We are proposing to replace an information-rich PSL resource, with DNS lookups that currently have no explicit information about organization boundaries. The good news is that we can get pretty close to PSL-equivalent results with the existing DNS and some heuristics. But certainty is always preferable to heuristics, which is why we need a flag for registrar entities (organization boundary below) and a flag for organization domains (organization boundary above). DMARC has always been about empowering domain owners and evaluators to work together to improve trust. Using the tree walk instead of the PSL puts those participants back in control of their relationship. In the near term, the PSL will have an information advantage, especially for private registries. Consequently, existing implementations will continue to consult it. But for the long term, registrars and their registrants are the best source for information about organization boundaries, and they will become the official source if we give them the tools to do so.
On the other hand, to build a complete solution around the PSL, we would have to document all of the information flows between the PSL entity and the registrar entities, define the integrity assurance processes for that communication, and eliminate the ambiguity caused by having more than one list. It seems clear that we do not want to undertake that effort. We also have the nagging fear that at some point the PSL will become unreliable or unavailable for our purposes. So we define a new algorithm that eliminates the PSL using the best-available heuristics, treat the old algorithm as valid but deprecated, and let the industry pick the long-term winner. Doug
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
