-
Notifications
You must be signed in to change notification settings - Fork 4
/
psd_dmarc_r6-from-tld_dmarc_r5.diff.html
439 lines (438 loc) · 89.1 KB
/
psd_dmarc_r6-from-tld_dmarc_r5.diff.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by rfcdiff 1.41: rfcdiff -->
<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
<!-- System: Linux kitterma-E6430 3.13.0-158-generic #208-Ubuntu SMP Fri Aug 24 17:07:38 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux -->
<!-- Using awk: /usr/bin/gawk: GNU Awk 4.0.1 -->
<!-- Using diff: /usr/bin/diff: diff (GNU diffutils) 3.3 -->
<!-- Using wdiff: /usr/bin/wdiff: wdiff (GNU wdiff) 1.2.1 -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Diff: tld_dmarc_r5.txt - psd_dmarc_r6.txt</title>
<style type="text/css">
body { margin: 0.4ex; margin-right: auto; }
tr { }
td { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;}
th { font-size: 0.86em; }
.small { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; }
.left { background-color: #EEE; }
.right { background-color: #FFF; }
.diff { background-color: #CCF; }
.lblock { background-color: #BFB; }
.rblock { background-color: #FF8; }
.insert { background-color: #8FF; }
.delete { background-color: #ACF; }
.void { background-color: #FFB; }
.cont { background-color: #EEE; }
.linebr { background-color: #AAA; }
.lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; }
.elipsis{ background-color: #AAA; }
.left .cont { background-color: #DDD; }
.right .cont { background-color: #EEE; }
.lblock .cont { background-color: #9D9; }
.rblock .cont { background-color: #DD6; }
.insert .cont { background-color: #0DD; }
.delete .cont { background-color: #8AD; }
.stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; }
</style>
</head>
<body >
<table border="0" cellpadding="0" cellspacing="0">
<tr bgcolor="orange"><th></th><th> tld_dmarc_r5.txt </th><th> </th><th> psd_dmarc_r6.txt </th><th></th></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Network Working Group S. Kitterman</td><td> </td><td class="right">Network Working Group S. Kitterman</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0001" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">Internet-Draft <span class="delete">Kitterman Technical</span> Services</td><td> </td><td class="rblock">Internet-Draft <span class="insert">fTLD Registry</span> Services</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">Updates: 7489 (if approved) October <span class="delete">6,</span> 2018</td><td> </td><td class="rblock">Updates: 7489 (if approved) October <span class="insert">13,</span> 2018</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Intended status: Informational</td><td> </td><td class="right">Intended status: Informational</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0002" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">Expires: April <span class="delete">9</span>, 2019</td><td> </td><td class="rblock">Expires: April <span class="insert">16</span>, 2019</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">DMARC (Domain-based Message Authentication, Reporting, and Conformance)</td><td> </td><td class="right">DMARC (Domain-based Message Authentication, Reporting, and Conformance)</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0003" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Extension For <span class="delete">TLDs (Top Level</span> Domains)</td><td> </td><td class="rblock"> Extension For <span class="insert">PSDs (Public Suffix</span> Domains)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-kitterman-dmarc-tld-00</span></td><td> </td><td class="rblock"> <span class="insert">draft-kitterman-dmarc-psd-00</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC (Domain-based Message Authentication, Reporting, and</td><td> </td><td class="right"> DMARC (Domain-based Message Authentication, Reporting, and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Conformance) is a scalable mechanism by which a mail-originating</td><td> </td><td class="right"> Conformance) is a scalable mechanism by which a mail-originating</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> organization can express domain-level policies and preferences for</td><td> </td><td class="right"> organization can express domain-level policies and preferences for</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> message validation, disposition, and reporting, that a mail-receiving</td><td> </td><td class="right"> message validation, disposition, and reporting, that a mail-receiving</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0004" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> organization can use to improve mail handling. DMARC <span class="delete">itself does not</span></td><td> </td><td class="rblock"> organization can use to improve mail handling. DMARC <span class="insert">policies can be</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> apply to</span> domains above the organizational level, such as TLDs (Top</td><td> </td><td class="rblock"><span class="insert"> applied at the individual domain level or for a set of domains at the</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Level Domains). For the subset of <span class="delete">TLDs (or other non-organizational</span></td><td> </td><td class="rblock"><span class="insert"> organizational level. The design of DMARC precludes grouping</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> domains)</span> that require DMARC usage, it is appropriate to provide <span class="delete">TLD</span></td><td> </td><td class="rblock"><span class="insert"> policies for a set of</span> domains above the organizational level, such as</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> level DMARC <span class="delete">capability.</span> This memo describes an extension to DMARC to</td><td> </td><td class="rblock"> TLDs (Top Level Domains). <span class="insert">These types of domains (which are not all</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> enable a subset of DMARC functionality for such domains.</td><td> </td><td class="rblock"><span class="insert"> at the top level of the DNS tree) can be collectively referred to as</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Public Suffix Domains (PSDs).</span> For the subset of <span class="insert">PSDs</span> that require</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> DMARC usage, it is appropriate to provide <span class="insert">PSD</span> level DMARC <span class="insert">capability</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> to provide policy and collect feedback for a set of domains.