ietf-822
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-822] WSJ/gmail/ML, was a permission to...

2014-05-03 19:35:40
from [Michael Richardson] [Permanent Link] 

Hector Santos <hsantos(_at_)isdg(_dot_)net> wrote:
    > For larger scale, using Murray's ATPS (RFC6541 ) extension, the DMARC
    > record is:

    >    v=dmarc1 p=reject atps=y ......

    > The atps=y tag say to check for "_atps." zone record for the signing
    > domain, ietf.org, authorization.  You can create and see this record at
    > the wizard http://www.winserver.com/public/wcadsp


    >   _adsp._domainkey TXT ("dkim=all; atps=y; asl=ietf.org;")
    > PQ6XADOZSI47RLUIQ5YOHG2HY3MVJYOO._atps TXT ("v=atps01; d=ietf.org;")

    > I think this is is very simple and elegant solution. Doug has TPA with
    > similar zone records tags and labels to lookup.  Its all basically the

So, how in the world does this scale to having thousands of "trusted" mailing
lists?  Seriously.

I guess I'll have to read the draft to understand what the second record is.
It seems that it ought to be something like:
   ietf.org._adsp._domainkey TXT ...

    > If the IETF had supported ADSP/ATPS back in DKIM-WG, this would of been
    > a done deal long ago.  Yahoo's DMARC record would of been:

    >      v=dmarc1 p=reject atps=y

    > and there would be 30,000 ATPS records for all the purported list that
    > yahoo says their users are members of.

okay, but how would they have fit into that _adsp record?

    > The IETF SHOULD endorse 3rd party Authorization ideas so we can begin
    > to finally solve this problem.

    > I'm done.

I sure support the concept, but it seems to me that we need to do this
differently.

I was thinking that a (list) machine, receiving a signed message with
p=reject, would respond with some new 3xx code that would say, "great, I'd
love to help you, but you didn't delegate to me....", and then include
some transactional part that would help the right authorization occur.
Perhaps going back to the *user* to confirm.

After all, just because mcr(_at_)yahoo(_dot_)com is a subscriber to ietf.org 
lists,
doesn't mean that frank(_at_)yahoo(_dot_)com wants his email redistributed by 
ietf.org.

--
Michael Richardson <mcr+IETF(_at_)sandelman(_dot_)ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

Attachment: pgpqTWOTFIVeu.pgp
Description: PGP signature

_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Hector Santos
Next by Date:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Paul Smith
Previous by Thread:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Hector Santos
Next by Thread:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]