On Fri, Nov 30, 2018 at 1:40 PM Zeke Hendrickson <[email protected]> wrote:
> > I feel that restricting the additional PSD check to nonexistent > organizational domains is the best approach, I disagree...see below > as it preserves the opt-in nature of DMARC, granted > limits privacy concerns, No - this is the very essence of the need for a controlled registry of LPS (longest public suffix) to be checked. It's easy for a human to mistype a domain name and that could result in a report to the LPS's RUA. > remains very straightforward to implement as a verifier, and does not rely > on an > additional list. > Agreed, but the downside is high. > draft-ietf-dmarc-psd-00 addresses a slightly broader problem space Yes, and it is an important additional area to cover IMO --Kurt Andersen
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
