Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows
RFC 7960

Note: This ballot was opened for revision 16 and is now closed.

(Ben Campbell) Yes

Comment (2016-06-13 for -16)
No email
send info
- Abstract: Please expand DMARC on first mention.

- 4.1.1.1, last bullet: "However, for known brands, all active domains are likely to be
      targeted equally by abusers."

I'm not sure quite what is meant by "known brands". Is this the same as well known email services?

6. Some of the mentioned mitigations involved relaxing alignment checks. Do those warrant a mention here?

-- last paragraph: " Section 4.1.3.3 warns that rewriting the RFC5322.From header field
   and changing the domain name should not be done with any domain."

I'm not sure I understand that sentence, especially around "not be done with any domain". Nor do I see which text in 4.1.3.3 specifically says that.

(Mirja K├╝hlewind) Yes

(Alexey Melnikov) Yes

(Jari Arkko) No Objection

(Alia Atlas) No Objection

Deborah Brungard No Objection

Alissa Cooper No Objection

(Stephen Farrell) No Objection

Comment (2016-06-16 for -16)
No email
send info
- I think the abstract and intro are too coy in saying that
DMARC "can" introduce interop issues when we know that it
definitely does introduce such issues. Better to be up front
about that I think. The same issue arises elsewhere (e.g.  in
3.2.3.1) and I don't see any real benefit in almost pretending
that this isn't a real issue.

- I think the abstract and intro would be better if they
explicitly ack'd that DMARC affects mailing lists. So maybe
replacing the relevant sentence with something like:
"Collectively these email flows are referred to as indirect
email flows, and include mailing lists, such as those used to
discuss this document."

- 2.3: I'm surprised that we don't know the prevalence of simple
vs. relaxed support and use. 

- 3.1.2: Saying that the MTA is the thing to "introduce" the
interop issue here seems a bit wrong - isn't the issue caused by
the existing MTA practice combined with the introduction of
DMARC?

(Joel Jaeggli) No Objection

(Suresh Krishnan) No Objection

(Terry Manderson) No Objection

(Kathleen Moriarty) No Objection

Comment (2016-06-16 for -16)
No email
send info
I'd also like to see the adjusted text per Stephen's first 2 comments.

Alvaro Retana No Objection