wrote:
I&= #39;m willing to volunteer.

On Tue, Dec 3, = 2019 at 12:42 PM Murray S. Kucherawy <superuser@gmail.com> wrote:
On Mon, Nov 18, 2019 at 7:49 AM =D0=94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0= =B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2 <dilyan.palauzov@aegee.org> wrote:
who is going to work on DMARCbis document and is it realistic to= finish it with a year?

We haven't = started the process of selecting editor(s) for it, but if anyone wants to v= olunteer, please do.

-MSK
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
--
-mobile
--000000000000c8d0bc0598d2d140-- From nobody Tue Dec 3 12:55:13 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6238412003E for ; Tue, 3 Dec 2019 12:55:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ytqpXBzxLbvO for ; Tue, 3 Dec 2019 12:55:10 -0800 (PST) Received: from mail-ua1-x933.google.com (mail-ua1-x933.google.com [IPv6:2607:f8b0:4864:20::933]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9136E12002F for ; Tue, 3 Dec 2019 12:55:10 -0800 (PST) Received: by mail-ua1-x933.google.com with SMTP id y23so1927461ual.2 for ; Tue, 03 Dec 2019 12:55:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PfX+VVQnOipb+nGUbF/+YHKUhq+UTXNhvrfbHp+UWCs=; b=NLI264H0r9DO+CJbSMi6cd5F1EzsgjqyZITXv+yDcwaeRdIjNierS+t1qVptw+YPQG rXcxtAIVUC0nnLrqAA+2PZ8UtXOr81U6bTvwJZ0NL1m1m0cDg/FWiYFmpEs17ksKINfj ibbSUkR37Hb159Mo2B8j6UICG+678gZwO33S8h+zz8uSzojid+Vg7BrCQV0GcJSZ1iEL zl8jpTUIWyV7g5/SBvXzr5Tw2fvHQLRP/rkL/fRA1zoFlt+KLaaDaNHOg2vc8iJ0ymEW dHFjQygC4TAnqmBM8oVnP/o1cCDnLUhlasm6SdERWXegC6G1lAwzEgvk5NUrmIPfoUNY Qulg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PfX+VVQnOipb+nGUbF/+YHKUhq+UTXNhvrfbHp+UWCs=; b=Opf9xNpZIDIbBztUXte/d3eoAyb+9vJhA7tiww6sV3gTeqiywoUkH/991AsVLXd0tz UJaFIPKpVSC2z+F57JHw06zDH5yN5a6nWkcT9WH1E3Hj5Iho7PQnEuMER9TEmAVT6yiI 6kEVfdCLwo+Al/biuHLbUHPzjRDqy/ruwCXyeqh0d2lC8AwLzttsj34hyShWdttHLizw +bTn4h8SUu4z4W617yHIf1fsCrKPa/fvEgWOZa//EDRYOZyy/hiaEEdUdZRR+K3p8s8k Ox4XmO1nOddbq8SkCY9P92ip97FlnUiH/wGRJklN2bbWBXWtd3HMBoORZeTJPPQ95v0j IHhQ== X-Gm-Message-State: APjAAAVo7sBZ/kk5UO3s+rtB1zw86xwhtVf5Z5cqJf+0r+PiWDQZbhfO 2MAOahL/lrtQPGqgWW/fZxoKLlPPBv7/32ybO6E= X-Google-Smtp-Source: APXvYqxyHCRrB/kQn4n08NcU6K1wLF4YTpiGi4ZomJr/BucJXil20YXt8rvx1EdpLjQXKWh/fGYb6Sp+1CHxJxXgaRY= X-Received: by 2002:a9f:372c:: with SMTP id z41mr53066uad.87.1575406509418; Tue, 03 Dec 2019 12:55:09 -0800 (PST) MIME-Version: 1.0 References: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> In-Reply-To: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> From: "Murray S. Kucherawy" Date: Tue, 3 Dec 2019 12:54:57 -0800 Message-ID: To: =?UTF-8?B?0JTQuNC70Y/QvSDQn9Cw0LvQsNGD0LfQvtCy?= Cc: Seth Blank , IETF DMARC WG Content-Type: multipart/alternative; boundary="0000000000005eedd70598d2e916" Archived-At: Subject: Re: [dmarc-ietf] DMARCbis / Re: Collecting DMARC issues and nits for DMARC WG phase III - DMARC standardization X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:55:12 -0000 --0000000000005eedd70598d2e916 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Nov 18, 2019 at 7:49 AM =D0=94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0=B0= =D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2 wrote: > who is going to work on DMARCbis document and is it realistic to finish i= t > with a year? > Are you volunteering too? -MSK --0000000000005eedd70598d2e916 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, Nov 18, 2019 at 7:49 AM =D0= =94=D0=B8=D0=BB=D1=8F=D0=BD =D0=9F=D0=B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0= =B2 <dilyan.palauzov@aegee.= org> wrote:
who is going to work on DMARCbis document and is it realistic to finish = it with a year?

Are you volunteering to= o?

-MSK
--0000000000005eedd70598d2e916-- From nobody Tue Dec 3 13:19:01 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0EF712082F for ; Tue, 3 Dec 2019 13:18:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3-pCLVeESstX for ; Tue, 3 Dec 2019 13:18:51 -0800 (PST) Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3EFC612003E for ; Tue, 3 Dec 2019 13:18:51 -0800 (PST) Authentication-Results: mail.aegee.org/xB3LIl76030149; auth=pass (LOGIN) smtp.auth=didopalauzov DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1575407928; i=dkim+MSA-tls@aegee.org; bh=yD/6XyrjaT2k9PMalkOrS2Arj0pmhxFX0nvB8x7NOBk=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=TpTN+nWrBxbxAj6omeD0lDFuHR/EMEZkNxVZPS1VWUxHWUi9zvDAe8SfzRwZkMKe2 gtVolFboKZjXWHHegg8Dsd8Y2ECzsi514XHrntuSQbCTbF8D2qQ4uFEJ/YvuWv0uZl m7Zq5kn1/sATSAtFxe7uyLVYPktzV5BM77WUh+2xW/ftcMqznS12bGoHhDG/PWjJTP fYb/4r6eIF2aY71ko0jw2CXoP0E+Rmcpu/Axx25MvHgW9BmxgctT/RsaeDXtUbkHVE Fjcda205qClQx7RyJvrrxgoamvMJN0IwONp2Hvc1G7uP9RD4W9s7NChVP9BRO54MR9 KxYQ9yDtBy5Zf6iaW4HOpCXBZ8DsNukeOMl0nhW4UQztVzOQTluiuuM2dSTAyDs5FP DqDKzdknmz6hddS9EWm+fHxP97GcFSiN9CezW0XfL/DlZ7P5MgEqXk7ERWCENb9+0W P0DSs5Z+/6MV1C2k3NGttJT9bYs9uW2Rh4QJPqybZk4nyX+Ffj2EE0G3LxYr+9VnPk rHN7pyRJVHx+F81a8LRlZTufVyYZeEnFxhtsFeoQ6Cb5GQJC/GIaWrcKYzA5Cx3rBp UYDbA8Dv1SRhnt8S7on+Gji7ZbVCijDRbCkyM5h8RxAFIvYBDzpqQ/0+/Hj4dU4Udh aTGYFxXX0BvtMP9DREVOVezk= Authentication-Results: mail.aegee.org/xB3LIl76030149; dkim=none Received: from Tylan (87-118-146-153.ip.btc-net.bg [87.118.146.153]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id xB3LIl76030149 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Tue, 3 Dec 2019 21:18:48 GMT Message-ID: From: =?UTF-8?Q?=D0=94=D0=B8=D0=BB=D1=8F=D0=BD_?= =?UTF-8?Q?=D0=9F=D0=B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2?= To: "Murray S. Kucherawy" Cc: IETF DMARC WG , Seth Blank Date: Tue, 03 Dec 2019 21:18:47 +0000 In-Reply-To: References: <0c529630b489d0852fd3fba0e8cdf0b68c6929e2.camel@aegee.org> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.35.3 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Virus-Scanned: clamav-milter 0.102.1 at mail.aegee.org X-Virus-Status: Clean Archived-At: Subject: Re: [dmarc-ietf] DMARCbis / Re: Collecting DMARC issues and nits for DMARC WG phase III - DMARC standardization X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 21:18:56 -0000 Hello Murray, no, I am not volunteering. Regards Дилян On Tue, 2019-12-03 at 12:54 -0800, Murray S. Kucherawy wrote: > > > On Mon, Nov 18, 2019 at 7:49 AM Дилян Палаузов wrote: > > who is going to work on DMARCbis document and is it realistic to finish it within a year? > > Are you volunteering too? > > -MSK > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc From nobody Tue Dec 3 13:21:53 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1601F12003E for ; Tue, 3 Dec 2019 13:21:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=IzL4EKMb; dkim=pass (1536-bit key) header.d=taugh.com header.b=Pa7//14F Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qt5xqCD927S6 for ; Tue, 3 Dec 2019 13:21:50 -0800 (PST) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 74F0C12002F for ; Tue, 3 Dec 2019 13:21:50 -0800 (PST) Received: (qmail 29225 invoked from network); 3 Dec 2019 21:21:48 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=7227.5de6d1ec.k1912; i=johnl-iecc.com@submit.iecc.com; bh=TUskWYsQ2PAWUAqLrB50svzsRIbep0xuo5w+5g70a3I=; b=IzL4EKMbDr+4k90djZBkZj4JnLwjfUEgS5+laFVk3dTObmF3hjZo4GbogxguIlIa3lQta8Gn3DLza2E6+qnQ1/ghKJSWl+8LD2We592NsVoReJdrRUVnPKaWxYU8R7OT/INfGKbVtCxmtDfInJFzsg2oehTpodvyHDbp+4EGYh2cl3WbNLUYtIDEh5hQPKSG345M7uHyM6yUZpqaA10O+BFynjXUANGnMRCXe7cwf2kT/dLBnN5vuQOkC3ub4af8 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=7227.5de6d1ec.k1912; olt=johnl-iecc.com@submit.iecc.com; bh=TUskWYsQ2PAWUAqLrB50svzsRIbep0xuo5w+5g70a3I=; b=Pa7//14F3HJIbfXt3X8zTWQ0Itf/D1HfAw2vNqR7u/DhsgN7P/lYEL/jipVtDi1SBT2Dbroc0qMLRHrE8GIqhKz3cNCBhzQNTaHPh6TFLEtmU1xi8bx05B5pGTvprF1yESKGwEVy1MJGHkhk514Y5rOLUS3+CE0yavc2gzbjRKF1Vp7PFpAorlhztXm74B0XJzPa1iwl7ZPgvzMR63AeRqxaqXdze/voXKb5vdGN8DAbbea23YOT3ZOt/r2TTBgt Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 03 Dec 2019 21:21:47 -0000 Date: 3 Dec 2019 16:21:47 -0500 Message-ID: From: "John R Levine" To: "Murray S. Kucherawy" Cc: "IETF DMARC WG" In-Reply-To: References: <20191111155410.12A31E9E35A@ary.qy> User-Agent: Alpine 2.21.99999 (OSX 374 2019-10-27) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Archived-At: Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 21:21:52 -0000 On Tue, 3 Dec 2019, Murray S. Kucherawy wrote: > On Mon, Nov 11, 2019 at 7:54 AM John Levine wrote: Nice to know I'm not the only one who lets my mail marinate for a while. > Assuming the ptype we're talking about is "dns" which is defined in the > same document, the definition is terse and there's not much guidance for > the designated expert about what things should be allowed with respect to > future registrations. I think Scott basically said the same thing. I'd > like to see those points addressed before green lighting it. Seems reasonable. Ale should be able to spin up a new one. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly From nobody Tue Dec 3 23:13:54 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F31C1200B3 for ; Tue, 3 Dec 2019 23:13:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=T/3IJb8M; dkim=pass (2048-bit key) header.d=kitterman.com header.b=LXr5suLj Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1DSZ3HqyZA-g for ; Tue, 3 Dec 2019 23:13:51 -0800 (PST) Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 264121200A4 for ; Tue, 3 Dec 2019 23:13:51 -0800 (PST) Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) by interserver.kitterman.com (Postfix) with ESMTPS id 57790F805FA for ; Wed, 4 Dec 2019 02:13:49 -0500 (EST) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1575443629; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=JFXVl+2Dx2a3nempf6mn7i6QfmHZhle5wpvBerkZ1eQ=; b=T/3IJb8Mk1pUmNjued9AWszjoGn9eSuYnqF2RvqskShFa22XcOYHg9ez EKMmmXA2rl6EWiqeLtfBGx619+VZDQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1575443629; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=JFXVl+2Dx2a3nempf6mn7i6QfmHZhle5wpvBerkZ1eQ=; b=LXr5suLjh4zVmxCcJP/OeZRt56wERsPIg93DjSeThPrP5061cc5g8G81 7iQbYmGtgBoxpAv/hfzV0XIH6E30Z9sBXYBsMiqfI0yOxIVw1bRzfsgQvg /YBCAiNFNKdkdzvVnDqm6hCq+nEQ9KX2F3Mm/u9mYvvM4pqX1zS2g2BgYt xZvlTiqQEBWDiaKQb3hs4eQEb97jEr7fnsxt8ya/Fv3IxUGMklSen4sfKj 1TErxpwZxpZOrGDih853NP5UqYXR6V9+u4BuCogVc+W5KrdrvSyUlsrnDe W5ZgQoVYguzcvZNR/Q1eXAWquqwPlHnmZSGcKjRZAAtc0zRgjGAz5Q== Received: from l5580.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id 274D7F80041 for ; Wed, 4 Dec 2019 02:13:49 -0500 (EST) From: Scott Kitterman To: dmarc@ietf.org Date: Wed, 04 Dec 2019 02:13:48 -0500 Message-ID: <2256126.EK92VDTyOC@l5580> In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Archived-At: Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2019 07:13:53 -0000 On Tuesday, December 3, 2019 4:21:47 PM EST John R Levine wrote: > On Tue, 3 Dec 2019, Murray S. Kucherawy wrote: > > On Mon, Nov 11, 2019 at 7:54 AM John Levine wrote: > Nice to know I'm not the only one who lets my mail marinate for a while. > > > Assuming the ptype we're talking about is "dns" which is defined in the > > same document, the definition is terse and there's not much guidance for > > the designated expert about what things should be allowed with respect to > > future registrations. I think Scott basically said the same thing. I'd > > like to see those points addressed before green lighting it. > > Seems reasonable. Ale should be able to spin up a new one. I'd prefer to see the new dns ptype separated from the dnswl discussion. I can see broad utility in the dns ptype (for example, if you want to indicate that a domain is testing DKIM, I think we need dns because that's where you find the information - it's not an attribute of the signature). Scott K From nobody Tue Dec 3 23:42:33 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A3711200FF for ; Tue, 3 Dec 2019 23:42:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IKg3ODf1AycL for ; Tue, 3 Dec 2019 23:42:30 -0800 (PST) Received: from mail-vs1-xe34.google.com (mail-vs1-xe34.google.com [IPv6:2607:f8b0:4864:20::e34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67DC41200FE for ; Tue, 3 Dec 2019 23:42:30 -0800 (PST) Received: by mail-vs1-xe34.google.com with SMTP id x123so4239348vsc.2 for ; Tue, 03 Dec 2019 23:42:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ehJFUnvpOQVktoUWcdlmuFEUaIR0ALvM8fnPbUIMu/w=; b=BsF3tCGAcc7QA/XvYtrn7UJ7BoRQQniGs8w64k2BvPZiGxwgSSHvoWgO46BKv43tO2 2ISseorhg723dPmCdd2RraCvOfo1TDajiMUo+YtRwn9xgWE0mV0jjplq1BixoYXjQIj6 wBvIp6rHNRcRWZ/c6yZ5TvD3G0w2fqAuag7zbY8msqoBi20MU578fkJZKVEKvcqJI2ys WHSGNyW8+cpK7XQcM8oZoXImhkcLOOMvuP/pSvvb+IB10Gv0Aa3XJCzAo6r6T6UTESfL V/VHKUE7cAmnV4Z9X11RDJ8DjUiOiDayM8kwCDvDxZoGAdVWFtNCvauXtIU+rL4tZBS+ uDzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ehJFUnvpOQVktoUWcdlmuFEUaIR0ALvM8fnPbUIMu/w=; b=q64Utg8ut2CUumqsuIh1qlGgi5729CQDmf7eZNIOnkxPaI9yQk0HQL1NU2kGiND/a1 RLJjbebAHSytcTz3G4ughBsA1bmra0wXbktiVEsS999r+hTOCuw37tYvo7BHAnIA8M3M Kyvi5p5VVaziIoK0c3ZdE6hnJeyWLe/okJy8KjfM1Zj13Q7o/Qg+tNrB5Ir4l4LHZkEY hCMSGjX1rpQvXsUc0lQWRXibPQWsiydcrAStx+CgYG19k84TBt9MJVy8lUI0QhNzJopY dNecqXJnHYpBzunQe35/AywzekGY/CJ/fKO2vPBHo1AJ+hQ2Xf42YXV7moNdQfRIm7UF ZUoA== X-Gm-Message-State: APjAAAXCQlxjhLmtNIvUMDZSryuYoqftajZ1xmgX0SwCB46bQzpljK/n UGLChSVvN+dYthWSrfe0rW28ZdDWJa7Q38AKl4E= X-Google-Smtp-Source: APXvYqzVKXZyq5xb3eD3v8/sB/FKt3iFcU99AEpPUTBuk5wZ6NXwm3+uaNAdtcLeYxI5V3DNxHsmzjY7Ey9C+AiyMhI= X-Received: by 2002:a67:ce86:: with SMTP id c6mr777184vse.7.1575445349457; Tue, 03 Dec 2019 23:42:29 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> In-Reply-To: <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> From: "Murray S. Kucherawy" Date: Tue, 3 Dec 2019 23:42:09 -0800 Message-ID: To: Dave Crocker Cc: "Kurt Andersen (b)" , Tim Wicinski , IETF DMARC WG , Scott Kitterman Content-Type: multipart/alternative; boundary="0000000000006ae4b50598dbf41f" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2019 07:42:32 -0000 --0000000000006ae4b50598dbf41f Content-Type: text/plain; charset="UTF-8" On Mon, Nov 11, 2019 at 2:21 PM Dave Crocker wrote: > > * add text to the PSD draft making it clear that what it's describing is > an experiment whose outcome will be taken only as feedback to the revision > of the standard (i.e., this is not intended to be the final form of > anything), and it is not intended to be deployed outside of the > experiment's participants; > > Forgive me, but while everyone involved in this has extensive experience > and is trying to solve a real and serious issue, this is an astonishingly > naive view. > I don't think it's based entirely on naivety. I think there's a healthy dose of feeling that the experiment as it's currently designed couldn't possibly scale to "the entire domain namespace" and/or "all servers on the Internet", so in that sense from where I sit there's a built in safeguard against this becoming a permanent wart. Rather, it's primed as a possibly useful data collection exercise. Comparing it to the "obs" grammars of days of yore, the PSD proposal is much too expensive to become engrained as-is, whereas the old grammars were relatively easy to carry forward. > Perhaps there are exampls of IETF experiments that have permitted entirely > starting over, but mostly those only happen when there is a complete > failure, and those typically are called experiments. > ATPS (RFC 6541) was Experimental, and it flatly failed. For a more visible example, Sender ID was Experimental, and I would argue it did too. Should they not have been? -MSK --0000000000006ae4b50598dbf41f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Nov 11, 2019 at 2:21 PM Dave Croc= ker <dhc@dcrocker.net> wrote:=
=20 =20 =20

* add text to the PSD draft making it clear that what it's describing is an experiment whose outcome will be taken only as feedback to the revision of the standard (i.e., this is not intended to be the final form of anything), and it is not intended to be deployed outside of the experiment's participants;

Forgive me, but while everyone involved in this has extensive experience and is trying to solve a real and serious issue, this is an astonishingly naive view.

I don= 't think it's based entirely on naivety.=C2=A0 I think there's = a healthy dose of feeling that the experiment as it's currently designe= d couldn't possibly scale to "the entire domain namespace" an= d/or "all servers on the Internet", so in that sense from where I= sit there's a built in safeguard against this becoming a permanent war= t.=C2=A0 Rather, it's primed as a possibly useful data collection exerc= ise.

Comparing it to the "obs" gramm= ars of days of yore, the PSD proposal is much too expensive to become engra= ined as-is, whereas the old grammars were relatively easy to carry forward.=

Perhaps there are exampls of IETF experiments that have permitted entirely starting over, but mostly those only happen when there is a complete failure, and those typically are called experiments.

