On 5/5/15 11:01 AM, Murray S. Kucherawy wrote: > On Tue, May 5, 2015 at 10:33 AM, Scott Kitterman <[email protected]> > wrote: > >> Wrapping a 'somebody else's problem field' around the registration piece >> of this doesn't make it any more feasible. >> > Is it sufficient to say something like this?: > > "A participating operator needs to solve the registration problem. > Different operators will have different capabilities, requirements, and > limitations here. A very simple approach would be <List-Id magic here>; > however, this has the following drawbacks: <List-Id anti-magic here>. > Non-trivial solutions may or may not appear in later documents." > > This illustrates the problem and the importance of solving it in some > detail which would give someone "skilled in the art" enough context to come > up with something in his or her particular environment, while not > constraining DMARC to something that is not universally useful.
Dear Murray and Hector, Almost. Consider the DDoS concern issue that made ATPS impractical by requiring special TP DKIM signatures. This problem can be solved with standard DKIM signatures in conjunction with a domain wide semaphore provided by a DMARC assertion ignored by recipients lacking the TP enhancement. Special DKIM signatures are really not necessary and will introduce more DNS overhead than would be caused by a simple hash reference. Faster, smaller message size, and far simpler signing processes become possible. As illustrated in http://tools.ietf.org/html/draft-otis-dmarc-escape-02#section-4 ,-- DMARC could make an assertion of "sam=tpa; and tpa=third-party-authority.example.com;" when the DMARC domain offers the Specific Advisory Methods "sam=" tag indicating the third-party advisory methods supported. The "tpa=" tag can also indicate the domain location where third- party-authorization hashes have been consolidated with an assumed prefix of "_smtp._tpa.<tpa-domain>". '-- This would allow large ESP a simple means to share the registration profiles that should greatly benefit all of their recipients. Regards, Douglas Otis _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
