On Fri 12/Jul/2019 19:30:35 +0200 Scott Kitterman wrote: > On Thursday, July 11, 2019 6:07:50 AM EDT Alessandro Vesely wrote: >>> 2. If explicit call outs to ICANN/limited operator capacity to >>> implement are needed >> >> Appendix B.1 lacks a criterion to establish enlisting. Couldn't we >> require an explicit statement about seizing DMARC reports in, say, the >> delegation report? Alternatively, that policy can be stated in a >> well-known place under the delegation services URL, so that >> registrants know what they do. > > It's in the appendix because we don't have a clear path forward. This is > part > of the experiment. We need to be careful though since different PSDs operate > under different authorities and controls, so there is a point beyond which > it's > not the IETF that decides.
I should have written more clearly the two issues. One is the criterion. I hypothesized that all what is needed to gran enlistment to a PSO is that its policy to seize DMARC at PSD level be published, so that registrant can learn about is before registering. Is that correct? I mean does a public statement suffice? The second issue is how to publish. In case the answer to the 1st question is yes, would https://PSO.tld/.well-known/dmarc-psd/policy do? Best Ale -- _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