ATPS (RFC 6541) was Experimental, and it fl= atly failed.=C2=A0 For a more visible example, Sender ID was Experimental, = and I would argue it did too.=C2=A0 Should they not have been?
-MSK

--0000000000006ae4b50598dbf41f-- From nobody Wed Dec 4 02:38:21 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 912AE12012C for ; Wed, 4 Dec 2019 02:38:19 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.301 X-Spam-Level: X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cf2KvXtWgUZR for ; Wed, 4 Dec 2019 02:38:18 -0800 (PST) Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0422612001E for ; Wed, 4 Dec 2019 02:38:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1575455893; bh=uepyKBDkD8DQD+Y6cDGW/pUa2esT54i5joynjEHx8As=; l=730; h=To:References:From:Date:In-Reply-To; b=CDOvbHeBOp9lDa7su9xIfmhxaEDq6mKXb90ubYrhfCLxOy0rogvviq3sLo7yoNP/5 CIdPHTZcCBxyuswPS2ogBs3bQ9JGGolr9EzlSvA8BjEU25YO7pvUzOEDya+1sxNVMP oPWljxQAsk1WRANT/hmghEmMDwvVyGQGsJhZ0MJnzObNK3gv1c/lny+aid6Mb Authentication-Results: tana.it; auth=pass (details omitted) Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k) by wmail.tana.it with ESMTPA id 00000000005DC073.000000005DE78C95.00001086; Wed, 04 Dec 2019 11:38:13 +0100 To: dmarc@ietf.org References: <20191111155410.12A31E9E35A@ary.qy> From: Alessandro Vesely Openpgp: preference=signencrypt Message-ID: <3c69eec8-3101-fc68-2405-794b77760274@tana.it> Date: Wed, 4 Dec 2019 11:38:13 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2019 10:38:19 -0000 On Tue 03/Dec/2019 21:22:28 +0100 Murray S. Kucherawy wrote: > As far as I know we're talking about "dnswl" which is a method, not a ptype.  > There is one known implementation (CourierMTA, I believe) which is the impetus > for the registration.  I think the name is constrained to whitelists even > though DNS-published lists might have the opposite meaning, so I wish there had > been some discussion before there was an implementation. Started in 2010, resumed in 2013, the discussion about how to implement whitelisting in Courier-MTA was mainly concerned on configuration syntax. It is archived here: https://sourceforge.net/p/courier/mailman/courier-users/thread/4CA0879B.9020707%40tana.it/ Best Ale -- From nobody Wed Dec 4 02:38:43 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65C86120131 for ; Wed, 4 Dec 2019 02:38:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.301 X-Spam-Level: X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iQQbZBKrxYVz for ; Wed, 4 Dec 2019 02:38:40 -0800 (PST) Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0DE821201E4 for ; Wed, 4 Dec 2019 02:38:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1575455918; bh=yPsy3x6MCHMiltFnQn3rZMsRdX9Y55PI8tr/iQZEKtw=; l=852; h=To:References:From:Date:In-Reply-To; b=CykHOfLcL5qrWSPdtLm3xwUtNi9ySWLrv3K5Ci4g1kgXy/LAWTFACbouzsVFQoe8R COF3FGBnWDmJ/+wrb/wODOsOStOSXb/qBeDpq7G5gZ9uI3hZHgU3Hq45ZRuKSHcr05 JGLrvmhjVwrsFfUSl5CpZKzgYCeanfXVSdHWa3XYzmf3kSsuXDhLuPYd1nD/d Authentication-Results: tana.it; auth=pass (details omitted) Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k) by wmail.tana.it with ESMTPA id 00000000005DC073.000000005DE78CAE.000010B2; Wed, 04 Dec 2019 11:38:38 +0100 To: dmarc@ietf.org References: <2256126.EK92VDTyOC@l5580> From: Alessandro Vesely Openpgp: preference=signencrypt Message-ID: <79c763eb-b0fa-1ea9-7c76-38a756156d3b@tana.it> Date: Wed, 4 Dec 2019 11:38:38 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <2256126.EK92VDTyOC@l5580> Content-Type: text/plain; charset=us-ascii Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2019 10:38:41 -0000 On Wed 04/Dec/2019 08:13:48 +0100 Scott Kitterman wrote: > I'd prefer to see the new dns ptype separated from the dnswl discussion. I > can see broad utility in the dns ptype (for example, if you want to indicate > that a domain is testing DKIM, I think we need dns because that's where you > find the information - it's not an attribute of the signature). Ptypes are already shared. Define once, use freely. (Except that each method has to define which properties it uses, and hence which ptypes.) IMHO, a simplification step, whenever someone is going to address rfc8601bis, would be to factor the results as well. For example, every method carefully specifies pass, fail, temperror and permerror to have the same, agreed semantics. The IANA page nicely allows to sort the table by code, a bemusing experience. Best Ale -- From nobody Wed Dec 4 02:39:48 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 843F512012C for ; Wed, 4 Dec 2019 02:39:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.3 X-Spam-Level: X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k7cPwIUqDE5Y for ; Wed, 4 Dec 2019 02:39:45 -0800 (PST) Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15C0912001E for ; Wed, 4 Dec 2019 02:39:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1575455983; bh=uHZPceGSndmKkzUjhAw/frVvl56K2vT+qU32+TZnPC8=; l=1841; h=To:References:From:Date:In-Reply-To; b=Bskw2UuR5ViPh7c1z4bE8iDYpIOzoqapX0vBZG8P1ymn1JweYts8vhI/qEgqJyCss rez9380ux2pUPwbQXuii1u4LBVLm++YexPtVbBcJK1T5QCX7VXvKyH4m8qmq2S+ypG 0VLPPqRARRhrZCIAHde33HcLuycEE3Y5BgWI98/r238j6vJuSJNZoSy9yvnKk Authentication-Results: tana.it; auth=pass (details omitted) Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k) by wmail.tana.it with ESMTPA id 00000000005DC073.000000005DE78CEF.0000111D; Wed, 04 Dec 2019 11:39:43 +0100 To: IETF DMARC WG References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> From: Alessandro Vesely Openpgp: preference=signencrypt Message-ID: Date: Wed, 4 Dec 2019 11:39:43 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2019 10:39:46 -0000 On Wed 04/Dec/2019 08:42:09 +0100 Murray S. Kucherawy wrote: > On Mon, Nov 11, 2019 at 2:21 PM Dave Crocker > wrote: > >>> * add text to the PSD draft making it clear that what it's describing is >>> an experiment whose outcome will be taken only as feedback to the >>> revision of the standard (i.e., this is not intended to be the final form >>> of anything), and it is not intended to be deployed outside of the >>> experiment's participants; >> >> Forgive me, but while everyone involved in this has extensive experience >> and is trying to solve a real and serious issue, this is an astonishingly >> naive view. > > I don't think it's based entirely on naivety.  I think there's a healthy dose > of feeling that the experiment as it's currently designed couldn't possibly > scale to "the entire domain namespace" and/or "all servers on the Internet", so > in that sense from where I sit there's a built in safeguard against this > becoming a permanent wart. After installing the DKIM/DMARC filter that implements PSD, I can say that the impact is unnoticeable. I didn't carry out precise measurements, I just didn't notice any delay. Perhaps because I don't get so much mail from gov.uk, but I don't think I could reliably measure a positive delay even if I were a strict correspondent of Boris. > Rather, it's primed as a possibly useful data collection exercise. Kurt also talked about reporting some findings. I'm embarrassed, I have no idea what I, as a receiver, should report. What data should I, and other receivers collect? IMHO, the experiment should be conceived as having it run by as many receivers as possible, so as to have a noticeable effect on senders. They can collect aggregate reports and make a comparison. Best Ale -- From nobody Wed Dec 4 10:01:46 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA18B1208A4 for ; Wed, 4 Dec 2019 10:01:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OQw7KyLvkCK0 for ; Wed, 4 Dec 2019 10:01:43 -0800 (PST) Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67A561208DD for ; Wed, 4 Dec 2019 10:01:43 -0800 (PST) Received: by mail-io1-xd32.google.com with SMTP id l17so597175ioj.3 for ; Wed, 04 Dec 2019 10:01:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dLk3QlrdB+efRbCqWjNgkBXCkhMBf4e2e3c3BneZjko=; b=daGTSUVjO8XY6KpNSACSPHnhiZjtK8hUmqhSCOwsEQCAy/OU3eEqppqUurd3PcYul5 GZOM+iGTmbFJ5Y+6nzd3MpqZrqvRf9qJa/zLUE4ByME64DakBKkeYu3I0CBuls6FYvui vXboqZuAsFRdBNdEZLvLcUGpwNH1X793dOeDw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dLk3QlrdB+efRbCqWjNgkBXCkhMBf4e2e3c3BneZjko=; b=eI4z3nEqcQmjdqYxzGftFZqSpKgf68NSdDQrV7qqteAW85HBmH8jkQoBJzLpv99WZK +2h2H1u93Nl1vZ9myjPQu6NIPVx7Ndt3BCEHpArCB02/mcpwTfy6xfb+73ZzaZQul1ln IMTXRWZwcrrWscQG0lOe8zIddcCB/Dj0+IPPKCW4HQfRzlR1HYlM2U4dctrAwhix2b9g imdo2sgMng6pCA07rSLuZHjzQTVy021zTscRp22LlLah4xOEedpeWQbTtsUTxeiJfc1q ZsKoPhkrD+IQidXwj8bOtfKlTpvSl30eRPDZ8xNCGY/9zH+Ks1eG3w3fiRUb0wUwrYZA OdBw== X-Gm-Message-State: APjAAAVA6PMJl7wvK6OrVrozm6zwFArQXwjqA4CZcJaj2+lsi5BjFkdj oPzFx2HqFXp5pDKwuZ1XbkLR5Xmvj/UHrBsW4LKO1YgjtB+PSg== X-Google-Smtp-Source: APXvYqzlWFyOxel8SM5Ipp78ICwXsHf5MdigSzLPUnbt3Jo2TUUtgpgOrm4Uac1GNfTjMMvyMaetrpMpq/MpKKd+wOg= X-Received: by 2002:a02:c009:: with SMTP id y9mr4261477jai.111.1575482502395; Wed, 04 Dec 2019 10:01:42 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> In-Reply-To: From: "Kurt Andersen (b)" Date: Wed, 4 Dec 2019 10:01:28 -0800 Message-ID: To: Alessandro Vesely Cc: IETF DMARC WG Content-Type: multipart/alternative; boundary="000000000000e835650598e49af1" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2019 18:01:45 -0000 --000000000000e835650598e49af1 Content-Type: text/plain; charset="UTF-8" On Wed, Dec 4, 2019 at 2:39 AM Alessandro Vesely wrote: > > > Rather, it's primed as a possibly useful data collection exercise. > > Kurt also talked about reporting some findings. I'm embarrassed, I have no > idea what I, as a receiver, should report. What data should I, and other > receivers collect? > I was thinking of something along the line of what was assembled for RFC 6686. In this case it would be something like the quantity of messages which were assessed against the LPSD record and their disposition compared to the number of messages dispositioned at the org level. Something to answer Dave's concern about "too much additional work" for not enough benefit. --Kurt --000000000000e835650598e49af1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Wed, Dec 4, 2019 at 2:39 AM Alessandro= Vesely <vesely@tana.it> wrote:=

> Rather, it's primed as a possibly useful data collection exercise.=

Kurt also talked about reporting some findings.=C2=A0 I'm embarrassed, = I have no
idea what I, as a receiver, should report.=C2=A0 What data should I, and ot= her
receivers collect?

I was thinking of so= mething along the line of what was assembled for RFC 6686. In this case it = would be something like the quantity of messages which were assessed agains= t the LPSD record and their disposition compared to the number of messages = dispositioned at the org level. Something to answer Dave's concern abou= t "too much additional work" for not enough benefit.
--Kurt=C2=A0
--000000000000e835650598e49af1-- From nobody Wed Dec 4 17:04:18 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6058B12003F for ; Wed, 4 Dec 2019 17:04:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.5 X-Spam-Level: X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5MbG46fZEzHR for ; Wed, 4 Dec 2019 17:04:14 -0800 (PST) Received: from mail-vs1-xe35.google.com (mail-vs1-xe35.google.com [IPv6:2607:f8b0:4864:20::e35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 578BC120018 for ; Wed, 4 Dec 2019 17:04:14 -0800 (PST) Received: by mail-vs1-xe35.google.com with SMTP id g23so1183451vsr.7 for ; Wed, 04 Dec 2019 17:04:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/3z8PLGnNNd0yWI2Urpkti8TJYQ7bKf8xc9dgLrOBVo=; b=GdF5SwV1ZkYDJjjsZ7vW6WXuwz5EsrpVIecIe5dUUWXRvkG9yV0UXcb4RirdI3P7hT BHX7rOXRE+JOomoLMmy9NcrnVFIbTAWOtBexOuYOdUHO3IbppElGwFEr7XarEB6lOi8a E2kNrbhVJK8ZfcjkQjyX1vEcUFIqjGKFktyw6mV9co8oAgPJ22s2wRWdI5Gto/rm3vqx +1SR8oR8RbbgShuIG9iGgPOYqoPqhWM3YPKYbak8eq3LdkAsejU9SQWTzi3akmy7Mg2v AkfiTlE2flMJ+q2pGxym7Xwg/a3w/JCCjlYomZDruQjCTTNFz6DAlTVFk1ChDnFLvM+r XfDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/3z8PLGnNNd0yWI2Urpkti8TJYQ7bKf8xc9dgLrOBVo=; b=B+ZgHB/Kp2YC+EqbOu/BeQTUslTkgroTkHv15eCjza3qz1a9iUivHz/NpNT07otwf8 JBtf70Qn684hcxftOR/lsnWT7+f4ujIh852PQLpzBXr6ypo/89/crSLM/zj2ctLxPv/V nDazkBHVsWRjOoXXYFRNwODLeC48UzE8m7YeEwXkS7KXhtHCzcU1rW3/eXY/8CXBZlcW Noxhw/MvhEFo4nSswvCt5sCoHNP13Peqs+sEktNw/4Jl1/wYXKS/e1wU9C5uNgDxFaft s0mOnP+/7LwCiUxmGy5gGXYTzSr+GgXJ6ZmuKQngAeZGNhxRR4XS8WJpWCjefn4IwjE6 94nQ== X-Gm-Message-State: APjAAAUHQuMJYikpK41nisEeuBh52ZdUzpGIWWnq3bgdCFtkRcw6g1Sz kumE89F63nieKpjINW6Yl5D2vSJFiWbgKij5Ayiy X-Google-Smtp-Source: APXvYqx4Qi8F65S3V1sEaIZGvcWBVKsa3xrn2fN0mYhipis3SLHsE1vFqvsaqT11KD3noSdJK3dsfsNAv1TPivHB4tQ= X-Received: by 2002:a67:f852:: with SMTP id b18mr3656180vsp.131.1575507852677; Wed, 04 Dec 2019 17:04:12 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> In-Reply-To: From: Brandon Long Date: Wed, 4 Dec 2019 17:04:00 -0800 Message-ID: To: "Kurt Andersen (b)" Cc: Alessandro Vesely , IETF DMARC WG Content-Type: multipart/alternative; boundary="000000000000e7094e0598ea81fa" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Dec 2019 01:04:16 -0000 --000000000000e7094e0598ea81fa Content-Type: text/plain; charset="UTF-8" On Wed, Dec 4, 2019 at 10:01 AM Kurt Andersen (b) wrote: > On Wed, Dec 4, 2019 at 2:39 AM Alessandro Vesely wrote: > >> >> > Rather, it's primed as a possibly useful data collection exercise. >> >> Kurt also talked about reporting some findings. I'm embarrassed, I have >> no >> idea what I, as a receiver, should report. What data should I, and other >> receivers collect? >> > > I was thinking of something along the line of what was assembled for RFC > 6686. In this case it would be something like the quantity of messages > which were assessed against the LPSD record and their disposition compared > to the number of messages dispositioned at the org level. Something to > answer Dave's concern about "too much additional work" for not enough > benefit. > Remind me again the the additional work is that might be too much? Isn't it just another DNS lookup for the org domain -1... of which there are maybe a couple thousand and easily cacheable? This seems way less than say the additional work for ARC. Brandon --000000000000e7094e0598ea81fa Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Wed, Dec 4, 2019 at 10:01 AM Kurt = Andersen (b) <kboth@drkurt.com&g= t; wrote:


