Re: [dmarc-ietf] [Request] Presentation in IETF101

2018-04-26 Thread Takehito Akagiri 
Hi, 

> DKIM has opt-in nature.

If opt-in means that DMARC record exists, our proposal is to change this opt-in 
nature because, as Shoko mentioned, virtual DMARC only focuses on the case 
which is obviously determined PASS.

No one will not be in troubled, so I think we can modify about that.
If not, I would like to know the specific situation. 


> Receivers can work this kind of operations using logs as they like.

Yes, receivers can do by themselves if they do not care about the compliance 
with RFC7489.
It specifies that the receiver adds dmarc=none in case there is no DMARC record,
while dmarc=pass will be added if DMARC record exists.
So I think we should discuss this contradiction.

---From RFC7489--
11.2.  Authentication-Results Result Registry Update
   IANA has added the following in the "Email Authentication Result
   Names" registry:
   Code:  none
   Existing/New Code:  existing
   Defined:  [AUTH-RESULTS]
   Auth Method:  dmarc (added)

   Meaning:  No DMARC policy record was published for the aligned
  identifier, or no aligned identifier could be extracted.



> DMARC is composed by policy and reporting, but Virtual DMARC does not have 
> reporting.

Is it acceptable to introduce the new AR code, such as dmarc=SoftPass,
and add it if no reporting policy is published ?
With this new code, one can distinguish DMARC with reporting from DMARC without 
reporting.
# In the current I-D, it specifies as PASS.


To summarize, 
1. Whether DMARC always requires opt-in
2. Whether dmarc=none is appropriate for the case where there is no DMARC record
3. Whether reporting is mandatory for DMARC



Best regards,
--Takehito Akagiri




- 元のメッセージ -
差出人: "Yasutaka, Genki | Dkim | OPS" 
宛先: "Shoko YONEZAWA" , dmarc@ietf.org
Cc: "Yasutaka, Genki | Dkim | OPS" 
送信済み: 2018年4月26日, 木曜日 午後 6:49:46
件名: Re: [dmarc-ietf] [Request] Presentation in IETF101

My understanding is that we have received some comments so far against Virtual 
DMARC.

The main comments are as follows:
- DKIM has opt-in nature.
- DMARC is composed by policy and reporting, but Virtual DMARC does not have 
reporting.
- Receivers can work this kind of operations using logs as they like.

Regards,
Genki

---
Genki YASUTAKA
Rakuten, Inc.
Mail: genki.yasut...@rakuten.com

-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Shoko YONEZAWA
Sent: Thursday, April 26, 2018 4:38 PM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] [Request] Presentation in IETF101

My opinion is that there seems no trouble in the case that the receiver issues 
dmarc=pass to the mail, whose domain has no DMARC record, and which is 
determined dmarc=pass even if DMARC record exists.

In such case, dmarc=pass will be issued for any DMARC record where "strict" 
decision policy is set.

Shoko

On 2018/04/18 0:59, Dave Crocker wrote:
> +1, for all of the below.
> 
> 
> d/
> 
> On 4/17/2018 8:41 AM, Steve Atkins wrote:
>>
>>> On Apr 16, 2018, at 11:07 PM, Kazunori ANDO  wrote:
>>>
>>> I think "virtual DMARC" is out of DMARC scope, because it's a purely 
>>> internal policy decision.
>>
>> +1 for the (not entirely unreasonable, but entirely internal)
>> algorithm used, -1 for the terminology.
>>
>> Where it's in scope is that it's using the term DMARC for something 
>> that is really not DMARC and as part of that it seems to suggest 
>> squatting on the dmarc= namespace in Authentication-Results.
>>
>> On 2018/03/20 6:17, Scott Kitterman wrote:
>>> Fundamentally, both SPF "Best Guess" and "Virtual DMARC" destroy the 
>>> opt-in nature of SPF and DMARC and should be considered harmful.
>>
>> +1
>>
>> Again, please don't do this.
>>
>> Cheers,
>>    Steve
>>
>> ___
>> dmarc mailing list
>> dmarc@ietf.org
>> https://www.ietf.org/mailman/listinfo/dmarc
>>
> 
> 

--
Shoko YONEZAWA
Lepidum Co. Ltd.
yonez...@lepidum.co.jp
TEL: +81-3-6276-5103

___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Re: [dmarc-ietf] [Request] Presentation in IETF101

2018-04-26 Thread Yasutaka, Genki | Dkim | OPS 
My understanding is that we have received some comments so far against Virtual 
DMARC.

