On Sat, Apr 26, 2014 at 02:32:55PM -0700, Dave Crocker wrote:
> DMARC works fine, for the constrained scenario it was originally
> designed to cover.
I think this is self-evidently true, but I also am starting to be made
nervous by the number of accidentally-triggered foot-gun stories that
we keep hearing about. It seems to me that, if DMARC is to be
regarded as a serious part of the Internet infrastructure and
operational environment, it's going to be important to develop a
pretty complete and easy to digest description of use cases and
consequences, and to do so quickly.
That the "Action XYZ will be painful if…" document isn't available
seems like a lacuna right now. That is normal for a pretty new
technology. I would like to suggest that its development is urgent;
and that if one does not want to re-enact the early experience of
DNSSEC deployment only even more visibly, that urgency ought to be
taken so seriously that too-restrictive and too-careful advice to
operators ought to be rushed out the door in the absence of anything
else.
Speaking as ever only for myself,
I remain &c.,
Andrew
--
Andrew Sullivan
Dyn, Inc.
[email protected]
v: +1 603 663 0448
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