--000000000000e7094e0598ea81fa-- From nobody Fri Dec 6 00:00:54 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E48B120220 for ; Fri, 6 Dec 2019 00:00:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYipLD3RwRqC for ; Fri, 6 Dec 2019 00:00:51 -0800 (PST) Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110097.outbound.protection.outlook.com [40.107.11.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA3B212000F for ; Fri, 6 Dec 2019 00:00:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F7ergiJQIDyVJsw6td6U6WcDweK39LZg8BJV442033uoVhEDFV2zyDsEcppec9oLRnJbx0WYDz87Ln8lN9T6BjaQTSdhqVLc6bGReuHB1N2p7j3OPDzSz+r7YxELxujUBOGLedEARV5uRVQdGfe4zlYomuUBqUQzGE67BahJU2v96pmEAAvuY4QoDwEod+k1hgAavA9Qlvd0M19ME/xBaa0V/Oo6TsgljfrGl9t+TFVLsjlzaO5Xj4PmUz3lLQtaY+muLBmShdyMfUZ0koBrdPGdNv77ozvJ2moAbg5ZvoAOwn7RdDXbXYsy3zyuXeoDx83bkXBzCnkITv/PU6wc9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rj7tKTjOf4asY14NCDJ/mpiUilwJxJfzELtUH9mttFg=; b=AP51leIaydV9VSF5JJQj84O6ye6ZDJwiPsIk4nblGnh4zeENIoqIJ6IIfVylB2B+UuHK5ATljccAvTFxrU6so0GYkPBwZ8ouxBzTRTyj/TTFRWxYCppC1uDJTayNQ8zT1OAxPRb/l+CFsIzruKFAKuNfZY3fLjM2CmpAyYmPVjCPB6t/3YHdwWbqdSD8tp6oHEf8ZpfPm8mrLWKpq1X4jztgHIqam6hjM51AlXFsVTj67VMzmBn4j1looeW5gIND+GWc54gYnZhdYZ9DAWIRIHreDYs4F7ksOh8arJFMOc/mgZQi0Bt38JSz/yU1IONDlTVOL3UOT03SPJ8y2DVFUQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rj7tKTjOf4asY14NCDJ/mpiUilwJxJfzELtUH9mttFg=; b=P5L4a+YEPwa6B/0x6ANXJfJd6sn1kw7k3MGtSu/8/FDYygePq+FAMqh25Vebuya+svB1+kWB7+gcW/z5lVSKe99/9HWK5yZRGEiX8/3OS7p0UnvwR4rbfKUaw+ppwpjh1vn6rjawjoJaUlwlClSRiMEQ8qtB36tgGd9T+aDh+vs= Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM (20.176.157.151) by LO2P123MB2590.GBRP123.PROD.OUTLOOK.COM (20.176.154.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.12; Fri, 6 Dec 2019 08:00:48 +0000 Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::b07d:fef5:217b:2f3d]) by LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::b07d:fef5:217b:2f3d%7]) with mapi id 15.20.2516.014; Fri, 6 Dec 2019 08:00:48 +0000 From: Ian Levy To: Alessandro Vesely , IETF DMARC WG Thread-Topic: [dmarc-ietf] Comment on draft-ietf-dmarc-psd Thread-Index: AQHVUkRUHW06UOOZ+kq6kqLLLMMrLqcaPC6AgANurWOAaHWPgIAADzIAgAAY2wCAAGFPgIAAblcAgCMwBICAADGdgIAC9Lzw Date: Fri, 6 Dec 2019 08:00:48 +0000 Message-ID: References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> In-Reply-To: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=ian.levy@ncsc.gov.uk; x-originating-ip: [51.140.114.144] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 0c571c43-9115-45ca-78cc-08d77a2267a7 x-ms-traffictypediagnostic: LO2P123MB2590: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6430; x-forefront-prvs: 0243E5FD68 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(136003)(39850400004)(346002)(376002)(396003)(13464003)(199004)(189003)(55236004)(102836004)(76116006)(64756008)(7696005)(66556008)(76176011)(110136005)(66476007)(99286004)(66946007)(26005)(71190400001)(71200400001)(5660300002)(186003)(86362001)(33656002)(229853002)(316002)(66446008)(9686003)(6506007)(55016002)(53546011)(44832011)(14444005)(11346002)(66574012)(52536014)(305945005)(25786009)(478600001)(45080400002)(74316002)(966005)(2906002)(8676002)(14454004)(8936002)(81166006)(81156014); DIR:OUT; SFP:1102; SCL:1; SRVR:LO2P123MB2590; H:LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: t/MivcYoo2t/77PFPaHuQ6U7xbZ5jTLV/iAcVsJqa/cwpntDVy5LAttkwqVAGmqynpn06d6VCT9lTwKhqXvYrmLEGXtcEboFChFIOcjLguKDu4SBXZUbOPIrHga5ItkGOZJEIn3D5JMB4pA69MAkWaAWUHphQ794wXQgW/pi3yGQmgXCQCV/+j7wG2ylNyW5P7AK6GXfMSe1CxIds2KpeR6T5pJwksemtTXB4tylFaTnjV9zo3fGoqHoSwZxno0lMD4Gk0JSWapHg3Z+ydI/f58AowR8dxxNagobGrJWaUZsBR0skP9c3UNubMtsWC6xmRFgNrh0L0i9vSeMZrOpc3CVZMGGaej4draPeupuKYa490gkuHINM76nUBDK1vmqwebdamOrEXYQhdTngNIX35u06XCKu/KFBdEn/+IV+NvnAkVEhQ/C1i78X+HmpP2fwPyzvSMC4+g7nrl1DRJkS9vbCwaZ6vyuOFAn0IRkmdVwfmgrs1huSw82OkGIAsK6wY3eJWDr7HdAXnEO71k6GDO1mSdmKl76r7RyMUCDcQo= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: ncsc.gov.uk X-MS-Exchange-CrossTenant-Network-Message-Id: 0c571c43-9115-45ca-78cc-08d77a2267a7 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Dec 2019 08:00:48.0960 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: dR1VIjGlk4yEfaqAfA+/mPNyS2ruWnCsvTxIil3N3PJ8jRC8VICNufXUOXk7iBl11o6ZWJRrIMB0DjRhVuNsdw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB2590 Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Dec 2019 08:00:53 -0000 PiBQZXJoYXBzIGJlY2F1c2UgSSBkb24ndCBnZXQgc28gbXVjaCBtYWlsIGZyb20gZ292LnVrDQoN CkFsZSwNCldlIGNhbiBmaXggdGhhdCBmb3IgeW91IGlmIHlvdSB3YW50IDotKS4gDQoNClNlcmlv dXNseSwgaWYgeW91IHdhbnQgdG8gdHJ5IHNvbWUgdm9sdW1lIHRlc3RpbmcsIGxldCBtZSBrbm93 IG9mZi1saXN0IGFuZCB3ZSdsbCB0cnkgdG8gc29ydCBzb21ldGhpbmcgb3V0LiANCg0KVGEuDQoN CkkuDQoNCi0tDQpEciBJYW4gTGV2eQ0KVGVjaG5pY2FsIERpcmVjdG9yDQpOYXRpb25hbCBDeWJl ciBTZWN1cml0eSBDZW50cmUNCmlhbkBuY3NjLmdvdi51aw0KDQpTdGFmZiBPZmZpY2VyIDogS2F0 ZSBBdGtpbnMsIGthdGUuYUBuY3NjLmdvdi51aw0KUHJvbm91bnMgOiBoZS9oaW0NCg0KKEkgd29y ayBzdHVwaWQgaG91cnMgYW5kIHdlaXJkIHRpbWVzIOKAkyB0aGF0IGRvZXNu4oCZdCBtZWFuIHlv dSBoYXZlIHRvLiBJZiB0aGlzIGFycml2ZXMgb3V0c2lkZSB5b3VyIG5vcm1hbCB3b3JraW5nIGhv dXJzLCBkb27igJl0IGZlZWwgY29tcGVsbGVkIHRvIHJlc3BvbmQgaW1tZWRpYXRlbHkhKQ0KDQot LS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0KRnJvbTogZG1hcmMgPGRtYXJjLWJvdW5jZXNAaWV0 Zi5vcmc+IE9uIEJlaGFsZiBPZiBBbGVzc2FuZHJvIFZlc2VseQ0KU2VudDogMDQgRGVjZW1iZXIg MjAxOSAxMDo0MA0KVG86IElFVEYgRE1BUkMgV0cgPGRtYXJjQGlldGYub3JnPg0KU3ViamVjdDog UmU6IFtkbWFyYy1pZXRmXSBDb21tZW50IG9uIGRyYWZ0LWlldGYtZG1hcmMtcHNkDQoNCk9uIFdl ZCAwNC9EZWMvMjAxOSAwODo0MjowOSArMDEwMCBNdXJyYXkgUy4gS3VjaGVyYXd5IHdyb3RlOg0K PiBPbiBNb24sIE5vdiAxMSwgMjAxOSBhdCAyOjIxIFBNIERhdmUgQ3JvY2tlciA8ZGhjQGRjcm9j a2VyLm5ldCANCj4gPG1haWx0bzpkaGNAZGNyb2NrZXIubmV0Pj4gd3JvdGU6DQo+DQo+Pj4gKiBh ZGQgdGV4dCB0byB0aGUgUFNEIGRyYWZ0IG1ha2luZyBpdCBjbGVhciB0aGF0IHdoYXQgaXQncyBk ZXNjcmliaW5nIGlzDQo+Pj4gICBhbiBleHBlcmltZW50IHdob3NlIG91dGNvbWUgd2lsbCBiZSB0 YWtlbiBvbmx5IGFzIGZlZWRiYWNrIHRvIHRoZQ0KPj4+ICAgcmV2aXNpb24gb2YgdGhlIHN0YW5k YXJkIChpLmUuLCB0aGlzIGlzIG5vdCBpbnRlbmRlZCB0byBiZSB0aGUgZmluYWwgZm9ybQ0KPj4+ ICAgb2YgYW55dGhpbmcpLCBhbmQgaXQgaXMgbm90IGludGVuZGVkIHRvIGJlIGRlcGxveWVkIG91 dHNpZGUgb2YgdGhlDQo+Pj4gICBleHBlcmltZW50J3MgcGFydGljaXBhbnRzOw0KPj4NCj4+ICBG b3JnaXZlIG1lLCBidXQgd2hpbGUgZXZlcnlvbmUgaW52b2x2ZWQgaW4gdGhpcyBoYXMgZXh0ZW5z aXZlIA0KPj4gZXhwZXJpZW5jZSAgYW5kIGlzIHRyeWluZyB0byBzb2x2ZSBhIHJlYWwgYW5kIHNl cmlvdXMgaXNzdWUsIHRoaXMgaXMgDQo+PiBhbiBhc3RvbmlzaGluZ2x5ICBuYWl2ZSB2aWV3Lg0K Pg0KPiBJIGRvbid0IHRoaW5rIGl0J3MgYmFzZWQgZW50aXJlbHkgb24gbmFpdmV0eS4gIEkgdGhp bmsgdGhlcmUncyBhIA0KPiBoZWFsdGh5IGRvc2Ugb2YgZmVlbGluZyB0aGF0IHRoZSBleHBlcmlt ZW50IGFzIGl0J3MgY3VycmVudGx5IGRlc2lnbmVkIA0KPiBjb3VsZG4ndCBwb3NzaWJseSBzY2Fs ZSB0byAidGhlIGVudGlyZSBkb21haW4gbmFtZXNwYWNlIiBhbmQvb3IgImFsbCANCj4gc2VydmVy cyBvbiB0aGUgSW50ZXJuZXQiLCBzbyBpbiB0aGF0IHNlbnNlIGZyb20gd2hlcmUgSSBzaXQgdGhl cmUncyBhIA0KPiBidWlsdCBpbiBzYWZlZ3VhcmQgYWdhaW5zdCB0aGlzIGJlY29taW5nIGEgcGVy bWFuZW50IHdhcnQuDQoNCg0KQWZ0ZXIgaW5zdGFsbGluZyB0aGUgREtJTS9ETUFSQyBmaWx0ZXIg dGhhdCBpbXBsZW1lbnRzIFBTRCwgSSBjYW4gc2F5IHRoYXQgdGhlIGltcGFjdCBpcyB1bm5vdGlj ZWFibGUuICBJIGRpZG4ndCBjYXJyeSBvdXQgcHJlY2lzZSBtZWFzdXJlbWVudHMsIEkganVzdCBk aWRuJ3Qgbm90aWNlIGFueSBkZWxheS4gIFBlcmhhcHMgYmVjYXVzZSBJIGRvbid0IGdldCBzbyBt dWNoIG1haWwgZnJvbSBnb3YudWssIGJ1dCBJIGRvbid0IHRoaW5rIEkgY291bGQgcmVsaWFibHkg bWVhc3VyZSBhIHBvc2l0aXZlIGRlbGF5IGV2ZW4gaWYgSSB3ZXJlIGEgc3RyaWN0IGNvcnJlc3Bv bmRlbnQgb2YgQm9yaXMuDQoNCg0KPiBSYXRoZXIsIGl0J3MgcHJpbWVkIGFzIGEgcG9zc2libHkg dXNlZnVsIGRhdGEgY29sbGVjdGlvbiBleGVyY2lzZS4NCg0KS3VydCBhbHNvIHRhbGtlZCBhYm91 dCByZXBvcnRpbmcgc29tZSBmaW5kaW5ncy4gIEknbSBlbWJhcnJhc3NlZCwgSSBoYXZlIG5vIGlk ZWEgd2hhdCBJLCBhcyBhIHJlY2VpdmVyLCBzaG91bGQgcmVwb3J0LiAgV2hhdCBkYXRhIHNob3Vs ZCBJLCBhbmQgb3RoZXIgcmVjZWl2ZXJzIGNvbGxlY3Q/DQoNCklNSE8sIHRoZSBleHBlcmltZW50 IHNob3VsZCBiZSBjb25jZWl2ZWQgYXMgaGF2aW5nIGl0IHJ1biBieSBhcyBtYW55IHJlY2VpdmVy cyBhcyBwb3NzaWJsZSwgc28gYXMgdG8gaGF2ZSBhIG5vdGljZWFibGUgZWZmZWN0IG9uIHNlbmRl cnMuICBUaGV5IGNhbiBjb2xsZWN0IGFnZ3JlZ2F0ZSByZXBvcnRzIGFuZCBtYWtlIGEgY29tcGFy aXNvbi4NCg0KDQpCZXN0DQpBbGUNCi0tDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoN Cg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KZG1h cmMgbWFpbGluZyBsaXN0DQpkbWFyY0BpZXRmLm9yZw0KaHR0cHM6Ly9ldXIwMy5zYWZlbGlua3Mu cHJvdGVjdGlvbi5vdXRsb29rLmNvbS8/dXJsPWh0dHBzJTNBJTJGJTJGd3d3LmlldGYub3JnJTJG bWFpbG1hbiUyRmxpc3RpbmZvJTJGZG1hcmMmYW1wO2RhdGE9MDIlN0MwMSU3Q2lhbi5sZXZ5JTQw bmNzYy5nb3YudWslN0M5NjlhNzc4ZDczZDQ0NDlkMGQ1NzA4ZDc3OGE2NGRmNCU3QzE0YWE1NzQ0 ZWNlMTQ3NGVhMmQ3MzRmNDZkZGE2NGExJTdDMCU3QzAlN0M2MzcxMTA1Mjc5ODg2OTg1MDkmYW1w O3NkYXRhPUlVRlRDV2hyMXJjNkk3dldNVGsyNk5wYXlSanhYc25WNHFxQVUlMkJtb09QZyUzRCZh bXA7cmVzZXJ2ZWQ9MA0KVGhpcyBpbmZvcm1hdGlvbiBpcyBleGVtcHQgdW5kZXIgdGhlIEZyZWVk b20gb2YgSW5mb3JtYXRpb24gQWN0IDIwMDAgKEZPSUEpIGFuZCBtYXkgYmUgZXhlbXB0IHVuZGVy IG90aGVyIFVLIGluZm9ybWF0aW9uIGxlZ2lzbGF0aW9uLiBSZWZlciBhbnkgRk9JQSBxdWVyaWVz IHRvIG5jc2NpbmZvbGVnQG5jc2MuZ292LnVrLiBBbGwgbWF0ZXJpYWwgaXMgVUsgQ3Jvd24gQ29w eXJpZ2h0IMKpDQo= From nobody Sat Dec 7 12:11:23 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F204812082E for ; Sat, 7 Dec 2019 12:11:21 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_FAIL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=m5agxsj9; dkim=pass (2048-bit key) header.d=kitterman.com header.b=CS8JIaCM Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K9bTKc4Or2TM for ; Sat, 7 Dec 2019 12:11:20 -0800 (PST) Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AFAC120059 for ; Sat, 7 Dec 2019 12:11:19 -0800 (PST) Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 188BBF80193 for ; Sat, 7 Dec 2019 15:11:14 -0500 (EST) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1575749473; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=YY/gsdLg5GPr3kG82yOr2v6MnNSdh05WscB7KU4iSyw=; b=m5agxsj9dFwCD6oAJ4wRnivwG8F9CVEZ1XVg+xLDaYzrub1ekaeMVfMd 9SFWCptuzjay5GeOEROI5tDXfTFrBg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1575749473; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=YY/gsdLg5GPr3kG82yOr2v6MnNSdh05WscB7KU4iSyw=; b=CS8JIaCMBWhe6BPc//PhJMSyzEMqpw1Yk1wzyThDC4eDCdnFpEattYge CoGrbEn1/cR9Ov6tsJEMGzIZcS6U10aLYvTq81L81mAi38LG8Sa4AMq8p8 G2tYW6TuTlrnu1zVzaAa1C4aSn5U3+6Io2e0NNc1fpH+ovhaHtm1sRK/Wu jGSirlyeRdb5rD/GiFx2mGHtCAKDQuMgHMlwplmgdovkfb79y/je2+Kiw7 PLg0665IVW4pPzvjqpbz4ximTNTPpOu0rVoJ2I9LlgBTbUiBzkrEmf4xdU Dsy5Wv1swcp+NdTLcPXAjFaYGOYSd6JtJEj6FxwB31nDkpUUeapFhw== Received: from l5580.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id DE2C2F80041 for ; Sat, 7 Dec 2019 15:11:13 -0500 (EST) From: Scott Kitterman To: dmarc@ietf.org Date: Sat, 07 Dec 2019 15:11:13 -0500 Message-ID: <3901697.AhlRBlR6Pl@l5580> In-Reply-To: References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Dec 2019 20:11:22 -0000 On Wednesday, December 4, 2019 8:04:00 PM EST Brandon Long wrote: > On Wed, Dec 4, 2019 at 10:01 AM Kurt Andersen (b) wrote: > > On Wed, Dec 4, 2019 at 2:39 AM Alessandro Vesely wrote: > >> > Rather, it's primed as a possibly useful data collection exercise. > >> > >> Kurt also talked about reporting some findings. I'm embarrassed, I have > >> no > >> idea what I, as a receiver, should report. What data should I, and other > >> receivers collect? > > > > I was thinking of something along the line of what was assembled for RFC > > 6686. In this case it would be something like the quantity of messages > > which were assessed against the LPSD record and their disposition compared > > to the number of messages dispositioned at the org level. Something to > > answer Dave's concern about "too much additional work" for not enough > > benefit. > > Remind me again the the additional work is that might be too much? Isn't > it just another DNS lookup for the org domain -1... of which there are > maybe a couple thousand and easily cacheable? > > This seems way less than say the additional work for ARC. It's slightly more. There's also a check to see if a LPSD (org -1) is a PSD DMARC participant. Exactly how to document that is the major unresolved question that we should evaluate experimentally. It might be one of three things: 1. A registry that is occasionally updated and consumed locally. 2. A DNS RBL type service lookup. 3. An exended PSL. Options 2 and 3 both have a second additional lookup. Personally, I like option 1, but there's no consensus about this. There are working versions of all three available from psddmarc.org for testing. Scott K From nobody Sun Dec 8 11:49:58 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92D3E12007C for ; Sun, 8 Dec 2019 11:49:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A4VgiaLDhork for ; Sun, 8 Dec 2019 11:49:55 -0800 (PST) Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC7CC120020 for ; Sun, 8 Dec 2019 11:49:55 -0800 (PST) Received: by mail-ot1-x335.google.com with SMTP id i15so10371989oto.7 for ; Sun, 08 Dec 2019 11:49:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3vrP4+tHSNVKwn0m9c5upDogxOPz4/0KStJ0Hg+D7iM=; b=ZOXKCtBDrYHxZqyhJq2iXWEVK4y9NKpPlraWZjcbDCBNYvtH8AtY0miszvmBk8e9i5 Z+OJLe9j4OxMwhbXbif5pyo5zXeW3xYwNjG9VacWtxC7oVNLVF2U2O/QNEmrtMktPbYk BAxBCjBxWSeezFm/o/bCSlSfAH5K1yA/1BPmMlHjXsvr1MBAxuVn/uuqQz5WKObKcKzP Gu0JKFs86jZgM1QPgZQgK0qD9IXmzWq7j2TwozdiOrfV3PUBaYZ3IRc/J7KUopME537s aBa5Y9BvP0iAV3JC8FXY+IfT4UfWoAW5JDxt/bxpLIDYeKRwXRT1/gfcXHO/ruTw6Uc/ D2SA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3vrP4+tHSNVKwn0m9c5upDogxOPz4/0KStJ0Hg+D7iM=; b=PnFRMVSOiLqCvGeniMBQj+e150FoA3QODCjUaKENIvVx78EehFPo6/ub6/fY2m501Q wazYMmi13dWxA8JBvHfsG4q/bLMIid/ePVuwnuBXrP8y1YAobYlASsXkWLmYOV4VkVXT 7jbU7ZfX1dX2UIU+Chyb6rrHmbt9Y3TG9L1+N3ZSRHLUIjhvVUSuOE0FBJNXEk/p5KqK dgqTL3GAYyCyc/SQbgKBBmfY9qr0S8YBY9VpX94BH4QlLrhUSjobfFIJEDnWJp4l87mZ cCmiVIF8Wrx5UImEZDN7giU6vBcdMmvEFBMllFX+Bbt8rZ+7WoE1qGiZeZmj8U3t4I0D w+kg== X-Gm-Message-State: APjAAAUBTVzgKRHflUzDyqm+yhPTuWywLEnJXkb8ER3TVDrBr567+6KK 4d3WZTDjp9DYs6kljHUH9dkIrcrkljlNK9ddrY8= X-Google-Smtp-Source: APXvYqzpmgrkqdYGa4mUTUDBBSj6H/Ek81YgD7OsHsqwOHKrUgoLCjxOHH+5QpKdjoxUeMVM07uaIuYwiC7pfWoScFY= X-Received: by 2002:a05:6830:1555:: with SMTP id l21mr15682796otp.41.1575834594885; Sun, 08 Dec 2019 11:49:54 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <3901697.AhlRBlR6Pl@l5580> In-Reply-To: <3901697.AhlRBlR6Pl@l5580> From: Tim Wicinski Date: Sun, 8 Dec 2019 14:49:43 -0500 Message-ID: To: Scott Kitterman Cc: IETF DMARC WG Content-Type: multipart/alternative; boundary="00000000000040c7f60599369567" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Dec 2019 19:49:57 -0000 --00000000000040c7f60599369567 Content-Type: text/plain; charset="UTF-8" Scott Instead of thinking one must choose between a locally consumed registry and a lookup service, why not both? In the land of DNSOP we put out RFC7706 which talks about running a copy of the root Nameservers locally to speed lookups. This seems to be so highly useful that we're just finished WGLC on 7706-bis. So we could decide on doing a combinatory of #3 and #1, with the right mechanisms. Just a thought. Tim (lacking any hats today) On Sat, Dec 7, 2019 at 3:11 PM Scott Kitterman wrote: > On Wednesday, December 4, 2019 8:04:00 PM EST Brandon Long wrote: > > On Wed, Dec 4, 2019 at 10:01 AM Kurt Andersen (b) > wrote: > > > On Wed, Dec 4, 2019 at 2:39 AM Alessandro Vesely > wrote: > > >> > Rather, it's primed as a possibly useful data collection exercise. > > >> > > >> Kurt also talked about reporting some findings. I'm embarrassed, I > have > > >> no > > >> idea what I, as a receiver, should report. What data should I, and > other > > >> receivers collect? > > > > > > I was thinking of something along the line of what was assembled for > RFC > > > 6686. In this case it would be something like the quantity of messages > > > which were assessed against the LPSD record and their disposition > compared > > > to the number of messages dispositioned at the org level. Something to > > > answer Dave's concern about "too much additional work" for not enough > > > benefit. > > > > Remind me again the the additional work is that might be too much? Isn't > > it just another DNS lookup for the org domain -1... of which there are > > maybe a couple thousand and easily cacheable? > > > > This seems way less than say the additional work for ARC. > > It's slightly more. There's also a check to see if a LPSD (org -1) is a > PSD > DMARC participant. Exactly how to document that is the major unresolved > question that we should evaluate experimentally. It might be one of three > things: > > 1. A registry that is occasionally updated and consumed locally. > 2. A DNS RBL type service lookup. > 3. An exended PSL. > > Options 2 and 3 both have a second additional lookup. Personally, I like > option 1, but there's no consensus about this. There are working versions > of > all three available from psddmarc.org for testing. > > Scott K > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > --00000000000040c7f60599369567 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Scott

Instead of thinkin= g one must choose between a locally consumed registry and a lookup service,= why not both?
In the land of DNSOP we put out RFC7706 which talk= s about running a copy of the root Nameservers locally to=C2=A0
s= peed lookups.=C2=A0 This seems to be so highly useful that we're just f= inished WGLC on 7706-bis.=C2=A0

So we could decide= on doing a combinatory of #3 and #1, with the right mechanisms.=C2=A0

Just a thought.=C2=A0

Tim=C2= =A0
(lacking any hats today)


On Sat, Dec 7, 2= 019 at 3:11 PM Scott Kitterman <= sklist@kitterman.com> wrote:
On Wednesday,= December 4, 2019 8:04:00 PM EST Brandon Long wrote:
> On Wed, Dec 4, 2019 at 10:01 AM Kurt Andersen (b) <kboth@drkurt.com> wrote:
> > On Wed, Dec 4, 2019 at 2:39 AM Alessandro Vesely <vesely@tana.it> wrote:
> >> > Rather, it's primed as a possibly useful data collec= tion exercise.
> >>
> >> Kurt also talked about reporting some findings.=C2=A0 I'm= embarrassed, I have
> >> no
> >> idea what I, as a receiver, should report.=C2=A0 What data sh= ould I, and other
> >> receivers collect?
> >
> > I was thinking of something along the line of what was assembled = for RFC
> > 6686. In this case it would be something like the quantity of mes= sages
> > which were assessed against the LPSD record and their disposition= compared
> > to the number of messages dispositioned at the org level. Somethi= ng to
> > answer Dave's concern about "too much additional work&qu= ot; for not enough
> > benefit.
>
> Remind me again the the additional work is that might be too much?=C2= =A0 Isn't
> it just another DNS lookup for the org domain -1... of which there are=
> maybe a couple thousand and easily cacheable?
>
> This seems way less than say the additional work for ARC.

It's slightly more.=C2=A0 There's also a check to see if a LPSD (or= g -1) is a PSD
DMARC participant.=C2=A0 Exactly how to document that is the major unresolv= ed
question that we should evaluate experimentally.=C2=A0 It might be one of t= hree
things:

1.=C2=A0 A registry that is occasionally updated and consumed locally.
2.=C2=A0 A DNS RBL type service lookup.
3.=C2=A0 An exended PSL.

Options 2 and 3 both have a second additional lookup.=C2=A0 Personally, I l= ike
option 1, but there's no consensus about this.=C2=A0 There are working = versions of
all three available from psddmarc.org for testing.