The main comments are as follows:
- DKIM has opt-in nature.
- DMARC is composed by policy and reporting, but Virtual DMARC does not have 
reporting.
- Receivers can work this kind of operations using logs as they like.

Regards,
Genki

---
Genki YASUTAKA
Rakuten, Inc.
Mail: genki.yasut...@rakuten.com

-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Shoko YONEZAWA
Sent: Thursday, April 26, 2018 4:38 PM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] [Request] Presentation in IETF101

My opinion is that there seems no trouble in the case that the receiver issues 
dmarc=pass to the mail, whose domain has no DMARC record, and which is 
determined dmarc=pass even if DMARC record exists.

In such case, dmarc=pass will be issued for any DMARC record where "strict" 
decision policy is set.

Shoko

On 2018/04/18 0:59, Dave Crocker wrote:
> +1, for all of the below.
> 
> 
> d/
> 
> On 4/17/2018 8:41 AM, Steve Atkins wrote:
>>
>>> On Apr 16, 2018, at 11:07 PM, Kazunori ANDO  wrote:
>>>
>>> I think "virtual DMARC" is out of DMARC scope, because it's a purely 
>>> internal policy decision.
>>
>> +1 for the (not entirely unreasonable, but entirely internal)
>> algorithm used, -1 for the terminology.
>>
>> Where it's in scope is that it's using the term DMARC for something 
>> that is really not DMARC and as part of that it seems to suggest 
>> squatting on the dmarc= namespace in Authentication-Results.
>>
>> On 2018/03/20 6:17, Scott Kitterman wrote:
>>> Fundamentally, both SPF "Best Guess" and "Virtual DMARC" destroy the 
>>> opt-in nature of SPF and DMARC and should be considered harmful.
>>
>> +1
>>
>> Again, please don't do this.
>>
>> Cheers,
>>    Steve
>>
>> ___
>> dmarc mailing list
>> dmarc@ietf.org
>> https://www.ietf.org/mailman/listinfo/dmarc
>>
> 
> 

--
Shoko YONEZAWA
Lepidum Co. Ltd.
yonez...@lepidum.co.jp
TEL: +81-3-6276-5103

___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Re: [dmarc-ietf] [Request] Presentation in IETF101

2018-04-26 Thread Shoko YONEZAWA 

My opinion is that there seems no trouble
in the case that the receiver issues dmarc=pass to the mail,
whose domain has no DMARC record,
and which is determined dmarc=pass even if DMARC record exists.

In such case, dmarc=pass will be issued for any DMARC record
where "strict" decision policy is set.

Shoko

On 2018/04/18 0:59, Dave Crocker wrote:

+1, for all of the below.


d/

On 4/17/2018 8:41 AM, Steve Atkins wrote:



On Apr 16, 2018, at 11:07 PM, Kazunori ANDO  wrote:

I think "virtual DMARC" is out of DMARC scope,
because it's a purely internal policy decision.


+1 for the (not entirely unreasonable, but entirely internal) 
algorithm used, -1 for the terminology.


Where it's in scope is that it's using the term DMARC for something 
that is really not DMARC and as part of that it seems to suggest 
squatting on the dmarc= namespace in Authentication-Results.


On 2018/03/20 6:17, Scott Kitterman wrote:
Fundamentally, both SPF "Best Guess" and "Virtual DMARC" destroy the 
opt-in

nature of SPF and DMARC and should be considered harmful.


+1

Again, please don't do this.

Cheers,
   Steve

___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc






--
Shoko YONEZAWA
Lepidum Co. Ltd.
yonez...@lepidum.co.jp
TEL: +81-3-6276-5103

___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc