On 3/12/2018 6:57 PM, Barry Leiba wrote:
Not all 25 minutes are for that; that is included in the time slot,
along with anything else we put into "next steps".
I do expect that we'll discuss "path toward a Proposed Standard
version of DMARC," and I'll put that into the "next steps" section on
the next update to the agenda.

I suggest broaching this topic here and now, so the agenda entry can show something other than an off-charter draft.

To prime that pump...

   Phase II:

      Specification of DMARC improvements to support indirect
mail flows

1. Besides ARC, are there other wg efforts that should be pursued to satisfy this?

ARC targets intermediary action in mail that originated with a DMARC-satisfying configuration. ARC does not attend to mail that starts without that. That is, mail starting from an independent third party source, such as a kiosk.

      Draft Guide on DMARC Usage

Current version is -04, so this charter item appears to be satisfied.

   Phase III:

      Review and refinement of the DMARC specification

Is there technical work on the base specification that would improve it?

One would be a spec revision to deal with ARC. Does DMARC still 'fail'? Yet the whole point of ARC is to create the possibility of still getting delivered, in spite of this.

And from a note I posted last August: "BTW, the DMARC spec uses the terms 'pass' and 'fail' with respect to the underlying authentication mechanisms of DKIM and SPF. It also uses it within the context of DMARC processing, itself, but it does not define what those terms mean, in that context. Beyond reference to DMARC 'policy' records, text in the specs that talk about processing DMARC policy is similarly implicit, rather than explicit. The only clear, explicit directive about DMARC outcomes seems to be Section 6.6.2 #6, Apply policy."

      Completion of Guide on DMARC Usage

What will it take to complete this doc?

One example would be a spec revision effort that targets clarification, based on experience coding and deploying DMARC.

I'll also suggest that it would help allay public concerns about DMARC to be able to have this document include experience-based text about ARC usage; both discussing how to use it and how effective it is.


Dave Crocker
Brandenburg InternetWorking

dmarc mailing list

Reply via email to