</span> This</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> memo describes an extension to DMARC to enable a subset of DMARC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> functionality for such domains.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Status of This Memo</td><td> </td><td class="right">Status of This Memo</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This Internet-Draft is submitted in full conformance with the</td><td> </td><td class="right"> This Internet-Draft is submitted in full conformance with the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> provisions of BCP 78 and BCP 79.</td><td> </td><td class="right"> provisions of BCP 78 and BCP 79.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF). Note that other groups may also distribute</td><td> </td><td class="right"> Task Force (IETF). Note that other groups may also distribute</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> working documents as Internet-Drafts. The list of current Internet-</td><td> </td><td class="right"> working documents as Internet-Drafts. The list of current Internet-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Drafts is at https://datatracker.ietf.org/drafts/current/.</td><td> </td><td class="right"> Drafts is at https://datatracker.ietf.org/drafts/current/.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right"> Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0005" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> This Internet-Draft will expire on April <span class="delete">9</span>, 2019.</td><td> </td><td class="rblock"> This Internet-Draft will expire on April <span class="insert">16</span>, 2019.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Copyright Notice</td><td> </td><td class="right">Copyright Notice</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Copyright (c) 2018 IETF Trust and the persons identified as the</td><td> </td><td class="right"> Copyright (c) 2018 IETF Trust and the persons identified as the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> document authors. All rights reserved.</td><td> </td><td class="right"> document authors. All rights reserved.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td> </td><td class="right"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Provisions Relating to IETF Documents</td><td> </td><td class="right"> Provisions Relating to IETF Documents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (https://trustee.ietf.org/license-info) in effect on the date of</td><td> </td><td class="right"> (https://trustee.ietf.org/license-info) in effect on the date of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> publication of this document. Please review these documents</td><td> </td><td class="right"> publication of this document. Please review these documents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> carefully, as they describe your rights and restrictions with respect</td><td> </td><td class="right"> carefully, as they describe your rights and restrictions with respect</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> to this document. Code Components extracted from this document must</td><td> </td><td class="right"> to this document. Code Components extracted from this document must</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> include Simplified BSD License text as described in Section 4.e of</td><td> </td><td class="right"> include Simplified BSD License text as described in Section 4.e of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the Trust Legal Provisions and are provided without warranty as</td><td> </td><td class="right"> the Trust Legal Provisions and are provided without warranty as</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> described in the Simplified BSD License.</td><td> </td><td class="right"> described in the Simplified BSD License.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2</td><td> </td><td class="right"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0006" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 2. Terminology and Definitions . . . . . . . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"> 2. Terminology and Definitions . . . . . . . . . . . . . . . . . <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 2.1. Conventions Used in This Document . . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"> 2.1. Conventions Used in This Document . . . . . . . . . . . . <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 2.2. <span class="delete">Top Level</span> Domain <span class="delete">(TLD)</span> . . . . . . . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"> 2.2. <span class="insert">Public Suffix</span> Domain <span class="insert">(PSD)</span> . . . . . . . . . . . . . . . <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 2.3. TLD Operator (TLDO)</span> . . . . . . . . . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"><span class="insert"> 2.3. Longest PSD .</span> . . . . . . . . . . . . . . . . . . . . . <span class="insert">. 4</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 2.4. <span class="delete">TLDO</span> Controlled Domain Names . . . . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"> 2.4. <span class="insert">Public Suffix Operator (PSO) . . . . . . . . . . . . . . 4</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 2.5.</span> Non-existent Domains . . . . . . . . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"><span class="insert"> 2.5. PSO</span> Controlled Domain Names . . . . . . . . . . . . . . <span class="insert">. 5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3. <span class="delete">TLD</span> DMARC Updates to DMARC Requirements . . . . . . . . . . . <span class="delete">3</span></td><td> </td><td class="rblock"><span class="insert"> 2.6.</span> Non-existent Domains . . . . . . . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3.1. General Updates . . . . . . . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 3. <span class="insert">PSD</span> DMARC Updates to DMARC Requirements . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3.2. Section 6.1 DMARC Policy Record . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 3.1. General Updates . . . . . . . . . . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3.3. Section 6.5. Domain Owner Actions . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 3.2. Section 6.1 DMARC Policy Record . . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3.4. Section 6.6.3. Policy Discovery . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 3.3. Section 6.5. Domain Owner Actions . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3.5. Section 7. DMARC Feedback . