On 12/22/20 10:59 AM, Alessandro Vesely wrote:
Sorry, having to ask for permission because of laws does not
constitute a "severe privacy concern".
Except in the sense that they're called privacy laws. Do you have a
better wording?
I don't know what was wrong with the initial text. But it most certainly
is not a "severe privacy concern", especially if it is the originating
domain getting the report. It already saw the original message in the
first place assuming it wasn't spoofed, and if it was spoofed they are
entitled to see it for forensics if the receiving domain is willing to
send it to them.
That is completely outside of the scope of IETF and we should be
pandering
to it.
Making specifications that cannot be legally abided by is in IETF scope?
If the laws are unreasonable? Sure. We're not putting backdoors in for
encryption either. It's their laws, let them figure it out.
But you said that providers can get people to opt in, so that seem moot.
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
