On April 26, 2023 9:52:29 PM UTC, Jesse Thompson <[email protected]> wrote:
>On Wed, Apr 26, 2023, at 6:21 AM, Scott Kitterman wrote:
>>
>>
>> On April 26, 2023 8:08:39 AM UTC, Alessandro Vesely <[email protected]> wrote:
>> >On Tue 25/Apr/2023 20:27:18 +0200 Scott Kitterman wrote:
>> >> My recollection is that a general formulation that I proposed had at least
>> >> some traction out of both groups:
>> >>
>> >>> [some appropriate description] domains MUST NOT publish restrictive DMARC
>> >>> policies due to interoperability issues
>> >>
>> >> Leaving aside (for now) the question of what goes into [some appropriate
>> >> description] and with the assumption that there will be some non-normative
>> >> discussion to amplify whatever that is and probably give some indication
>> >> about
>> >> what domains might do to not be one of those domains, is there anyone who
>> >> just
>> >> can't live with that formulation of the situation?
>> >
>> >
>> >Me, for one. Because more than 98% of domains are going to fall into the
>> >description, however we word it, that statement makes the whole I-D
>> >nonsensical. Cannot we just tell the problem without MUSTard?
>> >
>> >In any case, using the complement of [some appropriate description] is
>> >certainly easier. For example:
>> >
>> > Forcing authentication into Internet mail by publishing restrictive
>> > DMARC
>> > policies breaks some well established patterns of usage. Publishing
>> > such
>> > policies is thus RECOMMENDED only for domains [in this other appropriate
>> > description].
>> >
>> Thanks.
>>
>> I understand your objection to be that the proposed description of the
>> interoperability problems would apply to too many domains, regardless of the
>> modifier we might use. Is that correct?
>
>I have a similar concern. Any domain owner with size or complexity or users
>(who will do what they wanna do) will easily find their domain in a mixed-use
>state, and (ironically) the only management/governance tool at the domain
>owner's disposal to prevent future unintended use of the domain, in favor of
>subdomains, is to publish p=quarantine|reject (throwing the baby out with the
>bathwater)
>
Which, I think is precisely the point. "... or there will be interoperability
problems ..." isn't a magic block to people doing things. If you are willing
to accept the fallout, nothing is stopping you.
I don't think what you describe as your concern is technical. What I
understand you to be saying is it's technically correct, but you would prefer
it was less obvious. I suspect that's not how you view it, but it seems to me
like the fundamental concern is that if we clearly articulate the
interoperability risk, people might choose not to take that risk.
Scott K
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