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 3.4. Section 6.6.3. Policy Discovery . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 3.5. Section 7. DMARC Feedback . . . . . . . . . . . . . . . <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 4.1. Feedback leakage . . . . . . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 5. Security Considerations . . . . . . . . . . . . . . . . . . . <span class="delete">5</span></td><td> </td><td class="rblock"> 4.1. Feedback leakage . . . . . . . . . . . . . . . . . . . . <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . <span class="delete">5</span></td><td> </td><td class="rblock"> 5. Security Considerations . . . . . . . . . . . . . . . . . . . <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 6.1. DMARC <span class="delete">Top Level</span> Domain <span class="delete">(TLD)</span> Registry <span class="delete">. . . . . . . . . . 5</span></td><td> </td><td class="rblock"> 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7. References . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">6</span></td><td> </td><td class="rblock"> 6.1. DMARC <span class="insert">Public Suffix</span> Domain <span class="insert">(PSD)</span> Registry <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7.1. Normative References . . . . . . . . . . . . . . . . . . <span class="delete">6</span></td><td> </td><td class="rblock"> 7. References . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7.2. Informative References . . . . . . . . . . . . . . . . . <span class="delete">6</span></td><td> </td><td class="rblock"> 7.1. Normative References . . . . . . . . . . . . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">7</span></td><td> </td><td class="rblock"> 7.2. Informative References . . . . . . . . . . . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Author's Address . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">7</span></td><td> </td><td class="rblock"> Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> Author's Address . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">1. Introduction</td><td> </td><td class="right">1. Introduction</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC [RFC7489] provides email sending organizational policy</td><td> </td><td class="right"> DMARC [RFC7489] provides email sending organizational policy</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0007" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> information to email receivers. <span class="delete">Due to the design of</span> DMARC [RFC7489]</td><td> </td><td class="rblock"> information to email receivers. DMARC [RFC7489] <span class="insert">allows policy to be</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> and <span class="delete">the nature</span> of the <span class="delete">Internet email architecture [RFC5598], there</span></td><td> </td><td class="rblock"><span class="insert"> specified for both individual domains</span> and <span class="insert">sets</span> of <span class="insert">domains within a</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> are interoperability issues associated with DMARC [RFC7489]</span></td><td> </td><td class="rblock"><span class="insert"> single organization. For domains above</span> the <span class="insert">organizational level</span> in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> deployment. These are discussed</span> in <span class="delete">Interoperability Issues between</span></td><td> </td><td class="rblock"> <span class="insert">the DNS tree, they</span> are <span class="insert">currently limited</span> to <span class="insert">expressing policy for the</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> DMARC and Indirect Email Flows [RFC7960]. These issues</span> are <span class="delete">not</span></td><td> </td><td class="rblock"><span class="insert"> exact domain. There is no method available to such domains to</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> applicable</span> to <span class="delete">TLDs, since they do not send mail.</span></td><td> </td><td class="rblock"><span class="insert"> express lower level policy or receive feedback reporting for sets of</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> domains. This prevents policy declarations for non-existent domains</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> and identification of domain abuse in email, which can be important</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> for brand and consumer protection.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0008" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> DMARC [RFC7489], by design, does not support requirements of <span class="delete">TLD</span></td><td> </td><td class="rblock"> <span class="insert">As an example, imagine a country code TLD (ccTLD) which has</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> operators. For <span class="delete">TLDs</span> that require use of DMARC [RFC7489], a subset of</td><td> </td><td class="rblock"><span class="insert"> subdomains for government and commercial use (.gov.example and</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> DMARC reporting and enforcement capability is needed for <span class="delete">TLD</span></td><td> </td><td class="rblock"><span class="insert"> .com.example). Within the .gov.example public suffix, use of DMARC</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> operators to effectively manage and monitor implementation of <span class="delete">TLD</span></td><td> </td><td class="rblock"><span class="insert"> [RFC7489] has been mandated and .gov.example has published its own</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> DMARC [RFC7489] record:</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> "v=DMARC1;p=reject;rua=mailto:[email protected]"</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> at</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> _dmarc.gov.example.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> This would provide policy and feedback for mail sent from</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> @gov.example, but not @tax.gov.example and there is no way to publish</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> an organizational level policy that would do so. While, in theory,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> receivers could reject mail from non-existent domains, in practice</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> there are operational issues with doing so that make it impractical.