Scott K


_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
--00000000000040c7f60599369567-- From nobody Sun Dec 8 13:58:25 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B99771200E9 for ; Sun, 8 Dec 2019 13:58:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.75 X-Spam-Level: X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=GJ0qwrfM; dkim=pass (1536-bit key) header.d=taugh.com header.b=ib9ZsHbS Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dZrPrXNKfdxj for ; Sun, 8 Dec 2019 13:58:23 -0800 (PST) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50E11120059 for ; Sun, 8 Dec 2019 13:58:23 -0800 (PST) Received: (qmail 91089 invoked from network); 8 Dec 2019 21:58:21 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=163cd.5ded71fd.k1912; i=printer-iecc.com@submit.iecc.com; bh=zFXrw/g73q1WQenfP4Hc9Hd3hCyRJGYDCkjD/Kng2nY=; b=GJ0qwrfMPsgL6X9iMsANe4VcvYfzbGMPFmmBTbz3a/RM4xPXpYU6MupcaoRiiilGk0MY9rOwmSqQv8gTOjMGVNJk0B0Q+jcg20KzrhTJHUGcidvueQ3Z4qqN5LDovxTC7it8NFhLM10HyyBFHxXgNFa2aXemEsqQ4cO2HmNAMgGj+MYjUhVfTHlXzB3z0g4ZOryGWqhsgrezIUuCX3RG60J1bGz2Nhm5nWJVgJsIeP/IjJ1qmFL2wav10k8DV7tg DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=163cd.5ded71fd.k1912; olt=printer-iecc.com@submit.iecc.com; bh=zFXrw/g73q1WQenfP4Hc9Hd3hCyRJGYDCkjD/Kng2nY=; b=ib9ZsHbSFNUIfniXZ5bbMJFEUj9Qsa5JDCZ+s7NYQpGOKvc0MjcrNf8Lc5dJ9lvgiu3lzSkqqOxKllxppDIDw/W3rHqhhBFWL2uDMh9Qea0jBaorQI3nqCW7TvY9QsCPaW8d5ok6ApOCD7nfOLaqxDDynd51umR6F9i9HAmedFKOaQvErel4p7ZDKBH/+Qr3bmir2C3NYzbgkp9G1oa1JpyIhg/bVvl8i4gehLB1eM7OLRipGguLgnjXrDHA+KtS Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.2 ECDHE-RSA AES-256-GCM AEAD, printer@iecc.com) via TCP6; 08 Dec 2019 21:58:21 -0000 Received: by ary.qy (Postfix, from userid 501) id C83C11040D80; Sun, 8 Dec 2019 16:58:20 -0500 (EST) Date: 8 Dec 2019 16:58:20 -0500 Message-Id: <20191208215820.C83C11040D80@ary.qy> From: "John Levine" To: dmarc@ietf.org Cc: tjw.ietf@gmail.com In-Reply-To: Organization: Taughannock Networks X-Headerized: yes Mime-Version: 1.0 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: 8bit Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Dec 2019 21:58:25 -0000 In article you write: >So we could decide on doing a combinatory of #3 and #1, with the right >mechanisms. Publishing a list of PSD superdomains in the DNS is pretty trivial using my dbound scheme, and should typically find out whether any name needs a PSD check with one DNS query. The total zone for the PSL is under 10K records, so doing a local mirror should be easy, too. R's, John From nobody Sun Dec 8 17:58:26 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2AA11200CC for ; Sun, 8 Dec 2019 17:58:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CgPiQ-_irJa for ; Sun, 8 Dec 2019 17:58:22 -0800 (PST) Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE1BA12007C for ; Sun, 8 Dec 2019 17:58:21 -0800 (PST) Received: by mail-ot1-x333.google.com with SMTP id k14so10857650otn.4 for ; Sun, 08 Dec 2019 17:58:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0IvKmUlZHAsST1j+J/GIVkwcBL9uoMyF2sr+tlWA39E=; b=C72fT9H5zsLJXpYFKuo8GwQpZld1Y2GGl7cbG1hHFnFR3KSj9A+kLb8JyTxQZ6anNy gJtMwLnEoeP1DkK3EvAC0Ux+OC/ZFRxcYF2h7+2osvEyIZQVhp1FUauKUE+whTuChjfH 2BacB8yCu1s0o371cubLAD45z7GFVOyuWx4s0RT09hLH9vY4LJR0JpghysoCEVDrsxu4 G0mRRtl2BjGs69cCKJn3XKZi0qcuSVtv9cI+S3BXFmGRsydobWqtWmK/F71fBwsmziBv liatEVNQXW6QO33TLOaWlB2STOvLQrE7O8O1mHPn5hbOF663VCnX4Le5Wt7TQ2q/zHWn jX4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0IvKmUlZHAsST1j+J/GIVkwcBL9uoMyF2sr+tlWA39E=; b=a3dfq3uisMQtgP0mbpomup4MUiHJ+CrmLQM5ZEtohKevfIDTEhbMW2f6DQnBncHtCu hl3iclog0DSS6j3SGkjpF1EBm9e+2iHWfY6r9E417wFp3tKeqE3Wf+itREOxjW9pNTIO U6rBWxm20mEgUfcLYvkJxPhuejESZQR3QYIntMwHEMKqqh+8FXhYvKUA+T2dOhiceLHd +2iMuhfVkRZjMeFUM+yy74eBgXdYM6Gh+4oaTeeZK0DAMWigEaQIDrJy0KRSYGXJXqNC O8oN+6LFG4Bdw1cCh9bQfpPIl+aCNY06nBZHVGIcHJSOMkzy/9olzK/TvmR1vN4Da0k/ Lvnw== X-Gm-Message-State: APjAAAWkbO5BSqAlEADZMiLVtAdDX7X7TuGzlTuzmJ0/QX1Gr+C32S2z vHAjGZ38JgNuOxF1fj3PnpRLDcDhepgSwTy8TVQ= X-Google-Smtp-Source: APXvYqwlIkma5En791wZ/hdqZNQhYFrtaNxiNW1J1u4kksxVgTYai/FiHT22ZF3AAp50ORW5j1SvW/S0wSG2eZ/xJNE= X-Received: by 2002:a05:6830:1555:: with SMTP id l21mr16367913otp.41.1575856701113; Sun, 08 Dec 2019 17:58:21 -0800 (PST) MIME-Version: 1.0 References: <20191208215820.C83C11040D80@ary.qy> In-Reply-To: <20191208215820.C83C11040D80@ary.qy> From: Tim Wicinski Date: Sun, 8 Dec 2019 20:58:10 -0500 Message-ID: To: John Levine Cc: IETF DMARC WG Content-Type: multipart/alternative; boundary="000000000000e3098e05993bba3a" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Dec 2019 01:58:24 -0000 --000000000000e3098e05993bba3a Content-Type: text/plain; charset="UTF-8" +1 Tim (just a fan of https://www.ietf.org/archive/id/draft-levine-dbound-dns-03.txt) On Sun, Dec 8, 2019 at 4:58 PM John Levine wrote: > In article Q@mail.gmail.com> you write: > >So we could decide on doing a combinatory of #3 and #1, with the right > >mechanisms. > > Publishing a list of PSD superdomains in the DNS is pretty trivial > using my dbound scheme, and should typically find out whether any name > needs a PSD check with one DNS query. The total zone for the PSL is > under 10K records, so doing a local mirror should be easy, too. > > R's, > John > --000000000000e3098e05993bba3a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Sun, Dec 8, 2019 at 4:58 PM Joh= n Levine <johnl@taugh.com> wro= te:
In article <CADyWQ+HparFd6ubzr46mo63=3DoSr= Rqu1cjo0Xq=3DZpERn+Yxx3=3DQ@mail.gmail.com> you write:
>So we could decide on doing a combinatory of #3 and #1, with the right<= br> >mechanisms.

Publishing a list of PSD superdomains in the DNS is pretty trivial
using my dbound scheme, and should typically find out whether any name
needs a PSD check with one DNS query.=C2=A0 The total zone for the PSL is under 10K records, so doing a local mirror should be easy, too.

R's,
John
--000000000000e3098e05993bba3a-- From nobody Sun Dec 8 18:18:49 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9F5312007C for ; Sun, 8 Dec 2019 18:18:47 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=ZxyH5PC+; dkim=pass (1536-bit key) header.d=taugh.com header.b=pGgZ8gJO Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KzrO5wtt7fkf for ; Sun, 8 Dec 2019 18:18:45 -0800 (PST) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B7F112004A for ; Sun, 8 Dec 2019 18:18:45 -0800 (PST) Received: (qmail 43318 invoked from network); 9 Dec 2019 02:18:41 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=a933.5dedaf01.k1912; i=johnl-iecc.com@submit.iecc.com; bh=7FIWSGDMeUcWh1PGg/pbBdFeYlC6f3gvs9DAjHPlbjM=; b=ZxyH5PC+aysMJ5x1/Q/Svx2ay1Nv1692qKmREDZl6Dvs6JWU5B42W1ti05gS/dJsIwlV3nBmJTU3hmg2solXqyPFhvdT/Vg+LmvUUq6kS/PtKLx12aEaYvnaysJmVtapX/mj0K9O/uq75Lxe5wyMDG9+ISxsMYjkyhDpoJJu/NDrgynG9Zcvspy9KYSSaEGLOPjXTolV6qtTf8+psN/cvSvQ0LM/PpXDRvk6LsX4leuq2GTm97xWY5xtq+QescCs DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=a933.5dedaf01.k1912; olt=johnl-iecc.com@submit.iecc.com; bh=7FIWSGDMeUcWh1PGg/pbBdFeYlC6f3gvs9DAjHPlbjM=; b=pGgZ8gJOcfkDx9jkfzj9Pz86qmtpc8Me2NOwQPLLvKhgmmGQY/1k4fpehwup9YrK73v4oCX9epEwJuNEzCPZpj/Cf7JENhKnmvRGBCgTyU0j1ujhgWQzl2lbeD9+OvQFMM0emrlaRmBs7p2H+QW4jGYQmpwTrf8qDmQdTJ+OEK1YO+E+sGnrk7KAlWBC257byKLsf+dMrjgWKVGoibs5egraI+vYbohNlqEhrOkZtGSPKs6MB5blNHGhKBJQr6PE Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 09 Dec 2019 02:18:41 -0000 Date: 8 Dec 2019 21:18:41 -0500 Message-ID: From: "John R Levine" To: "Tim Wicinski" Cc: "IETF DMARC WG" In-Reply-To: References: <20191208215820.C83C11040D80@ary.qy> User-Agent: Alpine 2.21.99999 (OSX 374 2019-10-27) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Dec 2019 02:18:48 -0000 > (just a fan of > https://www.ietf.org/archive/id/draft-levine-dbound-dns-03.txt) Don't miss https://github.com/jrlevine/bound I found and fixed a bunch of bugs in the spec when I implemented it. Who knew that could happen? > > On Sun, Dec 8, 2019 at 4:58 PM John Levine wrote: > >> In article > Q@mail.gmail.com> you write: >>> So we could decide on doing a combinatory of #3 and #1, with the right >>> mechanisms. >> >> Publishing a list of PSD superdomains in the DNS is pretty trivial >> using my dbound scheme, and should typically find out whether any name >> needs a PSD check with one DNS query. The total zone for the PSL is >> under 10K records, so doing a local mirror should be easy, too. >> >> R's, >> John >> > Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly From nobody Mon Dec 9 08:44:32 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D497C120096 for ; Mon, 9 Dec 2019 08:44:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EraJ3auWpYNH for ; Mon, 9 Dec 2019 08:44:28 -0800 (PST) Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com [IPv6:2607:f8b0:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75DE512000F for ; Mon, 9 Dec 2019 08:44:28 -0800 (PST) Received: by mail-ot1-x32c.google.com with SMTP id d17so12799118otc.0 for ; Mon, 09 Dec 2019 08:44:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=j6F6OMLxhA4P3gne6uoc2pgjPBSDVHoB7MO38WV7tR4=; b=UdtjNycNradaTO9acrQKdgs0lAoKHpIO29p0lgeNfc8D55lQm7U+FM41emiIpFHtgx xtwDKkCK6GTxA8S2Jx8y7/IbdY7E0liIIdbJYLMQGhoUhPmVhZQDA9/Lsv+7+VZ+DknV LqR2jocv0QYtcIqaoV30yJ2knIpRF/NO5tlH5CmYm7cf1P9Q/eW18+tKgdVYgCEhAfvm FwOuXlHWOr4DbbgssOKJWgyZQ9a732Wq57jjBckrpY6zbyFv4uVftcM4BBlcTmPlnCK9 S9XQ3jiTwVSGBewFhk77S7cXBXtYg4DyhDwShnLCNBml3veWzailCiFsPjML4jjKEchZ UOww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=j6F6OMLxhA4P3gne6uoc2pgjPBSDVHoB7MO38WV7tR4=; b=eNGJk3w2ZMsR16mPigc35O2NPPvFeClGXFP5BIk/UrOz+LCljyLYImboZeGEI1Rkhf E9mjWtCp4vkgy01k2irc0OKKC0xZ+vMqdNNB1X5TDEGYQHAKJcGJump4zfValRoUkWTG Rszr1bpyulhuTT8x2LMbg4esQ3UAf6jDmJNq/4+44MHW3s+eCclQ4dQ7druVixMO9MxR kNXGr4kFxgJtrlUzY2QxyXoImQF5ezGZtY3BVFWjFYXhfy7Y8ez5UVysLQxvCceXjLZa Dfx6O40kKgLlNBJNFZeP/5LFuVHMo337qVovYadJ4gDTaVm3iAsXMQFE8W2j/0UPcdjN vvMg== X-Gm-Message-State: APjAAAUFIs9o9M/v2KLZDCcI0oipv5k6s3DgJQEpcyUAbb+NbFyUproo Qp9IK3MHjpQtxxV7ZO9vuQ4= X-Google-Smtp-Source: APXvYqxpLKNYy999PQi4A8ZYKDV6wQY/l/rT+Jl9meaSFMYBvV0GkdmWopiuXitxSYQnc/QapUcSDg== X-Received: by 2002:a9d:6a8f:: with SMTP id l15mr21320302otq.59.1575909867526; Mon, 09 Dec 2019 08:44:27 -0800 (PST) Received: from ?IPv6:2600:1700:a3a0:4c80:794c:7c66:451f:c72b? ([2600:1700:a3a0:4c80:794c:7c66:451f:c72b]) by smtp.gmail.com with ESMTPSA id y6sm91007oti.44.2019.12.09.08.44.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Dec 2019 08:44:26 -0800 (PST) To: "Murray S. Kucherawy" Cc: Tim Wicinski , IETF DMARC WG , "Kurt Andersen (b)" , Scott Kitterman References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> From: Dave Crocker Message-ID: <082f2102-693c-136d-874c-1182f12a6818@gmail.com> Date: Mon, 9 Dec 2019 08:44:22 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Dec 2019 16:44:31 -0000 On 12/3/2019 11:42 PM, Murray S. Kucherawy wrote: ... > I think there's a healthy > dose of feeling that the experiment as it's currently designed > couldn't possibly scale to "the entire domain namespace" and/or "all > servers on the Internet", so in that sense from where I sit there's a > built in safeguard against this becoming a permanent wart. Rather, > it's primed as a possibly useful data collection exercise. The IETF does not typically -- or, as far as I recall, ever -- promote specifications known not to scale. (While I think of this concern as foundational to the IETF, it's a bit odd that nothing like it is included in the IETF's "Mission and principles" statement.[1]) Perhaps even more importantly, I don't recall the IETF ever promoting a specification that was /expected/ to be thrown away, in favor of then doing the 'real' specification. I do believe such work is sometimes done in the I/R/TF. Note that, for example, this view of throwing a spec away and starting over is quite different from wanting to let the market choose between competing specs. Also, viewing this scaling limitation as a safeguard has recently and notably proved wrong. cf, DMARC. It was designed for a very limited scenario. Then it got re-purposed in the field, by some operators having significant leverage. Worse, publishing a spec always carries the likelihood of operational momentum. If the spec has real utility, it tends to get implemented and used. That creates pressure against replacing it, because that's expensive and possibly disruptive. > Comparing it to the "obs" grammars of days of yore, the PSD proposal > is much too expensive to become engrained as-is, whereas the old > grammars were relatively easy to carry forward. I don't quite grok the reference to "obs", and mostly think of the introduction of that construct in RFC 2822 as an interesting idea that, itself, failed. (I see it as being instructive on the challenges of designing for transition from an installed base.) > Perhaps there are exampls of IETF experiments that have permitted > entirely starting over, but mostly those only happen when there is a > complete failure, and those typically are called experiments. > > ATPS (RFC 6541) was Experimental, and it flatly failed. For a more > visible example, Sender ID was Experimental, and I would argue it did > too. Should they not have been? All sorts of experimental specs fail. But they aren't /expected/ to fail. And they aren't expected to be unable to scale. Mostly, IETF/Experimental is used to check whether a spec is operationally viable -- it's expected to be but the community isn't quite sure -- or to check for community interest. The latter constitutes market research, not technical research. A pointedly friendly reading of the relevant Guidelines might seem to support the publication under IETF/Experimental being proposed here, but a more critical one probably doesn't and I think that this use of the label doesn't really match common practice.[2] On 12/7/2019 12:11 PM, Scott Kitterman wrote: >> Remind me again the the additional work is that might be too much? >> Isn't it just another DNS lookup for the org domain -1... of which >> there are maybe a couple thousand and easily cacheable? >> >> This seems way less than say the additional work for ARC. > It's slightly more. There's also a check to see if a LPSD (org -1) > is a PSD > DMARC participant. Exactly how to document that is the major > unresolved question that we should evaluate experimentally. It might > be one of three > things: First, this sort of exchange highlights the need for considering basic operational issues carefully and before publication. Second, it highlights the challenges of doing that in a way that isn't myopic. What is easy/cheap for highly motivated, expert, well-resourced participants might not be all that easy or cheap for the larger Internet community. (This is the operational side of scalability.) The real challenge for most IETF specs is community engagement, not engineering adequacy. Some additional thoughts: The example that Tim added, of RFC 7706, is of an efficiency mechanism, not a basic and required addition to the architecture. The difference is important here. Also, any suggestion to rely on a published list ignores the history of problems with such lists, as well as at least requiring a careful specification for the list and a basis for believing it will be maintained well. d/ [1] Mission and principles [2] https://ietf.org/standards/process/informational-vs-experimental/ -- Dave Crocker Brandenburg InternetWorking bbiw.net -- Dave Crocker Brandenburg InternetWorking bbiw.net From nobody Mon Dec 9 16:41:45 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75D0912006E for ; Mon, 9 Dec 2019 16:41:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.499 X-Spam-Level: X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MvDa8MNzXiXM for ; Mon, 9 Dec 2019 16:41:41 -0800 (PST) Received: from mail-vk1-xa2d.google.com (mail-vk1-xa2d.google.com [IPv6:2607:f8b0:4864:20::a2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63886120020 for ; Mon, 9 Dec 2019 16:41:41 -0800 (PST) Received: by mail-vk1-xa2d.google.com with SMTP id w67so1378256vkf.1 for ; Mon, 09 Dec 2019 16:41:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WhVsFQTtLYPF2fvCLHzbO2zDf2lhHf+/+rLyZ2RdvLM=; b=dVv+dZnuaCxSUtn6aaVSQR/0JGFHUwA58g2QP62XT8iOWA+BCXN7P+BXgYurNXqEZV lpB2ShbNHEUPaJOp7V4FtIdpS2Dct33odflgMI5MUwZEaxxzW53fDDvXS6UfcdfTlYqj xqFOXAreLyAlX7MYrEBGdw2/0NA1iUJS76K8nwTakXL4MObHFsYIDdQD5lDG1jGDQ+z+ a39UZQWoa1qHxtq5UTJJbECgMahrt8QgvLa/KSOkEgph02/IWJ2QbKTJ25NB/Oftris6 i9zsXCaVjS8jPiWuM1RDJ1PaM83fBRQXdOBvYNpAC1ATXAdKIMp5UnugALF5CvVDD8HD 2bQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WhVsFQTtLYPF2fvCLHzbO2zDf2lhHf+/+rLyZ2RdvLM=; b=n7FASlj7HzfiLoRXYzG9kO+bm1HXqetcTe9W6L/NIo0LOZ/VM21iaob21IpU66bRrE JCbmyV1dJ5tsa+YrsSPf/qGmedXRS9cCzmBh/R9s2ojsMMlWYU9BAsgqwU+iFYj3ewQq 1S9iqdGE1jCemc8f/NlTJRYLexZd5yLqfH8ds2Rw3kdJNghGkje9DE4E42xHTMBj7b4U djZ0U/57ER8mw0ZVLo6r3Yeg3v6UeDJ6F7eOBcBnLY7X9u1ei93lQ7BQR4xoOT/aViUe 5C2OAvO2lZ8PuTaFcnVKLJ0O38PdDTbxiE9sHi7ZEK6TFrxMGi+41jb39cIvXU9gUjXD kXeg== X-Gm-Message-State: APjAAAUl3tvUjMrTL8lkPR75AD3LTB0LvrW5gLhAvpf7i9P0FdyTn/yN 5d5+gA/5WbseEndPEMSNVJJL2Dp4QQAcPc8pSDB5 X-Google-Smtp-Source: APXvYqwCyMQfZLY52RcPnF+VTiKvKzFs/fqPwMe0CUnQmpkOilSozYgefynYoeKbotZJCCWb9GVTCy+TRKPYsxSAz1g= X-Received: by 2002:a1f:7dcd:: with SMTP id y196mr16229091vkc.29.1575938499782; Mon, 09 Dec 2019 16:41:39 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> In-Reply-To: <082f2102-693c-136d-874c-1182f12a6818@gmail.com> From: Brandon Long Date: Mon, 9 Dec 2019 16:41:27 -0800 Message-ID: To: Dave Crocker Cc: "Murray S. Kucherawy" , Tim Wicinski , IETF DMARC WG , Scott Kitterman , "Kurt Andersen (b)" Content-Type: multipart/alternative; boundary="0000000000007823e505994ec674" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 00:41:43 -0000 --0000000000007823e505994ec674 Content-Type: text/plain; charset="UTF-8" On Mon, Dec 9, 2019 at 8:44 AM Dave Crocker wrote: > On 12/7/2019 12:11 PM, Scott Kitterman wrote: > >> Remind me again the the additional work is that might be too much? > >> Isn't it just another DNS lookup for the org domain -1... of which > >> there are maybe a couple thousand and easily cacheable? > >> > >> This seems way less than say the additional work for ARC. > > It's slightly more. There's also a check to see if a LPSD (org -1) > > is a PSD > DMARC participant. Exactly how to document that is the major > > unresolved question that we should evaluate experimentally. It might > > be one of three > > things: > > First, this sort of exchange highlights the need for considering basic > operational issues carefully and before publication. > > Second, it highlights the challenges of doing that in a way that isn't > myopic. What is easy/cheap for highly motivated, expert, well-resourced > participants might not be all that easy or cheap for the larger Internet > community. (This is the operational side of scalability.) > Ah, re-reading the spec, I'd guess we're talking about the scalability of psddmarc.org. [snip] Also, any suggestion to rely on a published list ignores the history of > problems with such lists, as well as at least requiring a careful > specification for the list and a basis for believing it will be > maintained well. I mean, the PSL is already a maintained object. Is this new detail something that has different ownership/privacy/etc concerns than the existing details? I'm sure I probably missed this, but couldn't we avoid this question by just mandating no reporting for non-existing organizational domains? Is that a non-starter? Brandon --0000000000007823e505994ec674 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, Dec 9, 2019 at 8:44 AM Dave C= rocker <dcrocker@gmail.com>= wrote:
On 12/7/= 2019 12:11 PM, Scott Kitterman wrote:
>> Remind me again the the additional work is that might be too much?=
>> Isn't it just another DNS lookup for the org domain -1... of w= hich
>> there are maybe a couple thousand and easily cacheable?
>>
>> This seems way less than say the additional work for ARC.
> It's slightly more.=C2=A0 There's also a check to see if a LPS= D (org -1)
> is a PSD > DMARC participant.=C2=A0 Exactly how to document that is= the major
> unresolved question that we should evaluate experimentally.=C2=A0 It m= ight
> be one of three
> things:

First, this sort of exchange highlights the need for considering basic
operational issues carefully and before publication.

