On Sat 04/Dec/2021 23:02:50 +0100 Seth Blank wrote:
On Sat, Dec 4, 2021 at 10:00 AM John Levine <[email protected]> wrote:
It appears that Murray S. Kucherawy <[email protected]> said:
This was reported but not sent to the WG. I believe the right disposition
is "Hold for Document Update". Does anyone want to argue for "Rejected" or
"Verified"?
Reject it. Whether you choose to believe the non-ICANN part of the PSL is
local policy.
I also think that Scott's example in the notes is wrong. It is perfectly
plasuble for an operator's customers to have their own DMARC policy,
although most of the subdomains are less exotic than this one. Try
Centralic's us.com where I think you would not want foo.us.com and
bar.us.com to share the same default policy. >
+1
Scott's example, which he states as wrong, is in fact correct.
The org domain should in fact be
example.s3.dualstack.ap-northeast-1.amazonaws.com and not amazonaws.com, as
amazonaws.com is not the organization which controls policy for, or should
receive reports for, the organization which has registered and is using
example.s3.dualstack.ap-northeast-1.amazonaws.com.
+1
While I agree that editing the PSL before giving it as a parameter to a DMARC
filter is a question of local policy, a discussion on the effects produced by
varying the attribution of org domains is required, especially now that we are
enabling domains to freely appoint themselves as PSDs.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
