On Wed, Dec 9, 2020 at 1:29 PM Brandon Long <blong= [email protected]> wrote:
> In today's much more privacy conscious world, should we have RUF reports > in DMARC > at all? > Forensic reports in DMARC are akin to the DKIM failure reporting we added to ARF back in the MARF working group. In fact if you go back and read those RFCs, an ancestor to the "pct=" tag is there. (RFC 6591 and RFC 6651 in particular are what I'm looking at.) Back in the original DKIM era I always found this kind of reporting to be really valuable especially since DKIM can fail for a variety of reasons that are far less obvious than SPF. Being able to get the verifier to tell me exactly what it saw and compare it to what I think I sent was key to getting the implementation right especially in curious corner cases (any of you that remember the DKIM interop event would know what I mean). Seems to me that's still a useful thing to have, at least sometimes. We might say something like: Include support for this, but don't have it on by default. Or even if it's an extension to DMARC and not part of the base protocol, it might be really helpful in some situations. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
