On 12/2/24 13:58, Scott Hollenbeck via Datatracker wrote:
> Reviewer: Scott Hollenbeck
> Review result: Ready with Nits
> 
> I'm the assigned ART area reviewer for draft-ietf-dmarc-dmarcbis. I found only
> one small issue during my review:
> 
> Section 2.2 mentions "cousin domains" but doesn't include a reference that
> defines the term. An informative reference would be helpful.

In the Anti-Phishing section referred to it is written:

        ... visually similar domain names ("cousin domains")

which indicates, at least to me, that this is the definition.

It is not used again in that document, but "cousin domains" is used
twice in Aggregate Reporting, and it looks like it can be easily removed
from there, as it does not clarify anything the term "typo domains", or
similar would not do better.

I think the parenthesized ("cousin domains") can be safely removed from
dmarcbis.

aggregate-reporting, can fix it by calling it typo domains, or something.

I do not think "typo domain" needs a definition.


In aggregate reporting, "cousin domains" is mentioned in the context of
risk of feedback leakage to a PSO, and require a few unlikely things to
occur.

* The sender must mis-configure the RFC5322.From to contain
  a non-existent domain name.
* The Mail Receiver must accept mail with said non-existent
  domain name.
* The aggregate report must be sent to the PSO.


Daniel K.

_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org

Reply via email to