-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathtld_dmarc_r4-from-3.diff.html
219 lines (218 loc) · 39.1 KB
/
tld_dmarc_r4-from-3.diff.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by rfcdiff 1.41: rfcdiff -->
<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
<!-- System: Linux kitterma-E6430 3.13.0-158-generic #208-Ubuntu SMP Fri Aug 24 17:07:38 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux -->
<!-- Using awk: /usr/bin/gawk: GNU Awk 4.0.1 -->
<!-- Using diff: /usr/bin/diff: diff (GNU diffutils) 3.3 -->
<!-- Using wdiff: /usr/bin/wdiff: wdiff (GNU wdiff) 1.2.1 -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Diff: tld_dmarc_r3.txt - tld_dmarc_r4.txt</title>
<style type="text/css">
body { margin: 0.4ex; margin-right: auto; }
tr { }
td { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;}
th { font-size: 0.86em; }
.small { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; }
.left { background-color: #EEE; }
.right { background-color: #FFF; }
.diff { background-color: #CCF; }
.lblock { background-color: #BFB; }
.rblock { background-color: #FF8; }
.insert { background-color: #8FF; }
.delete { background-color: #ACF; }
.void { background-color: #FFB; }
.cont { background-color: #EEE; }
.linebr { background-color: #AAA; }
.lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; }
.elipsis{ background-color: #AAA; }
.left .cont { background-color: #DDD; }
.right .cont { background-color: #EEE; }
.lblock .cont { background-color: #9D9; }
.rblock .cont { background-color: #DD6; }
.insert .cont { background-color: #0DD; }
.delete .cont { background-color: #8AD; }
.stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; }
</style>
</head>
<body >
<table border="0" cellpadding="0" cellspacing="0">
<tr bgcolor="orange"><th></th><th> tld_dmarc_r3.txt </th><th> </th><th> tld_dmarc_r4.txt </th><th></th></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Network Working Group S. Kitterman</td><td> </td><td class="right">Network Working Group S. Kitterman</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Internet-Draft Kitterman Technical Services</td><td> </td><td class="right">Internet-Draft Kitterman Technical Services</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0001" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">Updates: 7489 (if approved) <span class="delete">September 19</span>, 2018</td><td> </td><td class="rblock">Updates: 7489 (if approved) <span class="insert"> October 6</span>, 2018</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Intended status: Informational</td><td> </td><td class="right">Intended status: Informational</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0002" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">Expires: <span class="delete">March 23</span>, 2019</td><td> </td><td class="rblock">Expires: <span class="insert">April 9</span>, 2019</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">DMARC (Domain-based Message Authentication, Reporting, and Conformance)</td><td> </td><td class="right">DMARC (Domain-based Message Authentication, Reporting, and Conformance)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Extension For TLDs (Top Level Domains)</td><td> </td><td class="right"> Extension For TLDs (Top Level Domains)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> draft-kitterman-dmarc-tld-00</td><td> </td><td class="right"> draft-kitterman-dmarc-tld-00</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC (Domain-based Message Authentication, Reporting, and</td><td> </td><td class="right"> DMARC (Domain-based Message Authentication, Reporting, and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Conformance) is a scalable mechanism by which a mail-originating</td><td> </td><td class="right"> Conformance) is a scalable mechanism by which a mail-originating</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> organization can express domain-level policies and preferences for</td><td> </td><td class="right"> organization can express domain-level policies and preferences for</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 1, line 41</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 1, line 41</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF). Note that other groups may also distribute</td><td> </td><td class="right"> Task Force (IETF). Note that other groups may also distribute</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> working documents as Internet-Drafts. The list of current Internet-</td><td> </td><td class="right"> working documents as Internet-Drafts. The list of current Internet-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Drafts is at https://datatracker.ietf.org/drafts/current/.</td><td> </td><td class="right"> Drafts is at https://datatracker.ietf.org/drafts/current/.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right"> Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0003" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> This Internet-Draft will expire on <span class="delete">March 23</span>, 2019.</td><td> </td><td class="rblock"> This Internet-Draft will expire on <span class="insert">April 9</span>, 2019.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Copyright Notice</td><td> </td><td class="right">Copyright Notice</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Copyright (c) 2018 IETF Trust and the persons identified as the</td><td> </td><td class="right"> Copyright (c) 2018 IETF Trust and the persons identified as the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> document authors. All rights reserved.</td><td> </td><td class="right"> document authors. All rights reserved.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td> </td><td class="right"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Provisions Relating to IETF Documents</td><td> </td><td class="right"> Provisions Relating to IETF Documents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (https://trustee.ietf.org/license-info) in effect on the date of</td><td> </td><td class="right"> (https://trustee.ietf.org/license-info) in effect on the date of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> publication of this document. Please review these documents</td><td> </td><td class="right"> publication of this document. Please review these documents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 2, line 44</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 2, line 44</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 7.2. Informative References . . . . . . . . . . . . . . . . . 