I have been giving some thought to the limitations of our current design, and they are substantial, because we have been pursuing a solution based on replacing the PSL, rather than a solution which integrates and improves on the PSL.
We have a near-term problem, because our current solution asks evaluators to abandon the information-rich to replace it with the information vacuum of the DNS. While that vacuum may be filled over time, the current draft has further aggravated the problem by specifying an indicator token which was chosen to "confuse so that people will not use it." Additionally, the new algorithm is significantly more complex than the RFC 7489 specification, while producing inferior results. If the intent is to kill DMARC by publishing a standard that no one uses, that effort is close to success. Our legitimate goal is to displace the PSL with information published by domain owners, as that information becomes available. The solution will need to guide evaluators to check the DNS for DMARCbis information and indicators, while falling back to the PSL when the DMARCbis information is not present, while supplementing both of them with local policy as desired. We need design work around the process an evaluator uses to choose between the new system and the PSL, as well as the information that DMARCbis communicates. I have begun working on ideas, but wanted to get the problem statement aired so that everyone could begin thinking about the problem. Doug Foster
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