Second, it highlights the challenges of doing that in a way that isn't =
myopic.=C2=A0 What is easy/cheap for highly motivated, expert, well-resourc= ed
participants might not be all that easy or cheap for the larger Internet community.=C2=A0 (This is the operational side of scalability.)

Ah, re-reading the spec, I'd guess we're t= alking about the scalability of psddmarc.or= g.

[snip]=C2=A0

Also, any suggestion to rely on a p= ublished list ignores the history of
problems with such lists, as well as at least requiring a careful
specification for the list and a basis for believing it will be
maintained well.

I mean, the PSL is already= a maintained object.=C2=A0 Is this new detail something
that has= different ownership/privacy/etc concerns than the existing details?
<= div>
I'm sure I probably missed this, but couldn't we avoid this= question by just mandating
no reporting for non-existing organiz= ational domains?=C2=A0 Is that a non-starter?

Bran= don=C2=A0
--0000000000007823e505994ec674-- From nobody Mon Dec 9 16:54:17 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33DE912021C for ; Mon, 9 Dec 2019 16:54:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_FAIL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=JI32lmzp; dkim=pass (2048-bit key) header.d=kitterman.com header.b=RaC9huS3 Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8baasLGRt-pz for ; Mon, 9 Dec 2019 16:54:14 -0800 (PST) Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1835612002F for ; Mon, 9 Dec 2019 16:54:14 -0800 (PST) Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) by interserver.kitterman.com (Postfix) with ESMTPS id 875A1F80267 for ; Mon, 9 Dec 2019 19:54:11 -0500 (EST) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1575939251; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=lVIJ9YxYjPhVXlDHnUDRReEc748C/zpEHT76HENK4jE=; b=JI32lmzpgeOkE1ca68MO8Zm67wZSDdtddJiwxecgUMzk++o4eiK9QM3o RT9AWc8Lpvflvrv7vLy/aIcsL1WNDg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1575939251; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=lVIJ9YxYjPhVXlDHnUDRReEc748C/zpEHT76HENK4jE=; b=RaC9huS3+KS8Z9+qlVnU0ZETD3ndydquM96+BWufTminvXvouZXpxxoo 3XPzAndqIE0ldIs/NelNZa01tjgFINENNR7ZR+VOJXrAqGK5bM/IAJwDME 4cbPUAvBGnU6zafAa+tVzmGjrBzKmnDwDCKy722CGpRHUsE15xrI4lj7u3 YD4exgBsKMICaLC3B1bXmP9V2c8hcFxpGjj6+PAArpVJHygQdlTWMWQUk+ RIDkWERR6aLz1ZeUZp4jLMTs9n/y8c28dFE85YJwfdUbdd2QFsHnJAO5PK yZO5jNzEPbmsiAkxGyw+5CU3xdIebwfkoMLbUUlSleRJ9PQW5nH4hw== Received: from l5580.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id 5B078F80096 for ; Mon, 9 Dec 2019 19:54:11 -0500 (EST) From: Scott Kitterman To: IETF DMARC WG Date: Mon, 09 Dec 2019 19:54:10 -0500 Message-ID: <92703458.QmNNAb80T6@l5580> In-Reply-To: References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 00:54:16 -0000 On Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote: > On Mon, Dec 9, 2019 at 8:44 AM Dave Crocker wrote: > > On 12/7/2019 12:11 PM, Scott Kitterman wrote: > > >> Remind me again the the additional work is that might be too much? > > >> Isn't it just another DNS lookup for the org domain -1... of which > > >> there are maybe a couple thousand and easily cacheable? > > >> > > >> This seems way less than say the additional work for ARC. > > > > > > It's slightly more. There's also a check to see if a LPSD (org -1) > > > is a PSD > DMARC participant. Exactly how to document that is the major > > > unresolved question that we should evaluate experimentally. It might > > > be one of three > > > > > things: > > First, this sort of exchange highlights the need for considering basic > > operational issues carefully and before publication. > > > > Second, it highlights the challenges of doing that in a way that isn't > > myopic. What is easy/cheap for highly motivated, expert, well-resourced > > participants might not be all that easy or cheap for the larger Internet > > community. (This is the operational side of scalability.) > > Ah, re-reading the spec, I'd guess we're talking about the scalability of > psddmarc.org. It's only relevant for the purposes of the experiment. Part of coming to consensus on the longer term plan would be making sure we have a scalable approach for determining PSD DMARC participants. > [snip] > > > Also, any suggestion to rely on a published list ignores the history of > > problems with such lists, as well as at least requiring a careful > > specification for the list and a basis for believing it will be > > maintained well. > > I mean, the PSL is already a maintained object. Is this new detail > something > that has different ownership/privacy/etc concerns than the existing details? > > I'm sure I probably missed this, but couldn't we avoid this question by > just mandating > no reporting for non-existing organizational domains? Is that a > non-starter? It's one of the use cases we are trying to cover. I don't know if that makes it a non-starter. Scott K From nobody Mon Dec 9 18:27:03 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D03C412002F for ; Mon, 9 Dec 2019 18:27:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xeShq67CStff for ; Mon, 9 Dec 2019 18:27:00 -0800 (PST) Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E711A12001A for ; Mon, 9 Dec 2019 18:26:59 -0800 (PST) Received: by mail-il1-x12b.google.com with SMTP id u16so14709828ilg.10 for ; Mon, 09 Dec 2019 18:26:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=FBEhbm3+F06CZzminPTzbazle6AF+lxsCLtiV3g5sIs=; b=YuRQfIfcr7DkYo4qrAW7koWGjNb0GOBMrEeKxm/1IowtrzjmxpsvAgw6y8uzKz3/k0 Dav3EkIkA64samve+0+u49QZE+z0G0oR3Ks6y6OD864TWFMZX7J6U3AJoWWOGH+qkzM8 Lmh/MYGfgjCIqHyVfVoummnKWNP8dHp7stneU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FBEhbm3+F06CZzminPTzbazle6AF+lxsCLtiV3g5sIs=; b=jQd4MrP/YEruDAnSDCQqoh3mQxdINomH4ODx73+PreGoU+j8XILDL06DlYo2l5ZnNK MmB60hmLvuDklvMog4WKFZkB2WwkG5jrFC+JI9UebpJdD8/dsTWWp9FiXVf1om6J3v9I 5MRU+kUFqhcexJoOuyi0e8oFoxmnWtiXJ9zw/nMh32w15CkLgQ/7AzEbu+ZYV8UUl5rL lkgv6pljZwr8SRG2TObzgJM8Qj1yCLPcEGk5f0psBntTvBNgZPx32Qs4Wzq6PG9rPtJ/ pt+g/FES2u8EU1UW60hC7FxvLBpcHAt+L8NSWqJURK3fuUnEczuPX1O055JQIscyLFWR wLAQ== X-Gm-Message-State: APjAAAWYlb6EpUu6dwlBYDWJGb/VUMWhor//184nxq0AVdkcQg29wHu6 aIoYGip/lbKG8Mt7PuCX7zgmBfFfvDNvJvnuPFs4qLhH6Nw= X-Google-Smtp-Source: APXvYqwjmpgCV4o0nwkYxXm2QdgZgfskRj2oxdjipqPXwzi+S7G9OpVVb7l9g2vxqZyU3JogHw6wvEyjThBZNcEDxR0= X-Received: by 2002:a92:360b:: with SMTP id d11mr31819769ila.23.1575944819030; Mon, 09 Dec 2019 18:26:59 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> <92703458.QmNNAb80T6@l5580> In-Reply-To: <92703458.QmNNAb80T6@l5580> From: "Kurt Andersen (b)" Date: Mon, 9 Dec 2019 18:26:36 -0800 Message-ID: To: Scott Kitterman Cc: IETF DMARC WG Content-Type: multipart/alternative; boundary="0000000000001fda8b0599503fa8" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 02:27:02 -0000 --0000000000001fda8b0599503fa8 Content-Type: text/plain; charset="UTF-8" On Mon, Dec 9, 2019 at 4:54 PM Scott Kitterman wrote: > On Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote: > > > I'm sure I probably missed this, but couldn't we avoid this question by > just mandating no reporting for non-existing organizational domains? Is > that a non-starter? > > It's one of the use cases we are trying to cover. I don't know if that > makes it a non-starter. > Unless I'm misunderstanding Brandon's suggestion, it seems like you (Brandon) are asking if doing no reporting on missing org domains solves the scalability problem. *Getting* reports for missing org domains is the main purpose of the PSD proposal so it would render the purpose moot. --Kurt --0000000000001fda8b0599503fa8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Dec 9, 2019 at 4:54 PM Scott Kitt= erman <sklist@kitterman.com&= gt; wrote:
On Monday, December 9, 2019 7:41:27 PM EST Brandon Lo= ng wrote:

> I'm sure I probably missed this, but couldn't we avoid this qu= estion by just mandating no reporting for non-existing organizational domai= ns?=C2=A0 Is that a non-starter?

It's one of the use cases we are trying to cover.=C2=A0 I don't kno= w if that makes=C2=A0it a non-starter.

= Unless I'm misunderstanding Brandon's suggestion, it seems like you= (Brandon) are asking if doing no reporting on missing org domains solves t= he scalability problem. *Getting* reports for missing org domains is the ma= in purpose of the PSD proposal so it would render the purpose moot.

--Kurt=C2=A0
--0000000000001fda8b0599503fa8-- From nobody Mon Dec 9 18:33:50 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77DF11200C7 for ; Mon, 9 Dec 2019 18:33:48 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JoESJT9bF2Dn for ; Mon, 9 Dec 2019 18:33:46 -0800 (PST) Received: from mail-oi1-x22e.google.com (mail-oi1-x22e.google.com [IPv6:2607:f8b0:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C806612001A for ; Mon, 9 Dec 2019 18:33:46 -0800 (PST) Received: by mail-oi1-x22e.google.com with SMTP id x195so8436594oix.4 for ; Mon, 09 Dec 2019 18:33:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=dqVyaU8q65bKlaouF8JiIMhXMYRYzfzWPveTdFi/6zs=; b=juybC4JDdwKktAXeDlhP8wzW9AnRcgvhwY2cLLM9M0HU79m1AT2Ix/H0l9VUZivHt0 cVM1Z2vsG1niuDMR4zUgMhoj+XRb/QPUmHi1KtEq1zcQ5HuguoUSmw3+ILoY1g82BWiV 5kkHUq0HaeQM2/B3ljtjXNExe8SD+RZSik7E5H8CffaMtfy51DsYgrgEaANQWO8qpj9l /rbTWfftL9uT1IsM0kWhcdIjlWdrGlMDgHr9RaHU4mzNkNsRZD5OmshfyIHU+TsPQ3hR XQ17IknwjqLoMINGQ1A+JcLa3DJyBp6xsJOA/1a8Ss/gtYwe3NpWLEupkf+LyQHkgvzQ T/gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=dqVyaU8q65bKlaouF8JiIMhXMYRYzfzWPveTdFi/6zs=; b=hnqb71YGG35nj9/5ziS6ncoQy9hQ6ueiA5adc7boFwVK/mIZ7HAFUt9o2xePRZZy6u EZ6MzKJwzeMVEFkyranDsYK8vG2iSAjeKG2qgs7UV+nHKwCs6t05X+QqVgUx4xhMdk2A s5ZaADvY+8Ph2d+owp0pXLga1EjWE+hJ8gRhzUnBZuh93nJ9Q8R1ChH6THs1Xbo198Wa RrZur6Gw5zXRJrK4daxWs3cZkXSNGlTBDSmSAqGn9HszNNd2Cht4B9F5W+VZmGygLern xKAtBjdMxDFYLPKyw65sxhaSdLXJ5+hw0fy/jMlrhj8IsXYsTkPb0D/Ok0PjffddXVqc g3Pw== X-Gm-Message-State: APjAAAUJq7eR86AcCMcN2M51BAuTiQuSObk9fuJw5ClqH0NYQhBCIWMP 0Zk+yyZw+zvOp43+eiBq36g= X-Google-Smtp-Source: APXvYqzbLSFYMGxTqHS5rqvUqumiHVORbyYd+7g4wOczbFC++E+vRvxJEFK3o5NN/r/x260jxXpA9A== X-Received: by 2002:aca:cdca:: with SMTP id d193mr2120003oig.152.1575945225906; Mon, 09 Dec 2019 18:33:45 -0800 (PST) Received: from ?IPv6:2600:1700:a3a0:4c80:794c:7c66:451f:c72b? ([2600:1700:a3a0:4c80:794c:7c66:451f:c72b]) by smtp.gmail.com with ESMTPSA id q22sm806997otm.2.2019.12.09.18.33.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Dec 2019 18:33:45 -0800 (PST) To: Brandon Long Cc: "Murray S. Kucherawy" , Tim Wicinski , IETF DMARC WG , Scott Kitterman , "Kurt Andersen (b)" References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> From: Dave Crocker Message-ID: Date: Mon, 9 Dec 2019 18:33:39 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------CE9E399E29F4FC1ECC28D091" Content-Language: en-US Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 02:33:49 -0000 This is a multi-part message in MIME format. --------------CE9E399E29F4FC1ECC28D091 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit On 12/9/2019 4:41 PM, Brandon Long wrote: > I mean, the PSL is already a maintained object.  Is this new detail > something > that has different ownership/privacy/etc concerns than the existing > details? So, ummm, you want to replace one problematic operation with another? On the consumption side, I've only heard comments that the PSL has problems.  On the provision side, I've heard vigorous and repeated claims of overwork of the the volunteer force, sufficient that there is no bandwidth for dealing with revision/replacement efforts. > I'm sure I probably missed this, but couldn't we avoid this question > by just mandating > no reporting for non-existing organizational domains?  Is that a > non-starter? Without commenting on the merits of that suggesting, I'll offer that it is an example of why this spec is -- at its very best -- still incomplete, or at least the thinking about how it will get used is incomplete. (if workable at scale.) d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net --------------CE9E399E29F4FC1ECC28D091 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
On 12/9/2019 4:41 PM, Brandon Long wrote:
I mean, the PSL is already a maintained object.  Is this new detail something
that has different ownership/privacy/etc concerns than the existing details?

So, ummm, you want to replace one problematic operation with another?

On the consumption side, I've only heard comments that the PSL has problems.  On the provision side, I've heard vigorous and repeated claims of overwork of the the volunteer force, sufficient that there is no bandwidth for dealing with revision/replacement efforts.

I'm sure I probably missed this, but couldn't we avoid this question by just mandating
no reporting for non-existing organizational domains?  Is that a non-starter?

Without commenting on the merits of that suggesting, I'll offer that it is an example of why this spec is -- at its very best -- still incomplete, or at least the thinking about how it will get used is incomplete.  (if workable at scale.)

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net
--------------CE9E399E29F4FC1ECC28D091-- From nobody Tue Dec 10 14:13:38 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03F2412018D for ; Tue, 10 Dec 2019 14:13:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.499 X-Spam-Level: X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lP1NGwQs7VAB for ; Tue, 10 Dec 2019 14:13:35 -0800 (PST) Received: from mail-ua1-x929.google.com (mail-ua1-x929.google.com [IPv6:2607:f8b0:4864:20::929]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC05C1200D7 for ; Tue, 10 Dec 2019 14:13:34 -0800 (PST) Received: by mail-ua1-x929.google.com with SMTP id k33so4417213uag.3 for ; Tue, 10 Dec 2019 14:13:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UbInjtDAb+cSTONrAnLCUhGLjHdnLhMr48xIfrUJlw0=; b=jEVxCNNc76eG47/A/2v/ZJ1OSKi2j2l9qY283dkg7q0NYAa9NANHbv0iyyc8kA0fXd Qs3gpCQI/ChNqCrlHhSsYAbv2+OSgkoaqGnqz3Eu/5V6+ph71To4igTDHrpKBhf+fR6n jSuNa3Vy3KEABiiWtdxq3Bmo2k4K/NnsSVQ2kmhzVjTdI654UiIOHFvplpxn1gYryOmG NOy72wNR6ZL1KxuDfJsijPg0EteBzSIBbT1zj/FsMu/62Y/ct4nakFaFq8opv5jDNoPj 6QpwQBsoMgOkOEN/z7dB7ofA5R6FzHsY7Nm/ukDSla2U32fE47dP5HQNg5y5Vnbx+nSj tBGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UbInjtDAb+cSTONrAnLCUhGLjHdnLhMr48xIfrUJlw0=; b=PJmV5Z94WIj/vLq+kgf+11PN5uQG4ElwPs8Md/HY5qL32DYIQB1658/noDBbVz+T6H 2hcARGT2lSm/P5z6+hG3a9YYCJxv1/0azCqf/WVVoCN+HXLduaRrAY6fxVuy1+s0HB/z Uvae5jJovxlxLbOCVkuGvAEzJLc6fqiG44b9D/g7Jy1vao78OVY7KcCNGKuLC+T/7Zx1 gi4gWozWWAjHTBa3DgzWG+qi1R4d6SpWgv52gN6/OIeCraGwhsOJlNeRVDX0KEMkF0a8 dRc0Uk1CMImebIa+XWfNMGTMOODP2XxfsM2m6V5N/lJRdJEmbMERmbDj3cL8ezdOn0ep No+A== X-Gm-Message-State: APjAAAXq2wTiiCFfPGQF6jIchbDHEFS9o8e30LUxhSR4j+ON+9MK0lJD 7NVVN208prUcnBBhFMAuthe83fgHfjXWh8Tsi0qc X-Google-Smtp-Source: APXvYqzw/FBiDp30bhbJGjFbckMeeanM0eORIwIs18VPPdxpR0J4cv7lG42ZEtJXiPbXcCq0z92jI7/acZIoG6XPBTg= X-Received: by 2002:ab0:21cb:: with SMTP id u11mr31008630uan.16.1576016013098; Tue, 10 Dec 2019 14:13:33 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> <92703458.QmNNAb80T6@l5580> In-Reply-To: From: Brandon Long Date: Tue, 10 Dec 2019 14:13:21 -0800 Message-ID: To: "Kurt Andersen (b)" Cc: Scott Kitterman , IETF DMARC WG Content-Type: multipart/alternative; boundary="0000000000009f7882059960d2f8" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 22:13:37 -0000 --0000000000009f7882059960d2f8 Content-Type: text/plain; charset="UTF-8" On Mon, Dec 9, 2019 at 6:27 PM Kurt Andersen (b) wrote: > On Mon, Dec 9, 2019 at 4:54 PM Scott Kitterman > wrote: > >> On Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote: >> >> > I'm sure I probably missed this, but couldn't we avoid this question by >> just mandating no reporting for non-existing organizational domains? Is >> that a non-starter? >> >> It's one of the use cases we are trying to cover. I don't know if that >> makes it a non-starter. >> > > Unless I'm misunderstanding Brandon's suggestion, it seems like you > (Brandon) are asking if doing no reporting on missing org domains solves > the scalability problem. *Getting* reports for missing org domains is the > main purpose of the PSD proposal so it would render the purpose moot. > Hmm, I guess I don't see it that way. Preventing phishing attacks from nonexistent.gov.uk, insomuch as DMARC can be used for such, seems way more important than the reporting. Obviously, getting to p=reject without reporting is more challenging. You can certainly have policy without reporting. Brandon --0000000000009f7882059960d2f8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, Dec 9, 2019 at 6:27 PM Kurt A= ndersen (b) <kboth@drkurt.com>= ; wrote:
On Mon, Dec 9, 2019 at 4:54 PM Scott Kitterman &= lt;sklist@kitterm= an.com> wrote:
On Monday, December 9, 2019 7:41:27 PM EST= Brandon Long wrote:

> I'm sure I probably missed this, but couldn't we avoid this qu= estion by just mandating no reporting for non-existing organizational domai= ns?=C2=A0 Is that a non-starter?