6</td><td> </td><td class="right"> 7.2. Informative References . . . . . . . . . . . . . . . . . 6</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="right"> Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="right"> Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">1. Introduction</td><td> </td><td class="right">1. Introduction</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC [RFC7489] provides email sending organizational policy</td><td> </td><td class="right"> DMARC [RFC7489] provides email sending organizational policy</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> information to email receivers. Due to the design of DMARC [RFC7489]</td><td> </td><td class="right"> information to email receivers. Due to the design of DMARC [RFC7489]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and the nature of the Internet email architecture [RFC5598], there</td><td> </td><td class="right"> and the nature of the Internet email architecture [RFC5598], there</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> are interoperability issues associated with DMARC [RFC7489]</td><td> </td><td class="right"> are interoperability issues associated with DMARC [RFC7489]</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0004" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> deployment. These are discused in Interoperability Issues between</td><td> </td><td class="rblock"> deployment. These are discus<span class="insert">s</span>ed in Interoperability Issues between</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC and Indirect Email Flows [RFC7960]. These issues are not</td><td> </td><td class="right"> DMARC and Indirect Email Flows [RFC7960]. These issues are not</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> applicable to TLDs, since they do not send mail.</td><td> </td><td class="right"> applicable to TLDs, since they do not send mail.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC [RFC7489], by design, does not support requirements of TLD</td><td> </td><td class="right"> DMARC [RFC7489], by design, does not support requirements of TLD</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> operators. For TLDs that require use of DMARC [RFC7489], a subset of</td><td> </td><td class="right"> operators. For TLDs that require use of DMARC [RFC7489], a subset of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC reporting and enforcement capability is needed for TLD</td><td> </td><td class="right"> DMARC reporting and enforcement capability is needed for TLD</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> operators to effectively manage and monitor implementation of TLD</td><td> </td><td class="right"> operators to effectively manage and monitor implementation of TLD</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> requirements.</td><td> </td><td class="right"> requirements.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2. Terminology and Definitions</td><td> </td><td class="right">2. Terminology and Definitions</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 3, line 26</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 3, line 26</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all</td><td> </td><td class="right"> BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> capitals, as shown here.</td><td> </td><td class="right"> capitals, as shown here.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2.2. Top Level Domain (TLD)</td><td> </td><td class="right">2.2. Top Level Domain (TLD)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The global Internet Domain Name System (DNS) is documented in</td><td> </td><td class="right"> The global Internet Domain Name System (DNS) is documented in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> numerous Requests for Comment (RFC). It defines a tree of names</td><td> </td><td class="right"> numerous Requests for Comment (RFC). It defines a tree of names</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> starting with root, ".", immediately below which are Top Level Domain</td><td> </td><td class="right"> starting with root, ".", immediately below which are Top Level Domain</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> names such as ".com" and ".us". The usage for TLD DMARC is broader</td><td> </td><td class="right"> names such as ".com" and ".us". The usage for TLD DMARC is broader</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and includes all domains above the organizational level in the tree,</td><td> </td><td class="right"> and includes all domains above the organizational level in the tree,</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0005" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> e.g. ".gov.uk".</td><td> </td><td class="rblock"> e.g.<span class="insert">,</span> ".gov.uk".</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2.3. TLD Operator (TLDO)</td><td> </td><td class="right">2.3. TLD Operator (TLDO)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> A TLD Operator manages operations within their TLD.</td><td> </td><td class="right"> A TLD Operator manages operations within their TLD.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2.4. TLDO Controlled Domain Names</td><td> </td><td class="right">2.4. TLDO Controlled Domain Names</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> TLDO Controlled Domain Names are names in the DNS that are managed by</td><td> </td><td class="right"> TLDO Controlled Domain Names are names in the DNS that are managed by</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0006" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TLDOs and not available for use as organizational d</span>omains (the term</td><td> </td><td class="rblock"> <span class="insert">a TLDO and not available for use as Organizational D</span>omains (the term</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> organizational domains is defined in DMARC [RFC7489]). Depending on</td><td> </td><td class="right"> organizational domains is defined in DMARC [RFC7489]). Depending on</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0007" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> TLD policy, these will have one <span class="delete">(e.g.