IETF
dmarc
dmarc@jabber.ietf.org
Thursday, July 28, 2022< ^ >
Meetecho has set the subject to: DMARC @ IETF 112
Room Configuration
Room Occupants

GMT+0
[19:47:49] <zulipbot> (Seth Blank) test of my own
[19:48:10] <zulipbot> (Tim Wicinski) who are you exactly?
[19:48:45] <zulipbot> (Seth Blank) šŸ˜¬
[19:49:52] <zulipbot> (Tim Wicinski) congrats on your new gig!
[19:50:56] <zulipbot> (Seth Blank) hah, thanks! wish I could've been in Philly for this, but sadly had a last minute abort yesterday :-/
[19:52:19] <zulipbot> (Tim Wicinski) no worries - iĀ“m filling Todd with crazy thoughts....
[19:55:21] <zulipbot> (Seth Blank) Do we have a scribe for this session?
[19:56:10] <zulipbot> (Tim Wicinski) who always has your back boss!
[19:57:03] <zulipbot> (Seth Blank) thank you Tim and Jim!
[19:59:11] <zulipbot> (Tim Wicinski) your hair is organized Seth.
[19:59:38] <zulipbot> (Jim Fenton) The Rate my Background people are pleased.
[20:00:04] <zulipbot> (Seth Blank) šŸ¤£
[20:18:48] <zulipbot> (Rolf Sonneveld) +1 for what Barry proposes
[20:19:01] <zulipbot> (Seth Blank) Strong disagree as an individual
[20:20:00] <zulipbot> (Tim Wicinski) in the current doc the iana reg refers the "psd" flag to 7489 and not 9091.  ??
[20:20:36] <zulipbot> (Tim Wicinski) https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-15#section-9.4
[20:24:28] <zulipbot> (Pete Resnick) What is the reason for your objection to the MUST NOT?
[20:24:41] <zulipbot> (Pete Resnick) For @**Seth Blank** , that was
[20:25:59] <zulipbot> (Pete Resnick) "Understand what you are doing" is equivalent to "SHOULD NOT".
[20:26:13] <zulipbot> (Rolf Sonneveld) Is this not something for an A/S document?
[20:26:41] <zulipbot> (Pete Resnick) @**Rolf Sonneveld** we combine A/S with T/S all of the time.
[20:26:54] <zulipbot> (Murray Kucherawy) A nit: We (the IETF) didn't publish RFC 7489.  The ISE did.
[20:28:24] <zulipbot> (Tim Wicinski) The outside world does not see any differences
[20:29:25] <zulipbot> (Pete Resnick) We have voluntary standards. People violate the TCP retransmission rules in some cases too. But they MUST NOT do that either.
[20:32:11] <zulipbot> (Trent Adams) We have some data on ARC - can address
[20:38:31] <zulipbot> (Pete Resnick) And let's be clear, it's a "MUST NOT use p=reject when you don't intend to prevent forwarding through mailing lists or other non-transactional email."
[20:38:44] <zulipbot> (Pete Resnick) It's not "MUST NOT use DMARC at all".
[20:41:12] <zulipbot> (Seth Blank) @**Pete Resnick** what I'm trying to say, for many companies, the value of p=reject is far higher than that of the damage to mailing list and other dkim-breaking traffic. Telling them MUST or SHOULD NOT is counterproductive, because it's their choice. We should inform them of the potential impact, but it doesn't feel like normative guidance is useful when it's really an option of organizational policy.
[20:44:03] <zulipbot> (Pete Resnick) @**Seth Blank** I would understand if you were saying you'd prefer SHOULD NOT because (to quote 2119) "there may exist valid reasons in particular circumstances when the particular behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing", because that's pretty much what you're saying. I don't understand why you reject SHOULD NOT.
[20:44:44] <zulipbot> (Seth Blank) I can be convinced of SHOULD NOT. I remain deeply opposed to MUST NOT, and would prefer informative language to normative language on this matter. I also hear I may be in the rough ;-)
[20:45:45] <zulipbot> (Pete Resnick) I will equally understand if MUST NOT ends up in the rough.
[20:46:57] <zulipbot> (Tim Wicinski) i filed my nit as a git issue
[20:48:43] <zulipbot> (Rolf Sonneveld) What is meant by "Note that the force of these words is modified by the requirement level of the document in which they are used." in RFC2119? Does this mean that a 'MUST NOT' in a Standard Track weighs more than in an "Informational"?
[20:50:01] <zulipbot> (Seth Blank) Do we need to discuss the rfc6973 impact on failure reports?
[20:50:27] <zulipbot> (Seth Blank) or the fact that pretty much no major mailbox sends them?
[20:50:41] <zulipbot> (Murray Kucherawy) I would.
[20:50:58] <zulipbot> (Murray Kucherawy) @Rolf: That's how I interpret it.
[20:52:25] <zulipbot> (Rolf Sonneveld) @Murray, thanks. Isn't it a bit weird that "requirement level" is mentioned twice in RFC2119, once in the title and once in the text, without it being explained in the doc?
[20:53:54] <zulipbot> (Pete Resnick) @**Rolf Sonneveld** See RFC 2026 for a discussion of requirement levels.
[20:55:25] <zulipbot> (Rolf Sonneveld) @Pete, ah, thanks
[20:55:51] <zulipbot> (Ricardo Signes) šŸ‘‹šŸ½
[20:56:04] <zulipbot> (Pete Resnick) @**Rolf Sonneveld**  We don't really use that stuff anymore, but that's what it was referring to.
[20:57:10] <zulipbot> (Seth Blank) Thank you, everyone!