It's one of the use cases we are trying to cover.=C2=A0 I don't kno= w if that makes=C2=A0it a non-starter.

= Unless I'm misunderstanding Brandon's suggestion, it seems like you= (Brandon) are asking if doing no reporting on missing org domains solves t= he scalability problem. *Getting* reports for missing org domains is the ma= in purpose of the PSD proposal so it would render the purpose moot.

Hmm, I guess I don't see it = that way.

Preventing phishing attacks from nonexistent.gov.uk, insomuch as DMARC ca= n be used for such, seems way more important than the reporting.=C2=A0 Obvi= ously, getting to p=3Dreject without reporting is more challenging.=C2=A0 Y= ou can certainly have policy without reporting.

Br= andon=C2=A0
--0000000000009f7882059960d2f8-- From nobody Tue Dec 10 14:15:37 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EA2812018D for ; Tue, 10 Dec 2019 14:15:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.5 X-Spam-Level: X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Atof84LAGpn for ; Tue, 10 Dec 2019 14:15:34 -0800 (PST) Received: from mail-vs1-xe30.google.com (mail-vs1-xe30.google.com [IPv6:2607:f8b0:4864:20::e30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 981F51200D7 for ; Tue, 10 Dec 2019 14:15:34 -0800 (PST) Received: by mail-vs1-xe30.google.com with SMTP id t12so14291460vso.13 for ; Tue, 10 Dec 2019 14:15:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BykQfmtBWusm2qCg+s9Qk8SFVtttQI9wccVH5ocmm4A=; b=X2Rfk9I++1FYZJcbkBzBSisjAzLkX/zzbbI8I8LEeey7eOucZh0ZTWjDBgN9h0OROr wKtFA4axj5aIicvGf75G+18+WZCsC9+G9qkvB5PNA42Z2sI39zog8mnv3DHL3wWpfb5m 2D0jEeLBJSTM+4BtxWB/phlUHzu/SwflXKsDKZ0ab/6V7dXleMcuf/l2UBpEomqoAprl uLoXZcCdxl2Yb0nTQay1LETxOCAtVpeMFV7XQ7MEGu8ZbZ9dOEUcb9lzxnlIK01r/lSV KCaRxXRZbaeBqhnslJu18mCZ9ZY7VPVMZzYazNzsoJwPHwgL3OEMqBjFP6we0J1T1XTZ dzdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BykQfmtBWusm2qCg+s9Qk8SFVtttQI9wccVH5ocmm4A=; b=kn4NgOjFblvUdGP27+Qdd4huJ0BNlhMovAyLqZ9DW7ZIwAn7QpfBF0O7Id7SknCfKP VR9sEICYcNi5OihlA+ykjzLBh3LydwaozUP0xwVDNYKUEs6mp4szT6JdyHF0F1MNtpG4 CEbVA7XT0QXmzi+vCDtYvUnl7b64mq40bpHGr6Hmzk3iDe+1ULm2rnI45m7gfpGGZfBf miVEXeSvTIFAwhLV1q35Rypvf995cW3uckKTUi09nTWazF7aKZcCAUzr89FJ7GwCi+1z haJ6XkkbiGE/qypx9PPQh5uCJ7hpLTntF0inMNFBQ1QpKdwVgg1bzmCA4gkfJVU6txOE EZ9A== X-Gm-Message-State: APjAAAWrBGCvjB/p7JgvxEeTNDlcwL7iJTEHTGy7NZbn5RBN5igKly+R Zom9cRXobIS4u7MpcYskOasHZB/iuxhWbU9nKX2P X-Google-Smtp-Source: APXvYqyJDb9Z9Dolq9uuggDfuBYKw5tpl6t5+/Diea7g3nQeI8N1yzrursMkbLboLcNr+KVRIejZfHGlSbmxT5pbN9M= X-Received: by 2002:a67:bb18:: with SMTP id m24mr26098994vsn.92.1576016133176; Tue, 10 Dec 2019 14:15:33 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <74a0ea49-7a46-4eb6-c297-cd703f63bd1b@gmail.com> <9DE9E7DC-FE60-4952-8595-B2D087A6B780@kitterman.com> <79b1cbe6-8a53-9157-63de-210fd2bad89a@dcrocker.net> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> In-Reply-To: From: Brandon Long Date: Tue, 10 Dec 2019 14:15:21 -0800 Message-ID: To: Dave Crocker Cc: "Murray S. Kucherawy" , Tim Wicinski , IETF DMARC WG , Scott Kitterman , "Kurt Andersen (b)" Content-Type: multipart/alternative; boundary="000000000000c7cb43059960d94d" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 22:15:36 -0000 --000000000000c7cb43059960d94d Content-Type: text/plain; charset="UTF-8" On Mon, Dec 9, 2019 at 6:33 PM Dave Crocker wrote: > On 12/9/2019 4:41 PM, Brandon Long wrote: > > I mean, the PSL is already a maintained object. Is this new detail > something > that has different ownership/privacy/etc concerns than the existing > details? > > So, ummm, you want to replace one problematic operation with another? > DMARC already depends on the PSL, so an extension that also depends on it doesn't seem out of place. > On the consumption side, I've only heard comments that the PSL has > problems. On the provision side, I've heard vigorous and repeated claims > of overwork of the the volunteer force, sufficient that there is no > bandwidth for dealing with revision/replacement efforts. > Understandable. Brandon --000000000000c7cb43059960d94d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, Dec 9, 2019 at 6:33 PM Dave C= rocker <dcrocker@gmail.com>= wrote:
=20 =20 =20
On 12/9/2019 4:41 PM, Brandon Long wrote:
I mean, the PSL is already a maintained object.=C2=A0 Is this ne= w detail something
that has different ownership/privacy/etc concerns than the existing details?

So, ummm, you want to replace one problematic operation with another?

DMARC already depends on the PSL,= so an extension=C2=A0that also depends on it doesn't seem out of place= .

On the consumption side, I've only heard comments that the PSL has problems.=C2=A0 On the provision side, I've heard vigorous an= d repeated claims of overwork of the the volunteer force, sufficient that there is no bandwidth for dealing with revision/replacement efforts.

Understandable.
Brandon
--000000000000c7cb43059960d94d-- From nobody Wed Dec 11 07:46:02 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4D61120B56 for ; Wed, 11 Dec 2019 07:46:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mnXLIZgVn8Bv for ; Wed, 11 Dec 2019 07:45:58 -0800 (PST) Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C286A120AF0 for ; Wed, 11 Dec 2019 07:45:58 -0800 (PST) Received: by mail-io1-xd2f.google.com with SMTP id w3so3645218iot.11 for ; Wed, 11 Dec 2019 07:45:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ukblskYV7wPflNWDOxbUqgIq+N6CkC+BdTbOqPIouFM=; b=X+d6HhWfq10CIiyjTXV0ry/xepnFGJd6rA/m3d+qUD/eItz2wfHvNXzQkHlMY0/riS 2sM5zNvurTI0T6Ck1nwoUXZblX+ixCtP7ntizDkOlNzjm653vcQBe4laDZyfG3ATUQr9 PabyHCj5+EmG8Y8JA1MQrB1+Zl52NzJ5tKQyg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ukblskYV7wPflNWDOxbUqgIq+N6CkC+BdTbOqPIouFM=; b=C5U4wmqcyv9RBTDr8IKnnP5XUusZ9MClTzlhdy4dR85ZKuhYDckChJwEd1LwWgPHU0 yQHu45+40fKlCZQD/gI7bwOs7rRvmWpD/arH+WR1dgfezvCNGk+6+rQKtFBqqgW2+EQL i3JRIyH8wXikX4DBdgzd+v20xqs4uCXh+ioddg8Ig+u5I8L+mEs8RmA44/pS03ovpvMj sRztwMcmRfzcq78hEdneApSBZ77Iv6bG8LfaK+53Q7le7NF9YFSi7x4CYjpEsRA1Un6U MnwpV8cHzIY1/1OE+j+hL3fDlp2kmrjJaZdP0QhWd2I9UbaBfmiJlz8f4Rm5fCT9fvTc nOlA== X-Gm-Message-State: APjAAAVHASUtTZg+g2Ka9e3LlxvScxBdDOGCSYFhpcgvHWkYa74JON4E yCHN0CjZ/man2Udz8ewyY/kWCVSN1mm+opdFW+GuWg== X-Google-Smtp-Source: APXvYqzqSLkHFaxagasAROHQfcF2cSU4NGxlrDwH2TWCr1bOd7PgWqjxjZteY9RVhmyfY8FiPX+bf7myA7n71MaVTdM= X-Received: by 2002:a5d:8c8c:: with SMTP id g12mr1777519ion.23.1576079157687; Wed, 11 Dec 2019 07:45:57 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> <92703458.QmNNAb80T6@l5580> In-Reply-To: From: "Kurt Andersen (b)" Date: Wed, 11 Dec 2019 07:45:32 -0800 Message-ID: To: Brandon Long Cc: Scott Kitterman , IETF DMARC WG Content-Type: multipart/alternative; boundary="000000000000550c6f05996f86d3" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Dec 2019 15:46:01 -0000 --000000000000550c6f05996f86d3 Content-Type: text/plain; charset="UTF-8" On Tue, Dec 10, 2019 at 2:13 PM Brandon Long wrote: > > On Mon, Dec 9, 2019 at 6:27 PM Kurt Andersen (b) wrote: > >> On Mon, Dec 9, 2019 at 4:54 PM Scott Kitterman >> wrote: >> >>> On Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote: >>> >>> > I'm sure I probably missed this, but couldn't we avoid this question >>> by just mandating no reporting for non-existing organizational domains? Is >>> that a non-starter? >>> >>> It's one of the use cases we are trying to cover. I don't know if that >>> makes it a non-starter. >>> >> >> Unless I'm misunderstanding Brandon's suggestion, it seems like you >> (Brandon) are asking if doing no reporting on missing org domains solves >> the scalability problem. *Getting* reports for missing org domains is the >> main purpose of the PSD proposal so it would render the purpose moot. >> > > Hmm, I guess I don't see it that way. > > Preventing phishing attacks from nonexistent.gov.uk, insomuch as DMARC > can be used for such, seems way more important than the reporting. > Obviously, getting to p=reject without reporting is more challenging. You > can certainly have policy without reporting. > While it is very true that receivers may implement validation and possibly enforcement without reporting, we could solve the use case of phishing from missing org-level domains by the same approach that we can solve it from any missing domain - just don't accept mail from such bogus sources. That does not help the overseers of a domain realm (org-1, aka LPSD) to tackle takedowns or public awareness campaigns against such abuse though. --Kurt --000000000000550c6f05996f86d3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Tue, Dec 10, 2019 at 2:13 PM Brandon L= ong <blong@google.com> wrote:=

On Mon, Dec 9, 2019 at 6:27 P= M Kurt Andersen (b) <kboth@drkurt.com> wrote:
On Mon, Dec 9, 2019 at= 4:54 PM Scott Kitterman <sklist@kitterman.com> wrote:
On Monday, Decem= ber 9, 2019 7:41:27 PM EST Brandon Long wrote:

> I'm sure I probably missed this, but couldn't we avoid this qu= estion by just mandating no reporting for non-existing organizational domai= ns?=C2=A0 Is that a non-starter?

It's one of the use cases we are trying to cover.=C2=A0 I don't kno= w if that makes=C2=A0it a non-starter.

= Unless I'm misunderstanding Brandon's suggestion, it seems like you= (Brandon) are asking if doing no reporting on missing org domains solves t= he scalability problem. *Getting* reports for missing org domains is the ma= in purpose of the PSD proposal so it would render the purpose moot.

Hmm, I guess I don't see it = that way.

Preventing phishing attacks from nonexistent.gov.uk, in= somuch as DMARC can be used for such, seems way more important than the rep= orting.=C2=A0 Obviously, getting to p=3Dreject without reporting is more ch= allenging.=C2=A0 You can certainly have policy without reporting.

While it is very true that receive= rs may implement validation and possibly enforcement without reporting, we = could solve the use case of phishing from missing org-level domains by the = same approach that we can solve it from any missing domain - just don't= accept mail from such bogus sources. That does not help the overseers of a= domain realm (org-1, aka LPSD) to tackle takedowns or public awareness cam= paigns against such abuse though.

--Kurt=C2=A0
--000000000000550c6f05996f86d3-- From nobody Thu Dec 12 15:38:10 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EF3312012A for ; Thu, 12 Dec 2019 15:38:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.499 X-Spam-Level: X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mP9GBKGVs7jg for ; Thu, 12 Dec 2019 15:38:06 -0800 (PST) Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 372B8120019 for ; Thu, 12 Dec 2019 15:38:06 -0800 (PST) Received: by mail-ua1-x92d.google.com with SMTP id w20so159109uap.1 for ; Thu, 12 Dec 2019 15:38:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ff2ILbj+MO1KLdZKBFvMvsAGdZ1YCfk/o1qnhv0Htdg=; b=ee0PJqmoTGLLOYYndjbeWMybn1YwaRl1qZDv/vzK5qKeJIQt4IBG8N/1M6deJP3lMw OlHOjqoLLe32SeZw0yWjK2lbK3wb/aZo22GEQJ/lJxIZiLteTf4j2FMpsoSKP1He5w31 bhyORVyY7H4F8I+oMAsIN0zdOFPsnThYAG/njOMYvFpG2SKiJ+TKhsRX0XFXNPXADeGB LIF861/6nXokSLAbWZbjd5OwXo9JeChQ/8teFcK+fNXZkENYxAgT/VH0wtFcBHgexLrT mx3/FAs3zFMHEs4vKNWQqxmGCfifpEQbn+vFniNyS5+4Vl+Myz5lz5XQ6rK91GWIua5Q u6cA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ff2ILbj+MO1KLdZKBFvMvsAGdZ1YCfk/o1qnhv0Htdg=; b=PKOCkaP1esAfFDSiiHXxga/s4o1GGCdU/SKPI/bBTAK9RfkTpuIT5TKtlx1aRyW4df 4znKAwkxfBYeHKZpcv18nBAwfpFgC4IFM1dfE8Rmh1rhrCeundTXgr84FjaxjefBTFh9 IN/+sgutdaJzeHchc8UbAPsH4p2eDKXmSL5EWwFjBdqaJFqgeUVGkL6k7veGk1UslEs0 A2uVH6uOwW231FEEr9oR8/hPXVJ0veU5ejN2vzTAuhjsMSwGb5cphutNRElHuA5D1HPU XHyxiiPQYDcUbnGZQRS2EKdk89GbigTLcScAHbEeCgP40wAVTLdEZ6M23K236GWLkWRX ZcCA== X-Gm-Message-State: APjAAAWzYd8W0WgVweHv998J82uIGLQjmnNfb2yDCK3Wpi7SGLDK/TEJ tSmHlYNZxPSlAHbKIvXM8zL/I/XRVU6GrGN0zTvI X-Google-Smtp-Source: APXvYqzKOV8PspL8kadW+e95asX/q7l2q0P4KOMbVBjxf/3qPpouqHLI9Qwq/e8xLumd64nHjEOzgBpOIXrTsPya17U= X-Received: by 2002:ab0:26cd:: with SMTP id b13mr10150127uap.44.1576193884477; Thu, 12 Dec 2019 15:38:04 -0800 (PST) MIME-Version: 1.0 References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> <92703458.QmNNAb80T6@l5580> In-Reply-To: From: Brandon Long Date: Thu, 12 Dec 2019 15:37:52 -0800 Message-ID: To: "Kurt Andersen (b)" Cc: Scott Kitterman , IETF DMARC WG Content-Type: multipart/alternative; boundary="000000000000954e3705998a3ca9" Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Dec 2019 23:38:08 -0000 --000000000000954e3705998a3ca9 Content-Type: text/plain; charset="UTF-8" On Wed, Dec 11, 2019 at 7:45 AM Kurt Andersen (b) wrote: > On Tue, Dec 10, 2019 at 2:13 PM Brandon Long wrote: > >> >> On Mon, Dec 9, 2019 at 6:27 PM Kurt Andersen (b) >> wrote: >> >>> On Mon, Dec 9, 2019 at 4:54 PM Scott Kitterman >>> wrote: >>> >>>> On Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote: >>>> >>>> > I'm sure I probably missed this, but couldn't we avoid this question >>>> by just mandating no reporting for non-existing organizational domains? Is >>>> that a non-starter? >>>> >>>> It's one of the use cases we are trying to cover. I don't know if that >>>> makes it a non-starter. >>>> >>> >>> Unless I'm misunderstanding Brandon's suggestion, it seems like you >>> (Brandon) are asking if doing no reporting on missing org domains solves >>> the scalability problem. *Getting* reports for missing org domains is the >>> main purpose of the PSD proposal so it would render the purpose moot. >>> >> >> Hmm, I guess I don't see it that way. >> >> Preventing phishing attacks from nonexistent.gov.uk, insomuch as DMARC >> can be used for such, seems way more important than the reporting. >> Obviously, getting to p=reject without reporting is more challenging. You >> can certainly have policy without reporting. >> > > While it is very true that receivers may implement validation and possibly > enforcement without reporting, we could solve the use case of phishing from > missing org-level domains by the same approach that we can solve it from > any missing domain - just don't accept mail from such bogus sources. That > does not help the overseers of a domain realm (org-1, aka LPSD) to tackle > takedowns or public awareness campaigns against such abuse though. > I mean, that was also true for all DMARC, the point was the owner was asking everyone to do that. If you're saying we should have a different system for trying to get everyone to not accept messages from non-existent domains... ok, but I'm not sure where that would come from. Maybe no one would be willing to go with np=reject without being able to confirm there's no good mail doing that. That seems more likely to be true for existing large scale branded domains (which I guess gov.uk falls into), whereas setting that policy for the newer branded domains (.google) and multi-organizational (.bank) seems fine without reporting. Brandon --000000000000954e3705998a3ca9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Wed, Dec 11, 2019 at 7:45 AM Kurt = Andersen (b) <kboth@drkurt.com&g= t; wrote:
On Tue, Dec 10, 2019 at 2:13 PM Brandon Long &l= t;blong@google.com> wrote:

On Mon, Dec 9, 20= 19 at 6:27 PM Kurt Andersen (b) <kboth@drkurt.com> wrote:
On Mon, = Dec 9, 2019 at 4:54 PM Scott Kitterman <sklist@kitterman.com> wrote:
On= Monday, December 9, 2019 7:41:27 PM EST Brandon Long wrote:

> I'm sure I probably missed this, but couldn't we avoid this qu= estion by just mandating no reporting for non-existing organizational domai= ns?=C2=A0 Is that a non-starter?

It's one of the use cases we are trying to cover.=C2=A0 I don't kno= w if that makes=C2=A0it a non-starter.

= Unless I'm misunderstanding Brandon's suggestion, it seems like you= (Brandon) are asking if doing no reporting on missing org domains solves t= he scalability problem. *Getting* reports for missing org domains is the ma= in purpose of the PSD proposal so it would render the purpose moot.

Hmm, I guess I don't see it = that way.

Preventing phishing attacks from nonexistent.gov.uk, in= somuch as DMARC can be used for such, seems way more important than the rep= orting.=C2=A0 Obviously, getting to p=3Dreject without reporting is more ch= allenging.=C2=A0 You can certainly have policy without reporting.

While it is very true that receive= rs may implement validation and possibly enforcement without reporting, we = could solve the use case of phishing from missing org-level domains by the = same approach that we can solve it from any missing domain - just don't= accept mail from such bogus sources. That does not help the overseers of a= domain realm (org-1, aka LPSD) to tackle takedowns or public awareness cam= paigns against such abuse though.

I mean, that was also true for all DMARC, the point was the owner = was asking everyone to do that.=C2=A0 If you're saying we should have a= different system for trying to get everyone to not accept messages from no= n-existent domains... ok, but I'm not sure where that would come from.<= /div>

Maybe no one would be willing to go with np=3Dreject without = being able to confirm there's no good mail doing that.=C2=A0 That seems= more likely to be true for existing large scale branded domains (which I g= uess gov.uk falls into), whereas setting that= policy for the newer branded domains (.google) and multi-organizational (.= bank) seems fine without reporting.

