Steve,
On Mon 02/Dec/2025 11:31:55 +0100 Steven M Jones wrote:
On 12/1/25 10:13, Alessandro Vesely wrote:
[...]
Shall I post -21 as is?
A change to the first sentence of Section 5 paragraph 2 was definitely needed,
but the current iteration is awkward. I'd like to suggest the following:
Old: "Without checking and successfully verifying the authenticity,
trustworthiness, and aware participation of an external destination, a bad
actor could publish..."
Proposed: "Without verifying that the external destination is willing to
receive these reports, a bad actor could publish..."
That was the wording proposed by Marco Tiloca
https://datatracker.ietf.org/doc/review-ietf-dmarc-failure-reporting-20-artart-lc-tiloca-2025-11-26/
I chose the first alternative he proposed, as it makes explicit the concerns associated
with sending these reports to an external destination, thus allowing the reader to assess
the extent to which they are dispelled by the verification described in the protocol. I
understand, however, that it may seem awkward. Marco probably thought so too, so much so
that he proposed a second alternative, "This prevents a bad actor from publishing
...", which is even smoother than the one you proposed.
Further thoughts?
Also, I noticed there's a stray "back tick"/single quote at the end of the
third paragraph of Section 5, just beforeĀ the title of Section 5.1.
Good catch! Thank you.
Best
Ale
--
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
