On Thu 20/Jun/2024 18:24:30 +0200 Todd Herr wrote:
Second question...
Both RFC 7489 and DMARCbis describe the 'd' and 's' values as requesting the
generation of a DKIM failure report (RFC 6651) or SPF failure report (RFC
6652). Is that what we want, or should it be a report in the format defined
in draft-ietf-dmarc-failure-reporting?
I think RFC 7489's usage of the terms DKIM and SPF in that context is a typo.
It meant to say, e.g., "Generate a DMARK failure report with DKIM
characteristics if..." rather than "Generate a DKIM failure report if...". In
fact, Section 7.3.1 extends AFRF in two flavors, dkim and spf. They both have
type "dmarc".
The last paragraph in that section explicitly says:
3. Authentication Failure Type "dmarc" is defined, which is to be
used when a failure report is generated because some or all of
the authentication mechanisms failed to produce aligned
identifiers. [...]
https://datatracker.ietf.org/doc/html/rfc7489#section-7.3.1
That seems to say that fo= is meant to identify under what conditions a "dmarc"
failure report is generated, not what Type of failure report is generated.
Best
Ale
--
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
