On Thursday, December 13, 2018 08:54:53 PM John Levine wrote: > In article <2046741.GJeexbxHFF@kitterma-e6430> you write: > >In previous examples, this has been analogized to the Verisign sitefinder > >debacle. Personally, I think it's worse. Without an external check, this > >is a tool for enhancing the surveillance capacity of authoritarian > >regimes. > This is starting to sound like the drunk looking for his keys by the > streetlight. > > I grant the hypothetical point you're making, but if I were a cruel > government, funky DMARC records would not be near the top of my list > of intrusive techniques.
Possible, but I come back to as bad as it is, let's not make it worse. I don't think that domains should have to opt-out (by publishing a DMARC record) of having their data sent to the registrar of their TLD/PSD. If it's open season for PSD, then that's the situation we've created. Scott K _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
