Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows
draft-ietf-dmarc-interoperability-18
Yes
(Alexey Melnikov)
(Mirja Kühlewind)
No Objection
(Alia Atlas)
(Alissa Cooper)
(Alvaro Retana)
(Deborah Brungard)
(Jari Arkko)
(Joel Jaeggli)
(Suresh Krishnan)
(Terry Manderson)
Note: This ballot was opened for revision 16 and is now closed.
Alexey Melnikov Former IESG member
Yes
Yes
(for -16)
Unknown
Ben Campbell Former IESG member
Yes
Yes
(2016-06-13 for -16)
Unknown
- Abstract: Please expand DMARC on first mention. - 4.1.1.1, last bullet: "However, for known brands, all active domains are likely to be targeted equally by abusers." I'm not sure quite what is meant by "known brands". Is this the same as well known email services? 6. Some of the mentioned mitigations involved relaxing alignment checks. Do those warrant a mention here? -- last paragraph: " Section 4.1.3.3 warns that rewriting the RFC5322.From header field and changing the domain name should not be done with any domain." I'm not sure I understand that sentence, especially around "not be done with any domain". Nor do I see which text in 4.1.3.3 specifically says that.
Mirja Kühlewind Former IESG member
Yes
Yes
(for -16)
Unknown
Alia Atlas Former IESG member
No Objection
No Objection
(for -16)
Unknown
Alissa Cooper Former IESG member
No Objection
No Objection
(for -16)
Unknown
Alvaro Retana Former IESG member
No Objection
No Objection
(for -16)
Unknown
Deborah Brungard Former IESG member
No Objection
No Objection
(for -16)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -16)
Unknown
Joel Jaeggli Former IESG member
No Objection
No Objection
(for -16)
Unknown
Kathleen Moriarty Former IESG member
No Objection
No Objection
(2016-06-16 for -16)
Unknown
I'd also like to see the adjusted text per Stephen's first 2 comments.
Stephen Farrell Former IESG member
No Objection
No Objection
(2016-06-16 for -16)
Unknown
- I think the abstract and intro are too coy in saying that DMARC "can" introduce interop issues when we know that it definitely does introduce such issues. Better to be up front about that I think. The same issue arises elsewhere (e.g. in 3.2.3.1) and I don't see any real benefit in almost pretending that this isn't a real issue. - I think the abstract and intro would be better if they explicitly ack'd that DMARC affects mailing lists. So maybe replacing the relevant sentence with something like: "Collectively these email flows are referred to as indirect email flows, and include mailing lists, such as those used to discuss this document." - 2.3: I'm surprised that we don't know the prevalence of simple vs. relaxed support and use. - 3.1.2: Saying that the MTA is the thing to "introduce" the interop issue here seems a bit wrong - isn't the issue caused by the existing MTA practice combined with the introduction of DMARC?
Suresh Krishnan Former IESG member
No Objection
No Objection
(for -16)
Unknown
Terry Manderson Former IESG member
No Objection
No Objection
(for -16)
Unknown