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Non-existence of the sending domain is often a factor in a mail</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> delivery decision, but not generally treated as definitive on its</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> own.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> This memo provides a simple extension to DMARC [RFC7489] to allow</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> operators of Public Suffix Domains (PSDs) to express policy for</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> groups of subdomains, extends the DMARC [RFC7489] policy query</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> functionality to detect and process such a policy, describes receiver</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> feedback for such policies, and provides controls to mitigate</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> potential privacy considerations associated with this extension.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> There are two types of Public Suffix Operators (PSOs) for which this</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> extension would be useful and appropriate:</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Branded PSDs (e.g., ".google"): These domains are effectively</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> organizational domains as discussed in DMARC [RFC7489]. They</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> control all subdomains of the tree. The ".gov.example" used above</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> is an example of this class.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Multi-organization PSDs that require DMARC usage (e.g., ".bank"):</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Because existing organizational domains using this PSD have their</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> own DMARC policy, the applicability of this extension is for non-</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> existent domains. The extension allows the brand protection</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> benefits of DMARC [RFC7489] to extend to the entire PSD, including</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> cousin domains of registere organizations.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Due to the design of DMARC [RFC7489] and the nature of the Internet</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> email architecture [RFC5598], there are interoperability issues</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> associated with DMARC [RFC7489] deployment. These are discussed in</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Interoperability Issues between DMARC and Indirect Email Flows</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> [RFC7960]. These issues are not applicable to PSDs, since they do</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> not send mail.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> DMARC [RFC7489], by design, does not support requirements of <span class="insert">PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> operators. For <span class="insert">PSDs</span> that require use of DMARC [RFC7489], a subset of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> DMARC reporting and enforcement capability is needed for <span class="insert">PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> operators to effectively manage and monitor implementation of <span class="insert">PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> requirements.</td><td> </td><td class="right"> requirements.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2. Terminology and Definitions</td><td> </td><td class="right">2. Terminology and Definitions</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This section defines terms used in the rest of the document.</td><td> </td><td class="right"> This section defines terms used in the rest of the document.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2.1. Conventions Used in This Document</td><td> </td><td class="right">2.1. Conventions Used in This Document</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td> </td><td class="right"> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and</td><td> </td><td class="right"> "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "OPTIONAL" in this document are to be interpreted as described in</td><td> </td><td class="right"> "OPTIONAL" in this document are to be interpreted as described in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all</td><td> </td><td class="right"> BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> capitals, as shown here.</td><td> </td><td class="right"> capitals, as shown here.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0009" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">2.2. <span class="delete">Top Level Domain (TL</span>D)</td><td> </td><td class="rblock">2.2. <span class="insert">Public Suffix Domain (PS</span>D)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The global Internet Domain Name System (DNS) is documented in</td><td> </td><td class="right"> The global Internet Domain Name System (DNS) is documented in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> numerous Requests for Comment (RFC). It defines a tree of names</td><td> </td><td class="right"> numerous Requests for Comment (RFC). It defines a tree of names</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> starting with root, ".", immediately below which are Top Level Domain</td><td> </td><td class="right"> starting with root, ".", immediately below which are Top Level Domain</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0010" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> names such as ".com" and ".us". <span class="delete">The usage</span> for <span class="delete">TLD DMARC</span> is <span class="delete">broader</span></td><td> </td><td class="rblock"> names such as ".com" and ".us". <span class="insert">They are not available</span> for <span class="insert">private</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> and</span> includes all domains above the organizational level in the tree,</td><td> </td><td class="rblock"><span class="insert"> registration. In many cases the public portion of the DNS tree</span> is</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> e.g., ".gov.uk".</td><td> </td><td class="rblock"> <span class="insert">more than one level deep. PSD DMARC</span> includes all <span class="insert">public</span> domains</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> above the organizational level in the tree, e.g., ".gov.uk".