Brandon=C2=A0<= /div>
--000000000000954e3705998a3ca9-- From nobody Fri Dec 13 01:31:22 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B840D120232 for ; Fri, 13 Dec 2019 01:31:21 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.301 X-Spam-Level: X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XD35sAj9pGoQ for ; Fri, 13 Dec 2019 01:31:20 -0800 (PST) Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F5BE1201EF for ; Fri, 13 Dec 2019 01:31:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1576229477; bh=uI1ykFbAKPMN59rJk2ov4Hm1bltUA7+1P44Cjd1I15M=; l=1158; h=To:Cc:References:From:Date:In-Reply-To; b=BH+nyd77LDMXS5n2uJyBUpShunapxGFLWG9fbFX2eUJhb4HIK4TvFhC6EioHxv4O7 hG7d+K8oOGjrd3VsD4SxldXbdxwHflw5rHuK8uvhBwZgp2iPUU1a52fSJfah8FCehE zURzr/lCvPn7bKoryJnCILHNHR1+rilsB7OwPTH1jSUgNGFy1X3VmdJOjOr5X Authentication-Results: tana.it; auth=pass (details omitted) Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.2, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC03D.000000005DF35A65.00001DC8; Fri, 13 Dec 2019 10:31:17 +0100 To: "Murray S. Kucherawy" Cc: IETF DMARC WG References: <20191111155410.12A31E9E35A@ary.qy> From: Alessandro Vesely Openpgp: preference=signencrypt Message-ID: Date: Fri, 13 Dec 2019 10:31:17 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Dec 2019 09:31:22 -0000 On Tue 03/Dec/2019 21:22:28 +0100 Murray S. Kucherawy wrote: > Assuming the ptype we're talking about is "dns" which is defined in the same > document, the definition is terse and there's not much guidance for the > designated expert about what things should be allowed with respect to future > registrations.  I think Scott basically said the same thing.  I'd like to see > those points addressed before green lighting it. The doc just says "The property being reported belongs to the Domain Name System". I think that definition broadly includes any tag found in a domain's TXT record. For example, we could agree that within a resinfo of a given method, any dns ptype refers to tags in the relevant record or retrieval thereof, unless otherwise specified. So one could have, say: Authentication-Results: example.com; spf=pass smtp.mailfrom=example.net dns.sec=y; dkim=pass header.i=@example.org header.b=jIvx30NG dns.s=tlsrpt The point is where would such kind of convention be made explicit. I don't see what additional text can be added to the dnswl I-D in order to make that issue clearer. Any proposal? Best Ale -- From nobody Fri Dec 20 05:32:32 2019 Return-Path: X-Original-To: dmarc@ietfa.amsl.com Delivered-To: dmarc@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AD64120111 for ; Fri, 20 Dec 2019 05:32:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URI_HEX=0.1] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HGgRlQhe5Gqz for ; Fri, 20 Dec 2019 05:32:27 -0800 (PST) Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110121.outbound.protection.outlook.com [40.107.11.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C960120025 for ; Fri, 20 Dec 2019 05:32:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X200NNZqe/hAiGDo5oGO+wKjPcK1Js4nmkx5ZMVHeGsgnELFPD1RelpxthmCvJj3q/U+QPXZgcqGfsh/1RcXy/LfD3f/eO0c77BbfFmhPyzFPBWenKPzWkrUMvguMxzImHcpDwLSku+LrnDd6sBGhJ6FDAhdbnXddcHcJ6bfEYTaZn+hPGFd3B9UZflsRnTa7qde0Q/fcfn2Qxk1c4GvvjSv47kAq8Iww4W7EBXhoeiFiSZzlH/QWVgkp3/ogWfcaL3B9PDepbrBuTeZ6ELKi64BvkFOT0NMC1Y1E2d7a97+vSa2JqwxSuTcdsEFKGhEujL9KB6dmS4sCjowmevLJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=anRSCk1/XH709pht26YormrjJBv+HwV5LTGCw0n5tpA=; b=hFiR32phP/SMCNv/nrr/WUlg2wqTwA2oOUV3m+VWREHxQtwDneVJ0E8yy4TM9r7bWGX7mG923vRjfc5Be2v/t/xgnHFej3Xz/dkXyuGr6knDeYK9UMdkFgZhxSuba5n9qJaevpPXlEtyPdCt9o4+zY0CDRMZobesceIPLBOG8SFaJYy+uBe9Wh6jZeqIizgnkaM472dhKBtLBhT/tC4dTSkTGBX+OajSHBu+DFRQmKZK6vPviotQOwCbu9dfA0ylLP3gpTgsXeR3jzdLg+7VGoJzjFcm7AiEmU0EAqvphdtCIZQRN1L5Z4OyudVyNR8LAKu7jHQh3GiBTlfL0gZ87g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=anRSCk1/XH709pht26YormrjJBv+HwV5LTGCw0n5tpA=; b=k8C9LHJiS2D3cQAYmf6fa91QHfrAEf61EA6HmqiYj2Geo/T9vk2EFWl2c72GIhSUhkFhuq54ROZbRLcGzLwqVQTk6+m7LqBGm6nqY0veqY4/HuTptybk2AmK1TjkCainVlTwRgRqB6l54SgpJKVYTk0p68qHrajqKqBBd950MMQ= Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM (20.176.157.151) by LO2P123MB2511.GBRP123.PROD.OUTLOOK.COM (20.176.155.213) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2559.15; Fri, 20 Dec 2019 13:32:24 +0000 Received: from LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::b07d:fef5:217b:2f3d]) by LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM ([fe80::b07d:fef5:217b:2f3d%7]) with mapi id 15.20.2559.016; Fri, 20 Dec 2019 13:32:24 +0000 From: Ian Levy To: Brandon Long , "Kurt Andersen (b)" CC: IETF DMARC WG , Scott Kitterman Thread-Topic: [dmarc-ietf] Comment on draft-ietf-dmarc-psd Thread-Index: AQHVUkRUHW06UOOZ+kq6kqLLLMMrLqcaPC6AgANurWOAaHWPgIAADzIAgAAY2wCAAGFPgIAAblcAgCMwBICACHMnAIAAhUuAgAADjgCAABnTAIABS5OAgAEl+gCAAhZNAIAL5+rw Date: Fri, 20 Dec 2019 13:32:24 +0000 Message-ID: References: <728d7df1-d563-82f4-bfb3-a65a75fdd662@gmail.com> <082f2102-693c-136d-874c-1182f12a6818@gmail.com> <92703458.QmNNAb80T6@l5580> In-Reply-To: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=ian.levy@ncsc.gov.uk; x-originating-ip: [51.141.26.231] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 65e379f2-68e2-4603-7c02-08d785510ca7 x-ms-traffictypediagnostic: LO2P123MB2511: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:3826; x-forefront-prvs: 025796F161 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(376002)(346002)(136003)(366004)(396003)(39850400004)(189003)(199004)(33656002)(186003)(66446008)(71200400001)(44832011)(2906002)(55236004)(26005)(5660300002)(4326008)(478600001)(52536014)(81156014)(8676002)(81166006)(8936002)(6506007)(53546011)(55016002)(54906003)(66476007)(86362001)(7696005)(9686003)(316002)(76116006)(110136005)(66946007)(64756008)(66556008); DIR:OUT; SFP:1102; SCL:1; SRVR:LO2P123MB2511; H:LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: eK/wFsPO5oaghDv33nN2MwL0FUcYSAI8cEkPGQVP+nDUMQKjaQBxyQPjHc0TREaDHS7eJVg58Mc2Z27STN6IZFwbAVadKL5WDOgwObVsUBZKvv2sNBcPPEgolbL2D23hytPiJxXNzEx/oSlvLyMhsnOpHMgIZ3CsHftvYDqtIwbWDG3dQ0WAyfhX87inJ2DeyjNL5+3rHlqoWXt8jODDh6KjhJbVy6SDRyg3YCOQQygxZqYvhV8j/c/D31K8Roy40ydj/9UnXs9qdD7wViwhwWMxAYGVq1dry393+aejFoJ3r81KgDbaRpOgIFwaydKr5XcF5cot6TaorXzR+GnLx1QZgTu/xN7dPrtW8xHapCaG6qv44XJEwyZxGeuYTQsnkyvOvhEBRgvE8slkKeha4ip5zf7oyqXYm/cSotuLS8Vizu0+5xp1WMDeIWs3rBslSjA/4egR8pSc5W3JsQItxNgJfxntyCixAAj6vxfW+CQ= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_LO2P123MB228540329379ED4FBF497072C92D0LO2P123MB2285GBRP_" MIME-Version: 1.0 X-OriginatorOrg: ncsc.gov.uk X-MS-Exchange-CrossTenant-Network-Message-Id: 65e379f2-68e2-4603-7c02-08d785510ca7 X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Dec 2019 13:32:24.6483 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: X3BVsYtOClXJS/Y8RAqPpZ7nL10Z+PtperwCopDqhCvAICz6EuAHJ0MX9nQKSx7wh4VlzIu3z5oWbUSw50li6w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB2511 Archived-At: Subject: Re: [dmarc-ietf] Comment on draft-ietf-dmarc-psd X-BeenThere: dmarc@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Dec 2019 13:32:31 -0000 --_000_LO2P123MB228540329379ED4FBF497072C92D0LO2P123MB2285GBRP_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 ICAqICAgTWF5YmUgbm8gb25lIHdvdWxkIGJlIHdpbGxpbmcgdG8gZ28gd2l0aCBucD1yZWplY3Qg d2l0aG91dCBiZWluZyBhYmxlIHRvIGNvbmZpcm0gdGhlcmUncyBubyBnb29kIG1haWwgZG9pbmcg dGhhdC4NCg0KRXhhY3RseSB0aGlzLiBBcyB3ZeKAmXZlIHB1c2hlZCBETUFSQyBhY3Jvc3MgZ292 LnVrIHdl4oCZdmUgZm91bmQgYWxsIHNvcnRzIG9mIGludGVyZXN0aW5nIHRoaW5ncyBpbiB0aGUg cmVwb3J0aW5nIHdlIGdldC4NCg0KVGEuDQoNCkkuDQoNCi0tDQpEciBJYW4gTGV2eQ0KVGVjaG5p Y2FsIERpcmVjdG9yDQpOYXRpb25hbCBDeWJlciBTZWN1cml0eSBDZW50cmUNCmlhbkBuY3NjLmdv di51azxtYWlsdG86aWFuQG5jc2MuZ292LnVrPg0KDQpTdGFmZiBPZmZpY2VyIDogS2F0ZSBBdGtp bnMsIGthdGUuYUBuY3NjLmdvdi51azxtYWlsdG86a2F0ZS5hQG5jc2MuZ292LnVrPg0KUHJvbm91 bnMgOiBoZS9oaW0NCg0KKEkgd29yayBzdHVwaWQgaG91cnMgYW5kIHdlaXJkIHRpbWVzIOKAkyB0 aGF0IGRvZXNu4oCZdCBtZWFuIHlvdSBoYXZlIHRvLiBJZiB0aGlzIGFycml2ZXMgb3V0c2lkZSB5 b3VyIG5vcm1hbCB3b3JraW5nIGhvdXJzLCBkb27igJl0IGZlZWwgY29tcGVsbGVkIHRvIHJlc3Bv bmQgaW1tZWRpYXRlbHkhKQ0KDQpGcm9tOiBkbWFyYyA8ZG1hcmMtYm91bmNlc0BpZXRmLm9yZz4g T24gQmVoYWxmIE9mIEJyYW5kb24gTG9uZw0KU2VudDogMTIgRGVjZW1iZXIgMjAxOSAyMzozOA0K VG86IEt1cnQgQW5kZXJzZW4gKGIpIDxrYm90aEBkcmt1cnQuY29tPg0KQ2M6IElFVEYgRE1BUkMg V0cgPGRtYXJjQGlldGYub3JnPjsgU2NvdHQgS2l0dGVybWFuIDxza2xpc3RAa2l0dGVybWFuLmNv bT4NClN1YmplY3Q6IFJlOiBbZG1hcmMtaWV0Zl0gQ29tbWVudCBvbiBkcmFmdC1pZXRmLWRtYXJj LXBzZA0KDQoNCg0KT24gV2VkLCBEZWMgMTEsIDIwMTkgYXQgNzo0NSBBTSBLdXJ0IEFuZGVyc2Vu IChiKSA8a2JvdGhAZHJrdXJ0LmNvbTxtYWlsdG86a2JvdGhAZHJrdXJ0LmNvbT4+IHdyb3RlOg0K T24gVHVlLCBEZWMgMTAsIDIwMTkgYXQgMjoxMyBQTSBCcmFuZG9uIExvbmcgPGJsb25nQGdvb2ds ZS5jb208bWFpbHRvOmJsb25nQGdvb2dsZS5jb20+PiB3cm90ZToNCg0KT24gTW9uLCBEZWMgOSwg MjAxOSBhdCA2OjI3IFBNIEt1cnQgQW5kZXJzZW4gKGIpIDxrYm90aEBkcmt1cnQuY29tPG1haWx0 bzprYm90aEBkcmt1cnQuY29tPj4gd3JvdGU6DQpPbiBNb24sIERlYyA5LCAyMDE5IGF0IDQ6NTQg UE0gU2NvdHQgS2l0dGVybWFuIDxza2xpc3RAa2l0dGVybWFuLmNvbTxtYWlsdG86c2tsaXN0QGtp dHRlcm1hbi5jb20+PiB3cm90ZToNCk9uIE1vbmRheSwgRGVjZW1iZXIgOSwgMjAxOSA3OjQxOjI3 IFBNIEVTVCBCcmFuZG9uIExvbmcgd3JvdGU6DQoNCj4gSSdtIHN1cmUgSSBwcm9iYWJseSBtaXNz ZWQgdGhpcywgYnV0IGNvdWxkbid0IHdlIGF2b2lkIHRoaXMgcXVlc3Rpb24gYnkganVzdCBtYW5k YXRpbmcgbm8gcmVwb3J0aW5nIGZvciBub24tZXhpc3Rpbmcgb3JnYW5pemF0aW9uYWwgZG9tYWlu cz8gIElzIHRoYXQgYSBub24tc3RhcnRlcj8NCg0KSXQncyBvbmUgb2YgdGhlIHVzZSBjYXNlcyB3 ZSBhcmUgdHJ5aW5nIHRvIGNvdmVyLiAgSSBkb24ndCBrbm93IGlmIHRoYXQgbWFrZXMgaXQgYSBu b24tc3RhcnRlci4NCg0KVW5sZXNzIEknbSBtaXN1bmRlcnN0YW5kaW5nIEJyYW5kb24ncyBzdWdn ZXN0aW9uLCBpdCBzZWVtcyBsaWtlIHlvdSAoQnJhbmRvbikgYXJlIGFza2luZyBpZiBkb2luZyBu byByZXBvcnRpbmcgb24gbWlzc2luZyBvcmcgZG9tYWlucyBzb2x2ZXMgdGhlIHNjYWxhYmlsaXR5 IHByb2JsZW0uICpHZXR0aW5nKiByZXBvcnRzIGZvciBtaXNzaW5nIG9yZyBkb21haW5zIGlzIHRo ZSBtYWluIHB1cnBvc2Ugb2YgdGhlIFBTRCBwcm9wb3NhbCBzbyBpdCB3b3VsZCByZW5kZXIgdGhl IHB1cnBvc2UgbW9vdC4NCg0KSG1tLCBJIGd1ZXNzIEkgZG9uJ3Qgc2VlIGl0IHRoYXQgd2F5Lg0K DQpQcmV2ZW50aW5nIHBoaXNoaW5nIGF0dGFja3MgZnJvbSBub25leGlzdGVudC5nb3YudWs8aHR0 cHM6Ly9ldXIwMy5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmNvbS8/dXJsPWh0dHAlM0El MkYlMkZub25leGlzdGVudC5nb3YudWsmZGF0YT0wMiU3QzAxJTdDaWFuLmxldnklNDBuY3NjLmdv di51ayU3QzUyMjMwNmMwYThhODRhY2E0YTczMDhkNzdmNWM1ZDRiJTdDMTRhYTU3NDRlY2UxNDc0 ZWEyZDczNGY0NmRkYTY0YTElN0MwJTdDMCU3QzYzNzExNzkwNjk4NzIzNjIxNSZzZGF0YT1CZTVR UkwxTndlZXdkTGwyRTZVYnVsaUtSV3FBRVpiMEtQUzdZVzhubjVFJTNEJnJlc2VydmVkPTA+LCBp bnNvbXVjaCBhcyBETUFSQyBjYW4gYmUgdXNlZCBmb3Igc3VjaCwgc2VlbXMgd2F5IG1vcmUgaW1w b3J0YW50IHRoYW4gdGhlIHJlcG9ydGluZy4gIE9idmlvdXNseSwgZ2V0dGluZyB0byBwPXJlamVj dCB3aXRob3V0IHJlcG9ydGluZyBpcyBtb3JlIGNoYWxsZW5naW5nLiAgWW91IGNhbiBjZXJ0YWlu bHkgaGF2ZSBwb2xpY3kgd2l0aG91dCByZXBvcnRpbmcuDQoNCldoaWxlIGl0IGlzIHZlcnkgdHJ1 ZSB0aGF0IHJlY2VpdmVycyBtYXkgaW1wbGVtZW50IHZhbGlkYXRpb24gYW5kIHBvc3NpYmx5IGVu Zm9yY2VtZW50IHdpdGhvdXQgcmVwb3J0aW5nLCB3ZSBjb3VsZCBzb2x2ZSB0aGUgdXNlIGNhc2Ug b2YgcGhpc2hpbmcgZnJvbSBtaXNzaW5nIG9yZy1sZXZlbCBkb21haW5zIGJ5IHRoZSBzYW1lIGFw cHJvYWNoIHRoYXQgd2UgY2FuIHNvbHZlIGl0IGZyb20gYW55IG1pc3NpbmcgZG9tYWluIC0ganVz dCBkb24ndCBhY2NlcHQgbWFpbCBmcm9tIHN1Y2ggYm9ndXMgc291cmNlcy4gVGhhdCBkb2VzIG5v dCBoZWxwIHRoZSBvdmVyc2VlcnMgb2YgYSBkb21haW4gcmVhbG0gKG9yZy0xLCBha2EgTFBTRCkg dG8gdGFja2xlIHRha2Vkb3ducyBvciBwdWJsaWMgYXdhcmVuZXNzIGNhbXBhaWducyBhZ2FpbnN0 IHN1Y2ggYWJ1c2UgdGhvdWdoLg0KDQpJIG1lYW4sIHRoYXQgd2FzIGFsc28gdHJ1ZSBmb3IgYWxs IERNQVJDLCB0aGUgcG9pbnQgd2FzIHRoZSBvd25lciB3YXMgYXNraW5nIGV2ZXJ5b25lIHRvIGRv IHRoYXQuICBJZiB5b3UncmUgc2F5aW5nIHdlIHNob3VsZCBoYXZlIGEgZGlmZmVyZW50IHN5c3Rl bSBmb3IgdHJ5aW5nIHRvIGdldCBldmVyeW9uZSB0byBub3QgYWNjZXB0IG1lc3NhZ2VzIGZyb20g bm9uLWV4aXN0ZW50IGRvbWFpbnMuLi4gb2ssIGJ1dCBJJ20gbm90IHN1cmUgd2hlcmUgdGhhdCB3 b3VsZCBjb21lIGZyb20uDQoNCk1heWJlIG5vIG9uZSB3b3VsZCBiZSB3aWxsaW5nIHRvIGdvIHdp dGggbnA9cmVqZWN0IHdpdGhvdXQgYmVpbmcgYWJsZSB0byBjb25maXJtIHRoZXJlJ3Mgbm8gZ29v ZCBtYWlsIGRvaW5nIHRoYXQuICBUaGF0IHNlZW1zIG1vcmUgbGlrZWx5IHRvIGJlIHRydWUgZm9y IGV4aXN0aW5nIGxhcmdlIHNjYWxlIGJyYW5kZWQgZG9tYWlucyAod2hpY2ggSSBndWVzcyBnb3Yu dWs8aHR0cHM6Ly9ldXIwMy5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmNvbS8/dXJsPWh0 dHAlM0ElMkYlMkZnb3YudWsmZGF0YT0wMiU3QzAxJTdDaWFuLmxldnklNDBuY3NjLmdvdi51ayU3 QzUyMjMwNmMwYThhODRhY2E0YTczMDhkNzdmNWM1ZDRiJTdDMTRhYTU3NDRlY2UxNDc0ZWEyZDcz NGY0NmRkYTY0YTElN0MwJTdDMCU3QzYzNzExNzkwNjk4NzI0NjIxMSZzZGF0YT1BRGw4bTR0RW5T VzJ0enVrNmRXSVZVN3N4OFklMkJSVVElMkZTMWNmZnhqc3VPVSUzRCZyZXNlcnZlZD0wPiBmYWxs cyBpbnRvKSwgd2hlcmVhcyBzZXR0aW5nIHRoYXQgcG9saWN5IGZvciB0aGUgbmV3ZXIgYnJhbmRl ZCBkb21haW5zICguZ29vZ2xlKSBhbmQgbXVsdGktb3JnYW5pemF0aW9uYWwgKC5iYW5rKSBzZWVt cyBmaW5lIHdpdGhvdXQgcmVwb3J0aW5nLg0KDQpCcmFuZG9uDQpUaGlzIGluZm9ybWF0aW9uIGlz IGV4ZW1wdCB1bmRlciB0aGUgRnJlZWRvbSBvZiBJbmZvcm1hdGlvbiBBY3QgMjAwMCAoRk9JQSkg YW5kIG1heSBiZSBleGVtcHQgdW5kZXIgb3RoZXIgVUsgaW5mb3JtYXRpb24gbGVnaXNsYXRpb24u IFJlZmVyIGFueSBGT0lBIHF1ZXJpZXMgdG8gbmNzY2luZm9sZWdAbmNzYy5nb3YudWsuIEFsbCBt YXRlcmlhbCBpcyBVSyBDcm93biBDb3B5cmlnaHQgwqkNCg== --_000_LO2P123MB228540329379ED4FBF497072C92D0LO2P123MB2285GBRP_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 V2luZ2RpbmdzOw0KCXBhbm9zZS0xOjUgMCAwIDAgMCAwIDAgMCAwIDA7fQ0KQGZvbnQtZmFjZQ0K CXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2IDMg MiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1 IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWws IGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGNtOw0KCW1hcmdpbi1ib3R0 b206LjAwMDFwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixz YW5zLXNlcmlmO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXByaW9y aXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQphOnZp c2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5 Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnAuTXNvTGlz dFBhcmFncmFwaCwgbGkuTXNvTGlzdFBhcmFncmFwaCwgZGl2Lk1zb0xpc3RQYXJhZ3JhcGgNCgl7 bXNvLXN0eWxlLXByaW9yaXR5OjM0Ow0KCW1hcmdpbi10b3A6MGNtOw0KCW1hcmdpbi1yaWdodDow Y207DQoJbWFyZ2luLWJvdHRvbTowY207DQoJbWFyZ2luLWxlZnQ6MzYuMHB0Ow0KCW1hcmdpbi1i b3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJp IixzYW5zLXNlcmlmO30NCnAubXNvbm9ybWFsMCwgbGkubXNvbm9ybWFsMCwgZGl2Lm1zb25vcm1h