More specifically to the asserted charter problem: RFC 7489 provided a universally applicable rule for determining organizational boundaries: the PSL. Then it provided a universally applicable rule for determining authentication: relaxed alignment, same organization for the verified identifier and the FROM domain.
Despite starting from that point, RFC 7489 arbitrarily limited applicability to messages with DMARC policies, which is its core design failure. Reversing that mistake is part of what DMARCbis needs to do. Doug On Tue, Oct 24, 2023 at 11:30 PM Murray S. Kucherawy <superu...@gmail.com> wrote: > On Tue, Oct 24, 2023 at 5:34 PM Douglas Foster < > dougfoster.emailstanda...@gmail.com> wrote: > >> In short, I am not part of the presumed consensus on this document. I >> will vigorously oppose any document which does not discuss malicious >> impersonation defenses for every domain. >> > > Doug, > > A working group charter is a sort of contract with the IESG that > stipulates what the working group will produce and how it will operate. > This is meant to keep the working group on track and eschew distractions > and scope creep. The charter for this particular working group is visible > in the IETF datatracker. > > If you read it, you'll see that this working group is not chartered to do > anything as broad as what I believe you are demanding here. Put another > way: Were it to produce the document that you appear to expect, it likely > would be sent back as exceeding the working group's charter. A full > treatment of sender authentication and malicious impersonation far exceeds > what DMARC by itself is capable of addressing, and we here are only dealing > with DMARC. We are chartered here to revise RFC 7489 based on operational > experience acquired since DMARC was first deployed, and in this and other > ways prepare it for publication on the Standards Track, and possibly > produce ancillary documents. We are not chartered to produce an broad > treatment of the sort you seek. > > The sentiment of your first sentence is noted. The sentiment of your > second, however, seems like a threat that you intend to make yourself > vexatious to the progress of the document, and I truly hope you don't mean > that. > > -MSK, ART AD >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