</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0011" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">2.3. <span class="delete">TLD Operator (TLDO)</span></td><td> </td><td class="rblock">2.3. <span class="insert">Longest PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0012" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">A TLD Operator manages operations within their TLD</span>.</td><td> </td><td class="rblock"> <span class="insert">Organizational Domain with one label removed</span>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0013" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">2.4. <span class="delete">TLDO Controlled Domain Names</span></td><td> </td><td class="rblock">2.4. <span class="insert">Public Suffix Operator (PSO)</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0014" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLDO</span> Controlled Domain Names are names in the DNS that are managed by</td><td> </td><td class="rblock"> <span class="insert">A Public Suffix Operator manages operations within their PSD.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> a <span class="delete">TLDO</span> and are not available for use as Organizational Domains (the</td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">2.5. PSO Controlled Domain Names</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> PSO</span> Controlled Domain Names are names in the DNS that are managed by</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> a <span class="insert">PSO</span> and are not available for use as Organizational Domains (the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> term organizational domains is defined in DMARC [RFC7489]).</td><td> </td><td class="right"> term organizational domains is defined in DMARC [RFC7489]).</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0015" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Depending on <span class="delete">TL</span>D policy, these will have one (e.g., ".com") or more</td><td> </td><td class="rblock"> Depending on <span class="insert">PS</span>D policy, these will have one (e.g., ".com") or more</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (e.g., ".co.uk") name components.</td><td> </td><td class="right"> (e.g., ".co.uk") name components.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0016" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">2.<span class="delete">5</span>. Non-existent Domains</td><td> </td><td class="rblock">2.<span class="insert">6</span>. Non-existent Domains</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> For DMARC [RFC7489] purposes, a non-existent domain is a domain name</td><td> </td><td class="right"> For DMARC [RFC7489] purposes, a non-existent domain is a domain name</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> that publishes none of A, AAAA, or MX records. This is a broader</td><td> </td><td class="right"> that publishes none of A, AAAA, or MX records. This is a broader</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> definition than that in NXDOMAIN [RFC8020].</td><td> </td><td class="right"> definition than that in NXDOMAIN [RFC8020].</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0017" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">3. <span class="delete">TL</span>D DMARC Updates to DMARC Requirements</td><td> </td><td class="rblock">3. <span class="insert">PS</span>D DMARC Updates to DMARC Requirements</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document updates DMARC [RFC7489] as follows:</td><td> </td><td class="right"> This document updates DMARC [RFC7489] as follows:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.1. General Updates</td><td> </td><td class="right">3.1. General Updates</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0018" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> References to "Domain Owners" also apply to <span class="delete">TLD</span>Os.</td><td> </td><td class="rblock"> References to "Domain Owners" also apply to <span class="insert">PS</span>Os.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.2. Section 6.1 DMARC Policy Record</td><td> </td><td class="right">3.2. Section 6.1 DMARC Policy Record</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0019" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLD</span> DMARC records are published as a subdomain of the <span class="delete">TLD.</span> For the</td><td> </td><td class="rblock"> <span class="insert">PSD</span> DMARC records are published as a subdomain of the <span class="insert">PSD.</span> For the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLD</span> ".example", the <span class="delete">TLDO</span> would post DMARC preferences in a TXT record</td><td> </td><td class="rblock"> <span class="insert">PSD</span> ".example", the <span class="insert">PSO</span> would post DMARC preferences in a TXT record</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> at "_dmarc.example".</td><td> </td><td class="right"> at "_dmarc.example".</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.3. Section 6.5. Domain Owner Actions</td><td> </td><td class="right">3.3. Section 6.5. Domain Owner Actions</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0020" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> In addition to the DMARC [RFC7489] domain owner actions, <span class="delete">TLDOs</span> will</td><td> </td><td class="rblock"> In addition to the DMARC [RFC7489] domain owner actions, <span class="insert">PSOs</span> will</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> need to update the "DMARC <span class="delete">Top Level</span> Domain <span class="delete">(TLD)</span> Registry". This</td><td> </td><td class="rblock"> need to update the "DMARC <span class="insert">Public Suffix</span> Domain <span class="insert">(PSD)</span> Registry". This</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> registry is defined in Section 6.1.</td><td> </td><td class="right"> registry is defined in Section 6.1.