On Monday, July 18, 2022 6:18:00 AM EDT Scott Kitterman wrote: > On July 18, 2022 9:37:25 AM UTC, Alessandro Vesely <[email protected]> wrote: > >On Sun 17/Jul/2022 17:09:06 +0200 Scott Kitterman wrote: > >>> Without John's change in the other step 2, that of Section 4.6, this step 2 should have been worded differently, but the concept is that a PSD which sends mail or signs messages should be treated as a regular (sub)domain,/ within/ the process. That is, without taking recourse to the statement, put after the process steps: > >>> If this process does not determine the Organizational Domain, then > >>> the initial target domain is the Organizational Domain. > >> > >> That's the one. > >> > >>> Recall that you corrected me on March 21st: > >>> mailarchive.ietf.org/arch/msg/dmarc/VmB5_CMIrm9rulqlkILMMEw_nW8 > >> > >> Yes. > > > >At that time the process would stop on psd=y even at the entry point. So > >John's change fixed it, in part.> > >> I don't understand what you are arguing for the WG to do. I believe that > >> you are agreeing that the current text gets the desired result and yet > >> you still want to change it because it should have been different if > >> Section 4.6 was different.> > >The reason I want to change it is that a mail From: <faked@com> brings the > >tree walk process to conclude that .com is an organizational domain, which > >is wrong. > > > >I think the best way to avoid confusing the reader is to make sharp > >definitions to start with. We have these unimportant abnormal PSDs which > >we don't want to mention because they don't happen. However, logically > >oriented readers will spot the inconsistency and be confused. > Since com. doesn't have a DMARC record, the case is already addressed. > Early in Section 4.8 there's a list of conditions where you don't even look > for the organizational domain. On of them is: > > No applicable DMARC policy is discovered for the RFC5322.From domain during > the first tree walk. In this case, the DMARC mechanism does not apply to > the message in question. > > That would be the controlling point in your scenario. > > It might make sense to remove the word 'Note:'.
I spent a little more time looking at this and I think the note as a "Note:" is fine. All of the cases under the note are shortcuts to a correct answer based on guidance elsewhere. I do think a change might add clarity: Change: "Select the Organizational Domain from the domains for which valid DMARC records were retrieved from the longest to the shortest:" to "For each Tree Walk for which valid DMARC records were retrieved, select the Organizational Domain from the domains with DMARC records, evaluating from the longest to the shortest:" in order to make it more obvious a domain without a DMARC record isn't used to determine the org domain. Scott K _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
