https://trac.ietf.org/trac/dmarc/ticket/66
Many different entities participate in DMARC, and to each, there is a
different definition of what is needed to "implement" or participate in
DMARC.
Should the spec be clear about the different participants, and what it
means for each to participate partially and completely?
As a straw man to start conversation (assume this is all wrong):
The domain owner:
- partially participating: valid record?
- complete participation: no part of the domain hierarchy can be
spoofed by an unauthenticated sender?
The receiver/MTA:
- partially participating: validates DMARC?
- complete participation: validates DMARC and ARC, and sends aggregate
reports?
The intermediary (is this different than a receiver?):
- partially: validates DMARC?
- complete participation: validates DMARC and validates and seals ARC?
--
*Seth Blank* | VP, Standards and New Technologies
*e:* [email protected]
*p:* 415.273.8818
This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
