On December 1, 2024 7:47:31 PM UTC, Jim Fenton <[email protected]> wrote: ... >Considering the above problems, DMARCbis is neither safe nor effective. It >should not be published as a standards track document by IETF. > I think all of the concerns Jim expressed in his email are essentially accurate. I've deleted them for readability, since I don't think they are relevant to the response I want to provide.
If the choice were DMARC or no DMARC being used then I think it would be great to have that discussion, but that's not a choice the IESG or the IETF community gets to make. Unlike ADSP, it is very widely deployed and nothing we do will affect that. As written, I don't think the draft is meant to be a document that provides a protocol and pushes for universal acceptance because it's so useful everyone should get on board. I think it's written to say IF you are going to do DMARC (and there are reasons you might not want to), here's a somewhat better way to approach it. From Jim's safe and effective criteria, I think the question should be is DMARCbis more safe/effective than RFC 7489. I think it is. Maybe not as much as I would have hoped for back when we started, but I think it's a useful step forward and captures the state of the art as well as anyone understands it. I think it should be published as a standards track document by IETF both to improve the design of the protocol and to bring change control into the IETF so that as we learn more about how to provide the benefits of DMARC while reducing the negative side effects, it's clearly the IETF's call to do so. Scott K _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
