On December 6, 2021 1:10:02 PM UTC, Todd Herr
<[email protected]> wrote:
>On Sat, Dec 4, 2021 at 11:28 PM Scott Kitterman <[email protected]>
>wrote:
>
>> I think the addition of the PSD flag to support organizational domain
>> determination is a good change. I have some quibbles about the exact
>> definition though:
>>
>> > psd: A flag indicating whether the domain is a PSD. (plain-text;
>> > OPTIONAL; default is 'n'). Possible values are:
>> >
>> > y: Domains on the PSL that publish DMARC policy records
>> SHOULD
>> > include this tag with a value of 'y' to indicate that the
>> > domain is a PSD. This information will be used during
>> policy
>> > discovery to determine how to apply any DMARC policy
>> records
>> > that are discovered during the tree walk.
>> >
>> > n: The default, indicating that the DMARC policy record is
>> > published for a domain that is not a PSD.
>>
>> Why does this need a value at all? Why can't the flag just be psd?
>>
>> [snip]
>>
>> All that's needed is to strike "with a value of 'y'" from the second
>> sentence.
>>
>> I think this is simpler and clearer.
>>
>>
>I don't disagree that it's simpler and clearer. However, expressing it as
>psd=(y|n) was chosen to be consistent with the expression of every other
>tag currently defined for DMARC records, all of which "follow the
>extensible "tag-value" syntax for DNS-based key records defined in DKIM" as
>declared in section 5.3, General Record Format.
>
>This doesn't mean we can't break new ground here, but doing so would
>require rewriting the beginning of section 5.3, as well.
Unless there's a valid reason for someone to publish PSD=no, I don't think it
should exist and I can't think of a reason. If you give people a knob, someone
will turn it [if we leave it in, I guarantee you there will be things written
about how essential it is to have psd=no in your DMARC record].
Good point about section 5.3. The ABNF would need changing too. I can provide
a patch for the change if you would like.
Scott K
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
