On Sat 10/Aug/2019 08:49:29 +0200 Scott Kitterman wrote: > Note the updated abstract and please review the changes to the first part of > the introduction as I had to write new text there and not just incorporate > msk's comments. This covers all the pending work of which I am aware.
The intro looks smooth. Perhaps, for maximum clearness, you could add a sentence after the first one of the second paragraph: As an example, imagine a country code TLD (ccTLD) which has public subdomains for government and commercial use (.gov.example and .com.example). They are both on the public suffix list, although gov.example is not really available for public registrations, domains under it belong to different branches of the government. Suppose there exists a registered domain "tax.gov.example" that is responsible for taxation in this imagined country. [...] Excuse me, but I hadn't noted the following in Murray's message of Aug 1st: Experience with DMARC has shown that some implementations short- circuit messages, bypassing DMARC policy application, when the domain name extracted by the receiver (from the RFC5322.From) is on the public suffix list used by the receiver. This negates the capability being created by this specification. Therefore, the following paragraph is appended to Section 6.6.1 of DMARC [RFC7489]: Note that domain names that appear on a public suffix list are not exempt from DMARC policy application and reporting. First, it's not easy to read, as the concept of PSL "used by the receiver", albeit obvious, is new. The whole idea is better expressed by the last three lines in the abstract. Second, Section 6.6.1 of RFC 7489 deals with the uniqueness of the From: domain. The idea of a PSL is brought forward in a subsequent section (policy discovery). If the note has to go there, I'd rather insert it between the first and the second paragraphs of that section. The last paragraph there seems to conflict with the second bullet, and adding the note above after it is not going to make things clearer. The next section has: As an example, for a message with the Organizational Domain of "example.compute.cloudcompany.com.example", the query for PSD DMARC would use "compute.cloudcompany.com.example" as the longest PSD (Section 2.3). The receiver would check to see if that PSD is listed in the DMARC PSD Registry, and if so, perform the policy lookup at "_dmarc.compute.cloudcompany.com.example". It is not natural to spot which is the organizational domain, because the names are misleading. Cloudcompany looks like a name registered under the com.example PSD; how come compute.cloudcompany.com.example is the longest PSD? I'd stick with the gov.example introduced earlier. jm2c Ale -- _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
