On 12/30/20 8:42 AM, Seth Blank wrote:
At this point, this thread is deeply unproductive and preventing work
on open tickets.
Mike, I hear that you believe better normative accounting for DMARC
results in auth-res is needed. If this is correct, please open a
ticket, and the working group will address it later as we've committed
to discussing all open tickets.
Later? How much later? Looking at the open tickets it looks you have
about 5 more years of "later". And I would say the chairs teeing up
tickets would be a far more efficient means of driving the process than
shutting down discussions that will become tickets. That other thread on
privacy should have been closed out weeks ago.
I believe there are several separate issues:
1) There is a scaling issue for DMARC if it is required to be used
beyond the boundary of an administrative domain, and especially if MUA's
start running them; there is nothing that says that they can't or shouldn't.
2) Auth-res process-wise is an orphan with no means of discussing it in
any working group even though it's standards track and has issues
requiring coordination with this working group
3) The fundamental question that Ned brought up which is whether
Auth-res is a protocol at all. If it's really just a debugging tool to
be use by humans, it should definitely just be informational, and
probably historic. Either Auth-res is useful and supported or not and
should be killed
4) Should DMARC require a normative Authentication-Results Requirements
section? This process-wise would solve the problem of auth-res in (2)
and shift the specification of that normative text back to the document
that is affected by it, letting Auth-res just be a transport vehicle so
that it doesn't require yet another working group-less update. That is
what we should have done from the start, but auth-res is an accident of
history.
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
