Neither SPF nor DKIM use the PSL, so I still don't understand. What do you mean by "authentication testing"?
Scott K On October 31, 2021 11:30:29 AM UTC, Douglas Foster <[email protected]> wrote: >We have two issues floating here: >1) For policy lookup, replace the PSL with a constrained tree walk. >2) For authentication testing, replace the PSL with something based on the >policy lookup. > >Currently, the DMARC policy has nothing to do with the authentication >test. > >If the second idea is still on the table, we need a definition and a >defense of the algorithm. If the suggestion is withdrawn, please say so. > >Doug Foster > >On Sat, Oct 30, 2021 at 3:56 PM Scott Kitterman <[email protected]> >wrote: > >> >> >> On October 30, 2021 6:20:19 PM UTC, Alessandro Vesely <[email protected]> >> wrote: >> >On Fri 29/Oct/2021 23:29:13 +0200 Scott Kitterman wrote: >> >> On Tuesday, October 26, 2021 10:09:13 PM EDT John Levine wrote: >> >>> It appears that Scott Kitterman <[email protected]> said: >> >>>> >> >>>> Until we understand what we want, overall, selecting a specific >> design to >> >>>> achieve that goal is premature. Both of those approaches will give a >> >>>> wrong answer (at least as I'd define it) for less usual cases. >> >>> >> >>> Yup. I think I was the first person to propose a tree-walk, so here is >> >>> roughly what I was thinking: >> >>> >> >>> The problem with organizational domain is that it is ill-defined. It >> waves >> >>> its hands and says to use something like the PSL, and in practice >> everyone >> >>> uses the PSL. >> > >> > >> >That usage has proven to work quite well. And some respect for the >> installed >> >base wouldn't hurt. >> >> The alternative I suggested is 100% compatible with the installed base. >> If a domain has published DMARC policy per RFC 7489, the proposed new >> approach will still find it. I agree that something which would require >> existing DMARC records to be changed would be a non-starter. >> >> I'm not sure how much more respectful we can manage to be. >> >> Scott K >> >> _______________________________________________ >> dmarc mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dmarc >> _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
