It appears that Scott Kitterman <[email protected]> said: >> I prefer the first (longest) but could live with the last if people think >> that will in practice be less surprising. I do worry about foo.us.com vs >> bar.us.com. > >I think it will (less surprising). Currently if you have a.b.bar.us.com and >"a" and "b" need different policies you can just publish them. If you stop at >the first one, then b.bar.us.com would be identified as the org domain for >a.b.bar.us.com vice bar.us.com.
I understand, but the question is whether anyone actually does that. It is my impression that our argument is largely hypothetical because it is rare to have stacked DMARC records like that. >We could fix this by changing the definition of relaxed alignment to be is the >same or one is a subdomain of the other, but I think it's better to take the >last DMARC record and leave the definition as is. Laura says she's seen sibling or maybe great aunt alignment. I really wish we could get some stats about what kinds of relaxed alignment people actually use, because I would prefer to avoid evil sibling alignment if we can do that without breaking significant existing use. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