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.4. Section 6.6.3. Policy Discovery</td><td> </td><td class="right">3.4. Section 6.6.3. Policy Discovery</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> A new step between step 3 and 4 is added:</td><td> </td><td class="right"> A new step between step 3 and 4 is added:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0021" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3A. If the set is now empty and the <span class="delete">TLD</span> of the Organizational Domain</td><td> </td><td class="rblock"> 3A. If the set is now empty and the <span class="insert">longest PSD (Section 2.3)</span> of the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> is listed in the DMARC <span class="delete">TLD Registry,</span> the Mail Receiver MUST query</td><td> </td><td class="rblock"> Organizational Domain is listed in the DMARC <span class="insert">PSD Registry (defined</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> the DNS for a DMARC TXT record at the DNS domain matching the</td><td> </td><td class="rblock"><span class="insert"> in Section 6.1),</span> the Mail Receiver MUST query the DNS for a DMARC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Organizational Domain with one label removed</span> in place of the</td><td> </td><td class="rblock"> TXT record at the DNS domain matching the <span class="insert">longest PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> RFC5322.From domain in the message (if different). A possibly</td><td> </td><td class="rblock"><span class="insert"> (Section 2.3)</span> in place of the RFC5322.From domain in the message</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> empty set of records is returned.</td><td> </td><td class="rblock"> (if different). A possibly empty set of records is returned.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> As an example, for a message with the Organizational Domain of</td><td> </td><td class="right"> As an example, for a message with the Organizational Domain of</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0022" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">"example.compute.amazonaws.com.cn",</span> the query for <span class="delete">TLD</span> DMARC would use</td><td> </td><td class="rblock"> <span class="insert">"example.compute.cloudcompany.com.cctld",</span> the query for <span class="insert">PSD</span> DMARC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">"_dmarc.compute.amazonaws.com.cn".</span></td><td> </td><td class="rblock"> would use <span class="insert">"compute.cloudcompany.com.cctld" as the longest PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> (Section 2.3). The receiver would check to see if that PSD is listed</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> in the DMARC PSD Registry, and if so, perform the policy lookup at</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> "_dmarc.compute.cloudcompany.com.cctld".</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Note: Because the PSD policy query comes after the Organizational</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Domain policy query, PSD policy is not used for Organizational</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> domains that have published a DMARC [RFC7489] policy. Specifically,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> this is not a mechanism to provide feedback addresses (RUA/RUF) when</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> an Organizational Domain has declined to do so.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.5. Section 7. DMARC Feedback</td><td> </td><td class="right">3.5. Section 7. DMARC Feedback</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0023" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Operational note for <span class="delete">TLD</span> DMARC: For <span class="delete">TLDOs,</span> feedback for non-existent</td><td> </td><td class="rblock"> Operational note for <span class="insert">PSD</span> DMARC: For <span class="insert">PSOs,</span> feedback for non-existent</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> domains is desired and useful. Because of the constraints on <span class="delete">TLD</span></td><td> </td><td class="rblock"> domains is desired and useful. Because of the constraints on <span class="insert">PSD</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC scope, there are not significant privacy considerations</td><td> </td><td class="right"> DMARC scope, there are not significant privacy considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> associated with this reporting (See Section 4).</td><td> </td><td class="right"> associated with this reporting (See Section 4).</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">4. Privacy Considerations</td><td> </td><td class="right">4. Privacy Considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document does not significantly change the Privacy</td><td> </td><td class="right"> This document does not significantly change the Privacy</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Considerations of [RFC7489].</td><td> </td><td class="right"> Considerations of [RFC7489].</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">4.1. Feedback leakage</td><td> </td><td class="right">4.1. Feedback leakage</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0024" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Providing feedback reporting to <span class="delete">TLDOs</span> can, in some cases, create</td><td> </td><td class="rblock"> Providing feedback reporting to <span class="insert">PSOs</span> can, in some cases, create</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> leakage of information outside of an organization to the <span class="delete">TLDO.</span> There</td><td> </td><td class="rblock"> leakage of information outside of an organization to the <span class="insert">PSO.</span> There</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> are roughly three cases to consider:</td><td> </td><td class="right"> are roughly three cases to consider:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0025" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Branded <span class="delete">TLDs (e.g., ".google"), RUA and RUF reports based on TL</span>D</td><td> </td><td class="rblock"> o Branded <span class="insert">PSDs (e.g., ".google"), RUA and RUF reports based on PS</span>D</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC have the potential to contain information about emails</td><td> </td><td class="right"> DMARC have the potential to contain information about emails</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> related to entities managed by the organization. Since both the</td><td> </td><td class="right"> related to entities managed by the organization. Since both the</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0026" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLD</span>O and the Organizational Domain owners are common, there is no</td><td> </td><td class="rblock"> <span class="insert">PS</span>O and the Organizational Domain owners are common, there is no</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> privacy risk for either normal or Non-existent Domain reporting.