Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows
draft-ietf-dmarc-interoperability-18

Yes

(Alexey Melnikov)

(Ben Campbell)

(Mirja Kühlewind)

No Objection

(Alia Atlas)

(Alissa Cooper)

(Alvaro Retana)

(Deborah Brungard)

(Jari Arkko)

(Joel Jaeggli)

(Kathleen Moriarty)

(Stephen Farrell)

(Suresh Krishnan)

(Terry Manderson)

Note: This ballot was opened for revision 16 and is now closed.

Alexey Melnikov Former IESG member

Yes

Yes (for -16) Unknown

Ben Campbell Former IESG member

Yes

Yes (2016-06-13 for -16) Unknown

- Abstract: Please expand DMARC on first mention.

- 4.1.1.1, last bullet: "However, for known brands, all active domains are likely to be
      targeted equally by abusers."

I'm not sure quite what is meant by "known brands". Is this the same as well known email services?

6. Some of the mentioned mitigations involved relaxing alignment checks. Do those warrant a mention here?

-- last paragraph: " Section 4.1.3.3 warns that rewriting the RFC5322.From header field
   and changing the domain name should not be done with any domain."

I'm not sure I understand that sentence, especially around "not be done with any domain". Nor do I see which text in 4.1.3.3 specifically says that.

Mirja Kühlewind Former IESG member

Yes

Yes (for -16) Unknown

Alia Atlas Former IESG member

No Objection

No Objection (for -16) Unknown

Alissa Cooper Former IESG member

No Objection

No Objection (for -16) Unknown

Alvaro Retana Former IESG member

No Objection

No Objection (for -16) Unknown

Deborah Brungard Former IESG member

No Objection

No Objection (for -16) Unknown

Jari Arkko Former IESG member

No Objection

No Objection (for -16) Unknown

Joel Jaeggli Former IESG member

No Objection

No Objection (for -16) Unknown

Kathleen Moriarty Former IESG member

No Objection

No Objection (2016-06-16 for -16) Unknown

I'd also like to see the adjusted text per Stephen's first 2 comments.

Stephen Farrell Former IESG member

No Objection

No Objection (2016-06-16 for -16) Unknown

- I think the abstract and intro are too coy in saying that
DMARC "can" introduce interop issues when we know that it
definitely does introduce such issues. Better to be up front
about that I think. The same issue arises elsewhere (e.g.  in
3.2.3.1) and I don't see any real benefit in almost pretending
that this isn't a real issue.

- I think the abstract and intro would be better if they
explicitly ack'd that DMARC affects mailing lists. So maybe
replacing the relevant sentence with something like:
"Collectively these email flows are referred to as indirect
email flows, and include mailing lists, such as those used to
discuss this document."

- 2.3: I'm surprised that we don't know the prevalence of simple
vs. relaxed support and use. 

- 3.1.2: Saying that the MTA is the thing to "introduce" the
interop issue here seems a bit wrong - isn't the issue caused by
the existing MTA practice combined with the introduction of
DMARC?

Suresh Krishnan Former IESG member

No Objection

No Objection (for -16) Unknown

Terry Manderson Former IESG member

No Objection

No Objection (for -16) Unknown

Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows draft-ietf-dmarc-interoperability-18

Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows
draft-ietf-dmarc-interoperability-18