On 6/5/2020 1:39 AM, Dotzero wrote:
The goal of DMARC was (and is) to mitigate direct domain abuse.
+1, it was the goal of:
[1] The original proof of concept with DomainKeys' built-in o= policy
tag for 1st party support, and
[2] The original DKIM draft augmented with the original SSP draft with
extended o= tags that included 3rd party signer considerations, and
[3] My own DSAP with its full coverage of 1st party and 3rd party
signer policies, and
[4] SSP/ASP when policy was separated from DKIM to create DKIM-BASE.
SSP/ASP was replaced with,
[5] ADSP which was limited to 1st party and ambiguous 3rd party signer
support which was replaced with,
[6] DMARC with its limited 1st party only support, punting on
addressing the 3rd party signer issue.
Short of reporting and SPF integration, DMARC did not bring any more
to the DKIM Policy design picture. All of the DKIM Policy proposals
offered the same power for highly detectable, enforcible direct mail,
exclusive and restrictive 1st policies. From day one, a few of the key
cogs here stated for the most part, "No will ever use an exclusive
DKIM policy, and if so, it will be an extremely narrow case with small
guys, and we don't about them" was the prevailing attitude about DKIM
Policy protocols.
Thanks to a non-IETF Trade Group who filled in the abandoned IETF DKIM
Policy ADSP model with "Super ADSP" aka DMARC, that all changed with
domains, of all sizes, switching to restrictive, rejectable DMARC
policy and the verifiers where beginning to honor it. It brought the
DKIM Policy theory into practice along with the unhandled indirect 3rd
party resigner list problem.
Nothing more and nothing less.
+1 for the most part.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