</td><td> </td><td class="right"> privacy risk for either normal or Non-existent Domain reporting.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0027" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Multi-organization <span class="delete">TLDs</span> that require DMARC usage (e.g., ".bank"):</td><td> </td><td class="rblock"> o Multi-organization <span class="insert">PSDs</span> that require DMARC usage (e.g., ".bank"):</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLD</span> DMARC based reports will only be generated for domains that do</td><td> </td><td class="rblock"> <span class="insert">PSD</span> DMARC based reports will only be generated for domains that do</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> not publish a DMARC policy at the organizational level. For</td><td> </td><td class="right"> not publish a DMARC policy at the organizational level. For</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> domains that do publish the required DMARC policy records, the</td><td> </td><td class="right"> domains that do publish the required DMARC policy records, the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> feedback reporting addresses (RUA and RUF) of the organization</td><td> </td><td class="right"> feedback reporting addresses (RUA and RUF) of the organization</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0028" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> will be used. Since <span class="delete">TLD DMARC is limited to TL</span>Ds that mandate</td><td> </td><td class="rblock"> will be used. Since <span class="insert">PSD DMARC is limited to PS</span>Ds that mandate</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> organizational domains publish DMARC policy for existing domains,</td><td> </td><td class="right"> organizational domains publish DMARC policy for existing domains,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the risk of this issue is limited to organizational domains that</td><td> </td><td class="right"> the risk of this issue is limited to organizational domains that</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0029" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> are out of compliance with <span class="delete">TL</span>D policy.</td><td> </td><td class="rblock"> are out of compliance with <span class="insert">PS</span>D policy.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0030" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Multi-organization <span class="delete">TLDs</span> (e.g., ".com") that do not mandate DMARC</td><td> </td><td class="rblock"> o Multi-organization <span class="insert">PSDs</span> (e.g., ".com") that do not mandate DMARC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> usage. Privacy risks for organizational domains within such <span class="delete">TLDs</span></td><td> </td><td class="rblock"> usage. Privacy risks for organizational domains within such <span class="insert">PSDs</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> would be significant. This is mitigated by the limitation to only</td><td> </td><td class="right"> would be significant. This is mitigated by the limitation to only</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0031" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> include <span class="delete">TLDs listed in the public IANA DMARC TL</span>D Registry</td><td> </td><td class="rblock"> include <span class="insert">PSDs listed in the public IANA DMARC PS</span>D Registry</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> described in Section 6.1.</td><td> </td><td class="right"> described in Section 6.1.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0032" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLDOs will receive feedback on non-exista</span>nt domains, which may be</td><td> </td><td class="rblock"> <span class="insert">PSOs will receive feedback on non-existe</span>nt domains, which may be</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> similar to existing organizational domains. Feedback related to such</td><td> </td><td class="right"> similar to existing organizational domains. Feedback related to such</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> cousin domains have a small risk of carrying information related to</td><td> </td><td class="right"> cousin domains have a small risk of carrying information related to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> an actual organizational domain. To minimize this potential concern,</td><td> </td><td class="right"> an actual organizational domain. To minimize this potential concern,</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0033" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TL</span>D DMARC feedback is best limited to Aggregate Reports. Feedback</td><td> </td><td class="rblock"> <span class="insert">PS</span>D DMARC feedback is best limited to Aggregate Reports. Feedback</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Reports carry more detailed information and present a greater risk.</td><td> </td><td class="right"> Reports carry more detailed information and present a greater risk.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">5. Security Considerations</td><td> </td><td class="right">5. Security Considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document does not change the Security Considerations of</td><td> </td><td class="right"> This document does not change the Security Considerations of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC7489].</td><td> </td><td class="right"> [RFC7489].</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">6. IANA Considerations</td><td> </td><td class="right">6. IANA Considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This section describes actions requested to be completed by IANA.</td><td> </td><td class="right"> This section describes actions requested to be completed by IANA.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0034" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">6.1. DMARC <span class="delete">Top Level Domain (TL</span>D) Registry</td><td> </td><td class="rblock">6.1. DMARC <span class="insert">Public Suffix Domain (PS</span>D) Registry</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0035" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> IANA is requested to create a new DMARC <span class="delete">Top Level Domain (TL</span>D)</td><td> </td><td class="rblock"> IANA is requested to create a new DMARC <span class="insert">Public Suffix Domain (PS</span>D)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Registry within the Domain-based Message Authentication, Reporting,</td><td> </td><td class="right"> Registry within the Domain-based Message Authentication, Reporting,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and Conformance (DMARC) Parameters Registry.