bDANCgl7bXNvLXN0eWxlLW5hbWU6bXNvbm9ybWFsOw0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRv Ow0KCW1hcmdpbi1yaWdodDowY207DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFy Z2luLWxlZnQ6MGNtOw0KCWZvbnQtc2l6ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmki LHNhbnMtc2VyaWY7fQ0Kc3Bhbi5FbWFpbFN0eWxlMTgNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29u YWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJY29sb3I6d2lu ZG93dGV4dDt9DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQtb25seTsN Cglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjYxMi4wcHQg NzkyLjBwdDsNCgltYXJnaW46NzIuMHB0IDcyLjBwdCA3Mi4wcHQgNzIuMHB0O30NCmRpdi5Xb3Jk U2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLyogTGlzdCBEZWZpbml0aW9ucyAqLw0K QGxpc3QgbDANCgl7bXNvLWxpc3QtaWQ6NTIzNzg1Mjk1Ow0KCW1zby1saXN0LXR5cGU6aHlicmlk Ow0KCW1zby1saXN0LXRlbXBsYXRlLWlkczo4OTg4MDQ3MjIgMTE1OTIwMjY4MiAxMzQ4MDc1NTUg MTM0ODA3NTU3IDEzNDgwNzU1MyAxMzQ4MDc1NTUgMTM0ODA3NTU3IDEzNDgwNzU1MyAxMzQ4MDc1 NTUgMTM0ODA3NTU3O30NCkBsaXN0IGwwOmxldmVsMQ0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1h dDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674OYOw0KCW1zby1sZXZlbC10YWItc3RvcDpub25l Ow0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotMTguMHB0 Ow0KCWZvbnQtZmFtaWx5OldpbmdkaW5nczsNCgltc28tZmFyZWFzdC1mb250LWZhbWlseTpDYWxp YnJpOw0KCW1zby1iaWRpLWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iO30NCkBsaXN0IGww OmxldmVsMg0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRl eHQ6bzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0 aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDsNCglmb250LWZhbWlseToiQ291cmllciBO ZXciO30NCkBsaXN0IGwwOmxldmVsMw0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7 DQoJbXNvLWxldmVsLXRleHQ674KnOw0KCW1zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1s ZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotMTguMHB0Ow0KCWZvbnQt ZmFtaWx5OldpbmdkaW5nczt9DQpAbGlzdCBsMDpsZXZlbDQNCgl7bXNvLWxldmVsLW51bWJlci1m b3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CtzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6 bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4 LjBwdDsNCglmb250LWZhbWlseTpTeW1ib2w7fQ0KQGxpc3QgbDA6bGV2ZWw1DQoJe21zby1sZXZl bC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDpvOw0KCW1zby1sZXZlbC10 YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWlu ZGVudDotMTguMHB0Ow0KCWZvbnQtZmFtaWx5OiJDb3VyaWVyIE5ldyI7fQ0KQGxpc3QgbDA6bGV2 ZWw2DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrv gqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlv bjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJZm9udC1mYW1pbHk6V2luZ2RpbmdzO30N CkBsaXN0IGwwOmxldmVsNw0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNv LWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1u dW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotMTguMHB0Ow0KCWZvbnQtZmFtaWx5 OlN5bWJvbDt9DQpAbGlzdCBsMDpsZXZlbDgNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVs bGV0Ow0KCW1zby1sZXZlbC10ZXh0Om87DQoJbXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNv LWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJZm9u dC1mYW1pbHk6IkNvdXJpZXIgTmV3Ijt9DQpAbGlzdCBsMDpsZXZlbDkNCgl7bXNvLWxldmVsLW51 bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFi LXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRl bnQ6LTE4LjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0Kb2wNCgl7bWFyZ2luLWJvdHRv bTowY207fQ0KdWwNCgl7bWFyZ2luLWJvdHRvbTowY207fQ0KLS0+PC9zdHlsZT48IS0tW2lmIGd0 ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQiIHNwaWRtYXg9IjEw MjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNo YXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0IiBkYXRhPSIxIiAv Pg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFkPg0KPGJvZHkgbGFu Zz0iRU4tR0IiIGxpbms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiPg0KPGRpdiBjbGFzcz0iV29yZFNl Y3Rpb24xIj4NCjx1bCBzdHlsZT0ibWFyZ2luLXRvcDowY20iIHR5cGU9ImRpc2MiPg0KPGxpIGNs YXNzPSJNc29MaXN0UGFyYWdyYXBoIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MGNtO21zby1saXN0Omww IGxldmVsMSBsZm8xIj5NYXliZSBubyBvbmUgd291bGQgYmUgd2lsbGluZyB0byBnbyB3aXRoIG5w PXJlamVjdCB3aXRob3V0IGJlaW5nIGFibGUgdG8gY29uZmlybSB0aGVyZSdzIG5vIGdvb2QgbWFp bCBkb2luZyB0aGF0LiZuYnNwOzxzcGFuIHN0eWxlPSJtc28tZmFyZWFzdC1sYW5ndWFnZTpFTi1V UyI+PG86cD48L286cD48L3NwYW4+PC9saT48L3VsPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gc3R5bGU9Im1zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwv c3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0ibXNvLWZhcmVhc3Qt bGFuZ3VhZ2U6RU4tVVMiPkV4YWN0bHkgdGhpcy4gQXMgd2XigJl2ZSBwdXNoZWQgRE1BUkMgYWNy b3NzIGdvdi51ayB3ZeKAmXZlIGZvdW5kIGFsbCBzb3J0cyBvZiBpbnRlcmVzdGluZyB0aGluZ3Mg aW4gdGhlIHJlcG9ydGluZyB3ZSBnZXQuDQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0ibXNvLWZhcmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPjxv OnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0 eWxlPSJtc28tZmFyZWFzdC1sYW5ndWFnZTpFTi1VUyI+VGEuPG86cD48L286cD48L3NwYW4+PC9w Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9Im1zby1mYXJlYXN0LWxhbmd1YWdl OkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0ibXNvLWZhcmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPkkuPG86cD48L286cD48 L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9Im1zby1mYXJlYXN0 LWxhbmd1YWdlOkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+LS08bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PkRyIElhbiBMZXZ5PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UZWNobmlj YWwgRGlyZWN0b3I8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPk5hdGlvbmFs IEN5YmVyIFNlY3VyaXR5IENlbnRyZTxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PGEgaHJlZj0ibWFpbHRvOmlhbkBuY3NjLmdvdi51ayI+PHNwYW4gc3R5bGU9ImNvbG9yOiMw NTYzQzEiPmlhbkBuY3NjLmdvdi51azwvc3Bhbj48L2E+PG86cD48L286cD48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PlN0YWZmIE9mZmljZXIgOiBLYXRlIEF0a2lucywgPGEgaHJlZj0ibWFpbHRvOmthdGUuYUBuY3Nj Lmdvdi51ayI+DQo8c3BhbiBzdHlsZT0iY29sb3I6IzA1NjNDMSI+a2F0ZS5hQG5jc2MuZ292LnVr PC9zcGFuPjwvYT48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlByb25vdW5z IDogaGUvaGltPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNw OzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPihJIHdvcmsgc3R1cGlkIGhvdXJzIGFu ZCB3ZWlyZCB0aW1lcyDigJMgdGhhdCBkb2VzbuKAmXQgbWVhbiB5b3UgaGF2ZSB0by4gSWYgdGhp cyBhcnJpdmVzIG91dHNpZGUgeW91ciBub3JtYWwgd29ya2luZyBob3VycywgZG9u4oCZdCBmZWVs IGNvbXBlbGxlZCB0byByZXNwb25kIGltbWVkaWF0ZWx5ISk8bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9Im1zby1mYXJlYXN0LWxhbmd1YWdl OkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0i Ym9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjRTFFMUUxIDEuMHB0O3BhZGRpbmc6My4wcHQg MGNtIDBjbSAwY20iPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gbGFuZz0iRU4tVVMi PkZyb206PC9zcGFuPjwvYj48c3BhbiBsYW5nPSJFTi1VUyI+IGRtYXJjICZsdDtkbWFyYy1ib3Vu Y2VzQGlldGYub3JnJmd0Ow0KPGI+T24gQmVoYWxmIE9mIDwvYj5CcmFuZG9uIExvbmc8YnI+DQo8 Yj5TZW50OjwvYj4gMTIgRGVjZW1iZXIgMjAxOSAyMzozODxicj4NCjxiPlRvOjwvYj4gS3VydCBB bmRlcnNlbiAoYikgJmx0O2tib3RoQGRya3VydC5jb20mZ3Q7PGJyPg0KPGI+Q2M6PC9iPiBJRVRG IERNQVJDIFdHICZsdDtkbWFyY0BpZXRmLm9yZyZndDs7IFNjb3R0IEtpdHRlcm1hbiAmbHQ7c2ts aXN0QGtpdHRlcm1hbi5jb20mZ3Q7PGJyPg0KPGI+U3ViamVjdDo8L2I+IFJlOiBbZG1hcmMtaWV0 Zl0gQ29tbWVudCBvbiBkcmFmdC1pZXRmLWRtYXJjLXBzZDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48 L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0K PGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5PbiBXZWQsIERlYyAxMSwgMjAxOSBh dCA3OjQ1IEFNIEt1cnQgQW5kZXJzZW4gKGIpICZsdDs8YSBocmVmPSJtYWlsdG86a2JvdGhAZHJr dXJ0LmNvbSI+a2JvdGhAZHJrdXJ0LmNvbTwvYT4mZ3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0K PC9kaXY+DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQg I0NDQ0NDQyAxLjBwdDtwYWRkaW5nOjBjbSAwY20gMGNtIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0 O21hcmdpbi1yaWdodDowY20iPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5P biBUdWUsIERlYyAxMCwgMjAxOSBhdCAyOjEzIFBNIEJyYW5kb24gTG9uZyAmbHQ7PGEgaHJlZj0i bWFpbHRvOmJsb25nQGdvb2dsZS5jb20iIHRhcmdldD0iX2JsYW5rIj5ibG9uZ0Bnb29nbGUuY29t PC9hPiZndDsgd3JvdGU6PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8YmxvY2txdW90 ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBwdDtwYWRk aW5nOjBjbSAwY20gMGNtIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi1yaWdodDowY20i Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5PbiBNb24sIERl YyA5LCAyMDE5IGF0IDY6MjcgUE0gS3VydCBBbmRlcnNlbiAoYikgJmx0OzxhIGhyZWY9Im1haWx0 bzprYm90aEBkcmt1cnQuY29tIiB0YXJnZXQ9Il9ibGFuayI+a2JvdGhAZHJrdXJ0LmNvbTwvYT4m Z3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9y ZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBwdDtwYWRkaW5nOjBjbSAwY20g MGNtIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi1yaWdodDowY20iPg0KPGRpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5PbiBNb24sIERlYyA5LCAyMDE5IGF0IDQ6NTQgUE0g U2NvdHQgS2l0dGVybWFuICZsdDs8YSBocmVmPSJtYWlsdG86c2tsaXN0QGtpdHRlcm1hbi5jb20i IHRhcmdldD0iX2JsYW5rIj5za2xpc3RAa2l0dGVybWFuLmNvbTwvYT4mZ3Q7IHdyb3RlOjxvOnA+ PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25l O2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowY20gMGNtIDBjbSA2LjBw dDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tcmlnaHQ6MGNtIj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPk9uIE1vbmRheSwgRGVjZW1iZXIgOSwgMjAxOSA3OjQxOjI3IFBNIEVTVCBCcmFuZG9uIExv bmcgd3JvdGU6PGJyPg0KPGJyPg0KJmd0OyBJJ20gc3VyZSBJIHByb2JhYmx5IG1pc3NlZCB0aGlz LCBidXQgY291bGRuJ3Qgd2UgYXZvaWQgdGhpcyBxdWVzdGlvbiBieSBqdXN0IG1hbmRhdGluZyBu byByZXBvcnRpbmcgZm9yIG5vbi1leGlzdGluZyBvcmdhbml6YXRpb25hbCBkb21haW5zPyZuYnNw OyBJcyB0aGF0IGEgbm9uLXN0YXJ0ZXI/PGJyPg0KPGJyPg0KSXQncyBvbmUgb2YgdGhlIHVzZSBj YXNlcyB3ZSBhcmUgdHJ5aW5nIHRvIGNvdmVyLiZuYnNwOyBJIGRvbid0IGtub3cgaWYgdGhhdCBt YWtlcyZuYnNwO2l0IGEgbm9uLXN0YXJ0ZXIuPG86cD48L286cD48L3A+DQo8L2Jsb2NrcXVvdGU+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5Vbmxlc3MgSSdtIG1pc3VuZGVyc3RhbmRp bmcgQnJhbmRvbidzIHN1Z2dlc3Rpb24sIGl0IHNlZW1zIGxpa2UgeW91IChCcmFuZG9uKSBhcmUg YXNraW5nIGlmIGRvaW5nIG5vIHJlcG9ydGluZyBvbiBtaXNzaW5nIG9yZyBkb21haW5zIHNvbHZl cyB0aGUgc2NhbGFiaWxpdHkgcHJvYmxlbS4gKkdldHRpbmcqIHJlcG9ydHMgZm9yIG1pc3Npbmcg b3JnIGRvbWFpbnMgaXMgdGhlIG1haW4gcHVycG9zZSBvZiB0aGUgUFNEDQogcHJvcG9zYWwgc28g aXQgd291bGQgcmVuZGVyIHRoZSBwdXJwb3NlIG1vb3QuPG86cD48L286cD48L3A+DQo8L2Rpdj4N CjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj5IbW0sIEkgZ3Vlc3MgSSBkb24ndCBzZWUgaXQgdGhhdCB3YXkuPG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlByZXZlbnRpbmcgcGhpc2hp bmcgYXR0YWNrcyBmcm9tIDxhIGhyZWY9Imh0dHBzOi8vZXVyMDMuc2FmZWxpbmtzLnByb3RlY3Rp b24ub3V0bG9vay5jb20vP3VybD1odHRwJTNBJTJGJTJGbm9uZXhpc3RlbnQuZ292LnVrJmFtcDtk YXRhPTAyJTdDMDElN0NpYW4ubGV2eSU0MG5jc2MuZ292LnVrJTdDNTIyMzA2YzBhOGE4NGFjYTRh NzMwOGQ3N2Y1YzVkNGIlN0MxNGFhNTc0NGVjZTE0NzRlYTJkNzM0ZjQ2ZGRhNjRhMSU3QzAlN0Mw JTdDNjM3MTE3OTA2OTg3MjM2MjE1JmFtcDtzZGF0YT1CZTVRUkwxTndlZXdkTGwyRTZVYnVsaUtS V3FBRVpiMEtQUzdZVzhubjVFJTNEJmFtcDtyZXNlcnZlZD0wIiB0YXJnZXQ9Il9ibGFuayI+DQpu b25leGlzdGVudC5nb3YudWs8L2E+LCBpbnNvbXVjaCBhcyBETUFSQyBjYW4gYmUgdXNlZCBmb3Ig c3VjaCwgc2VlbXMgd2F5IG1vcmUgaW1wb3J0YW50IHRoYW4gdGhlIHJlcG9ydGluZy4mbmJzcDsg T2J2aW91c2x5LCBnZXR0aW5nIHRvIHA9cmVqZWN0IHdpdGhvdXQgcmVwb3J0aW5nIGlzIG1vcmUg Y2hhbGxlbmdpbmcuJm5ic3A7IFlvdSBjYW4gY2VydGFpbmx5IGhhdmUgcG9saWN5IHdpdGhvdXQg cmVwb3J0aW5nLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ibG9j a3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+V2hpbGUgaXQgaXMgdmVyeSB0 cnVlIHRoYXQgcmVjZWl2ZXJzIG1heSBpbXBsZW1lbnQgdmFsaWRhdGlvbiBhbmQgcG9zc2libHkg ZW5mb3JjZW1lbnQgd2l0aG91dCByZXBvcnRpbmcsIHdlIGNvdWxkIHNvbHZlIHRoZSB1c2UgY2Fz ZSBvZiBwaGlzaGluZyBmcm9tIG1pc3Npbmcgb3JnLWxldmVsIGRvbWFpbnMgYnkgdGhlIHNhbWUg YXBwcm9hY2ggdGhhdCB3ZSBjYW4gc29sdmUgaXQgZnJvbSBhbnkgbWlzc2luZw0KIGRvbWFpbiAt IGp1c3QgZG9uJ3QgYWNjZXB0IG1haWwgZnJvbSBzdWNoIGJvZ3VzIHNvdXJjZXMuIFRoYXQgZG9l cyBub3QgaGVscCB0aGUgb3ZlcnNlZXJzIG9mIGEgZG9tYWluIHJlYWxtIChvcmctMSwgYWthIExQ U0QpIHRvIHRhY2tsZSB0YWtlZG93bnMgb3IgcHVibGljIGF3YXJlbmVzcyBjYW1wYWlnbnMgYWdh aW5zdCBzdWNoIGFidXNlIHRob3VnaC48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8 L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZu YnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkkgbWVh biwgdGhhdCB3YXMgYWxzbyB0cnVlIGZvciBhbGwgRE1BUkMsIHRoZSBwb2ludCB3YXMgdGhlIG93 bmVyIHdhcyBhc2tpbmcgZXZlcnlvbmUgdG8gZG8gdGhhdC4mbmJzcDsgSWYgeW91J3JlIHNheWlu ZyB3ZSBzaG91bGQgaGF2ZSBhIGRpZmZlcmVudCBzeXN0ZW0gZm9yIHRyeWluZyB0byBnZXQgZXZl cnlvbmUgdG8gbm90IGFjY2VwdCBtZXNzYWdlcyBmcm9tIG5vbi1leGlzdGVudCBkb21haW5zLi4u IG9rLCBidXQNCiBJJ20gbm90IHN1cmUgd2hlcmUgdGhhdCB3b3VsZCBjb21lIGZyb20uPG86cD48 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YnI+DQpNYXli ZSBubyBvbmUgd291bGQgYmUgd2lsbGluZyB0byBnbyB3aXRoIG5wPXJlamVjdCB3aXRob3V0IGJl aW5nIGFibGUgdG8gY29uZmlybSB0aGVyZSdzIG5vIGdvb2QgbWFpbCBkb2luZyB0aGF0LiZuYnNw OyBUaGF0IHNlZW1zIG1vcmUgbGlrZWx5IHRvIGJlIHRydWUgZm9yIGV4aXN0aW5nIGxhcmdlIHNj YWxlIGJyYW5kZWQgZG9tYWlucyAod2hpY2ggSSBndWVzcw0KPGEgaHJlZj0iaHR0cHM6Ly9ldXIw My5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmNvbS8/dXJsPWh0dHAlM0ElMkYlMkZnb3Yu dWsmYW1wO2RhdGE9MDIlN0MwMSU3Q2lhbi5sZXZ5JTQwbmNzYy5nb3YudWslN0M1MjIzMDZjMGE4 YTg0YWNhNGE3MzA4ZDc3ZjVjNWQ0YiU3QzE0YWE1NzQ0ZWNlMTQ3NGVhMmQ3MzRmNDZkZGE2NGEx JTdDMCU3QzAlN0M2MzcxMTc5MDY5ODcyNDYyMTEmYW1wO3NkYXRhPUFEbDhtNHRFblNXMnR6dWs2 ZFdJVlU3c3g4WSUyQlJVUSUyRlMxY2ZmeGpzdU9VJTNEJmFtcDtyZXNlcnZlZD0wIj4NCmdvdi51 azwvYT4gZmFsbHMgaW50byksIHdoZXJlYXMgc2V0dGluZyB0aGF0IHBvbGljeSBmb3IgdGhlIG5l d2VyIGJyYW5kZWQgZG9tYWlucyAoLmdvb2dsZSkgYW5kIG11bHRpLW9yZ2FuaXphdGlvbmFsICgu YmFuaykgc2VlbXMgZmluZSB3aXRob3V0IHJlcG9ydGluZy48bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QnJhbmRvbiZuYnNwOzxvOnA+PC9vOnA+ PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+VGhpcyBp bmZvcm1hdGlvbiBpcyBleGVtcHQgdW5kZXIgdGhlIEZyZWVkb20gb2YgSW5mb3JtYXRpb24gQWN0 IDIwMDAgKEZPSUEpIGFuZCBtYXkgYmUgZXhlbXB0IHVuZGVyIG90aGVyIFVLIGluZm9ybWF0aW9u IGxlZ2lzbGF0aW9uLiBSZWZlciBhbnkgRk9JQSBxdWVyaWVzIHRvIG5jc2NpbmZvbGVnQG5jc2Mu Z292LnVrLiBBbGwgbWF0ZXJpYWwgaXMgVUsgQ3Jvd24gQ29weXJpZ2h0IMKpDQo8bzpwPjwvbzpw PjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_LO2P123MB228540329379ED4FBF497072C92D0LO2P123MB2285GBRP_--