On 1/29/2021 12:15 PM, Murray S. Kucherawy wrote:
On Fri, Jan 29, 2021 at 7:51 AM Dave Crocker <[email protected] <mailto:[email protected]>> wrote:Abstract DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a scalable mechanism by which a mail-originating organization can express domain-level policies and preferences for message validation, disposition, and reporting, that a mail-receiving organization can use to improve mail handling. The design of DMARC presumes that domain names represent either nodes in the tree below which registrations occur, or nodes where registrations haveDMARC does not have 'registrations'. It's referring to domain name registrations, not DMARC registrations. Also the occur/occured contrast has no obvious meaning to me. Really, I have no idea what's intended by it. "exist"? "take place"? "are made"? "are done"?
The issue wasn't synonyms but semantics. 'registrations occurred' has no obvious DMARC meaning.
unless, perhaps, the meaning is 'domain names exist', but that still doesn't explain the contrast being drawn.
occurred; it does not permit a domain name to have both of these"both" of what? registration?It's describing properties of nodes in the domain name tree. DMARC's current design stipulates that every node is either (a) a node below which registrations can occur, or (b) a node at which a registration has occurred. An example of the former is "org", and an example of the latter is "ietf.org <http://ietf.org>" and its entire subtree.
DMARC does not have 'registrations'. The word in used in the spec as: " 3 <https://tools.ietf.org/html/rfc7489#section-3>. Terminology and Definitions Domain Owner: An entity or organization that owns a DNS domain. The term "owns" here indicates that the entity or organization being referenced holds the registration of that DNS domain." and: " 3.2 <https://tools.ietf.org/html/rfc7489#section-3.2>. Organizational Domain The Organizational Domain is determined using the following algorithm: 1. Acquire a "public suffix" list, i.e., a list of DNS domain names reserved for registrations. " (The later reference to the Tag Registry is presumably irrelevant here.)
properties simultaneously. Since its deployment in 2015, use of DMARC has shown a clear need for the ability to express policy for these domains as well.Which domains?The intent is to augment DMARC's ability to describe the domain name tree such that a node can be both (a) and (b) at the same time, for the purposes of policy expression. So those are the nodes (domains) of interest.
My frustration is that a document that reaches wg Last Call should not have language that is this confusing, especially about its fundamentals and especially given how much revision it has already gotten.
d/ -- Dave Crocker [email protected] 408.329.0791 Volunteer, Silicon Valley Chapter American Red Cross [email protected]
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