</td><td> </td><td class="right"> and Conformance (DMARC) Parameters Registry.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0036" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Names of <span class="delete">TLDs</span> participating in <span class="delete">TLD</span> DMARC must be registered with IANA</td><td> </td><td class="rblock"> Names of <span class="insert">PSDs</span> participating in <span class="insert">PSD</span> DMARC must be registered with IANA</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> in this new sub-registry. New entries are assigned only for <span class="delete">TLDs</span></td><td> </td><td class="rblock"> in this new sub-registry. New entries are assigned only for <span class="insert">PSDs</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> that require use of DMARC. The requirement has to be documented in a</td><td> </td><td class="right"> that require use of DMARC. The requirement has to be documented in a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> manner that satisfies the terms of Expert Review, per [RFC5226]. The</td><td> </td><td class="right"> manner that satisfies the terms of Expert Review, per [RFC5226]. The</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Designated Expert needs to confirm that provided documentation</td><td> </td><td class="right"> Designated Expert needs to confirm that provided documentation</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0037" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> adequately describes <span class="delete">TL</span>D policy to require domain owners to use DMARC</td><td> </td><td class="rblock"> adequately describes <span class="insert">PS</span>D policy to require domain owners to use DMARC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> or that all domain owners are part of a single organization with the</td><td> </td><td class="right"> or that all domain owners are part of a single organization with the</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0038" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLD</span>O.</td><td> </td><td class="rblock"> <span class="insert">PS</span>O.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The initial set of entries in this registry is as follows:</td><td> </td><td class="right"> The initial set of entries in this registry is as follows:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> +-------------+----------------+---------------+</td><td> </td><td class="right"> +-------------+----------------+---------------+</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0039" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> | <span class="delete">TL</span>D | Reference | Status |</td><td> </td><td class="rblock"> | <span class="insert">PS</span>D | Reference | Status |</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> +-------------+----------------+---------------+</td><td> </td><td class="right"> +-------------+----------------+---------------+</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> | .bank | this document | current |</td><td> </td><td class="right"> | .bank | this document | current |</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> +-------------+----------------+---------------+</td><td> </td><td class="right"> +-------------+----------------+---------------+</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> | .insurance | this document | current |</td><td> </td><td class="right"> | .insurance | this document | current |</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> +-------------+----------------+---------------+</td><td> </td><td class="right"> +-------------+----------------+---------------+</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">7. References</td><td> </td><td class="right">7. References</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">7.1. Normative References</td><td> </td><td class="right">7.1. Normative References</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 7, line 23</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 9, line 8</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Nothing Underneath", RFC 8020, DOI 10.17487/RFC8020,</td><td> </td><td class="right"> Nothing Underneath", RFC 8020, DOI 10.17487/RFC8020,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> November 2016, <https://www.rfc-editor.org/info/rfc8020>.</td><td> </td><td class="right"> November 2016, <https://www.rfc-editor.org/info/rfc8020>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Acknowledgements</td><td> </td><td class="right">Acknowledgements</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> TBS</td><td> </td><td class="right"> TBS</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Author's Address</td><td> </td><td class="right">Author's Address</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Scott Kitterman</td><td> </td><td class="right"> Scott Kitterman</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0040" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Kitterman Technical</span> Services</td><td> </td><td class="rblock"> <span class="insert">fTLD Registry</span> Services</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3611 Scheel Dr</span></td><td> </td><td class="rblock"> <span class="insert">600 13th Street, NW, Suite 400</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Ellicott City, MD 21042</span></td><td> </td><td class="rblock"><span class="insert"> Washington, DC 20005</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> United States of America</td><td> </td><td class="right"> United States of America</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Phone: +1 301 325-5475</td><td> </td><td class="right"> Phone: +1 301 325-5475</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Email: [email protected]</td><td> </td><td class="right"> Email: [email protected]</td><td class="lineno" valign="top"></td></tr>
<tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
<tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 40 change blocks. </a></th></tr>
<tr class="stats"><td></td><th><i>94 lines changed or deleted</i></th><th><i> </i></th><th><i>167 lines changed or added</i></th><td></td></tr>
<tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.41. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
</table>
</body>
</html>