On 5/10/2015 2:14 AM, Murray S. Kucherawy wrote:
On Sat, May 9, 2015 at 10:33 PM, Anne Bennett <[email protected]
<mailto:[email protected]>> wrote:
Hmm, Hector, I think you've forced me to convince myself that you're
on the right track: I think that the "registration problem" is a red
herring after all. There's no deterministic way to decide what's a
legitimate mailing list (or other re-signer), any more than
there's any
way to deterministically decide what's a legitimate originator. Those
determinations are made heuristically outside DMARC.
I suppose the tl;dr version of my last reply is:
The registration problem is not a red herring because it doesn't
exist, but because it is intractable. Thus, any response to the
third-party problem that relies on a solution to that problem (which
includes ATPS, DSAP, and TPA) is probably not viable.
Thats a fine opinion, but you have no evidence to show whether it was
possible or not because the efforts to do were crippled or hampered by
other focuses. Brush off work, crippling it should not be used as
evidence of lack of traction or difficulty in publishing records.
Besides the trust focus during DKIM-WG, ADSP was being down played and
the MLM was encouraged not to support it. With the level of demotion
that existed primarily because of its conflict with the MLM, it was
hard to imagine anyone that wasn't nimble and flexible to support it.
It wasn't complete. It was all in pieces.
But you replaced ADSP with DMARC and when you did so, you didn't
update ATPS to work off DMARC where it was suppose to be at. So that
was the proper next step. It isn't an equal situation until then.
Now you got DMARC support -- meaning, RECEIVERS are doing the lookup
for these records and actually honoring the rejection policy.
Therefore, ATPS-rev04 should be updated for DMARC or revert rfc6541 to
make it work off the DMARC record. Then maybe the Yahoos will *think*
about it, because they would have a choice to do so. When ready, they
can add simple tag(s) to DMARC:
[atps=y; [atpsh=hash-method;]]
All optional and give the receivers a simple choice to look it up:
if dmarc["atps'] == "y" and author is not the signer then
do a atps(author, signer) lookup
That's the optimized solution. At this point we don't really need the
dmarc "atps=y" signal. We can use use the idea that the author does
not equal the signer.
I would like to see ATPS-rev04 resurrected with the DMARC optimizing
hook or off the mismatch of author and signer.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
