On June 8, 2020 12:02:13 AM UTC, John Levine <[email protected]> wrote:
>In article
><CAOZAAfOoFYMhZXy0um0t8hL=bsbzydcscikc1ayo5stuwnt...@mail.gmail.com>
>you write:
>>-=-=-=-=-=-
>>
>>https://trac.ietf.org/trac/dmarc/ticket/38
>>
>>The spec is ambiguous about which DKIM key needs to be reported.
>>
>>The real world problem here is that sometimes the DKIM key(s) which
>are
>>reported in a row of an aggregate report have nothing to do with the
>DKIM
>>key used to evaluate the DMARC status within the same row.
>
>How about saying that reports MUST include the key used to evaluate
>the DMARC status, if there was one, and SHOULD include all DKIM keys
>evaluated.
>
>The other ones can be useful, e.g., mailing lists usually resign their
>outgoing mail so if you have an idea what what lists are sending you
>mail, that gives you a strong hint that a DMARC failure is due to mail
>from a list.
When you say 'include the key', do you mean put the literal public key in the
report or the selector which, in combination with the signing domain, tells one
where to find the record in DNS?
Scott K
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