</span> ".com") or more <span class="delete">(e.g.</span> ".co.uk")</td><td> </td><td class="rblock"> TLD policy, these will have one <span class="insert">(e.g.,</span> ".com") or more <span class="insert">(e.g.,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> name components.</td><td> </td><td class="rblock"> ".co.uk") name components.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2.5. Non-existent Domains</td><td> </td><td class="right">2.5. Non-existent Domains</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> For DMARC [RFC7489] purposes, a non-existent domain is a domain name</td><td> </td><td class="right"> For DMARC [RFC7489] purposes, a non-existent domain is a domain name</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> that publishes none of A, AAAA, or MX records. This is a broader</td><td> </td><td class="right"> that publishes none of A, AAAA, or MX records. This is a broader</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> definition than that in NXDOMAIN [RFC8020].</td><td> </td><td class="right"> definition than that in NXDOMAIN [RFC8020].</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3. TLD DMARC Updates to DMARC Requirements</td><td> </td><td class="right">3. TLD DMARC Updates to DMARC Requirements</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document updates DMARC [RFC7489] as follows:</td><td> </td><td class="right"> This document updates DMARC [RFC7489] as follows:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 4, line 40</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 4, line 40</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> empty set of records is returned.</td><td> </td><td class="right"> empty set of records is returned.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> As an example, for a message with the Organizational Domain of</td><td> </td><td class="right"> As an example, for a message with the Organizational Domain of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "example.compute.amazonaws.com.cn", the query for TLD DMARC would use</td><td> </td><td class="right"> "example.compute.amazonaws.com.cn", the query for TLD DMARC would use</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "_dmarc.compute.amazonaws.com.cn".</td><td> </td><td class="right"> "_dmarc.compute.amazonaws.com.cn".</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.5. Section 7. DMARC Feedback</td><td> </td><td class="right">3.5. Section 7. DMARC Feedback</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Operational note for TLD DMARC: For TLDOs, feedback for non-existent</td><td> </td><td class="right"> Operational note for TLD DMARC: For TLDOs, feedback for non-existent</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> domains is desired and useful. Because of the constraints on TLD</td><td> </td><td class="right"> domains is desired and useful. Because of the constraints on TLD</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0008" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> DMARC scope, there are not si<span class="delete">f</span>nificant privacy considerations</td><td> </td><td class="rblock"> DMARC scope, there are not si<span class="insert">g</span>nificant privacy considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> associated with this reporting (See Section 4).</td><td> </td><td class="right"> associated with this reporting (See Section 4).</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">4. Privacy Considerations</td><td> </td><td class="right">4. Privacy Considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document does not significantly change the Privacy</td><td> </td><td class="right"> This document does not significantly change the Privacy</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Considerations of [RFC7489].</td><td> </td><td class="right"> Considerations of [RFC7489].</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">4.1. Feedback leakage</td><td> </td><td class="right">4.1. Feedback leakage</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0009" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Providing feedback reporting to TLDOs can, in some cases create</td><td> </td><td class="rblock"> Providing feedback reporting to TLDOs can, in some cases<span class="insert">,</span> create</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> leakage of information outside of an organization to the TLDO. There</td><td> </td><td class="right"> leakage of information outside of an organization to the TLDO. There</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> are roughly three cases to consider:</td><td> </td><td class="right"> are roughly three cases to consider:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0010" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Branded TLDs (e.g. ".google"), RUA and RUF reports based on TLD</td><td> </td><td class="rblock"> o Branded TLDs (e.g.<span class="insert">,</span> ".google"), RUA and RUF reports based on TLD</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DMARC have the potential to contain information about emails</td><td> </td><td class="right"> DMARC have the potential to contain information about emails</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0011" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> related to entities managed by the <span class="delete">organization, but since</span> both</td><td> </td><td class="rblock"> related to entities managed by the <span class="insert">organization. Since</span> both the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> the TLDO and the <span class="delete">organizational domain</span> owners are common, there is</td><td> </td><td class="rblock"> TLDO and the <span class="insert">Organizational Domain</span> owners are common, there is no</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> no privacy risk for either normal or <span class="delete">nxdomain</span> reporting.</td><td> </td><td class="rblock"> privacy risk for either normal or <span class="insert">Non-existent Domain</span> reporting.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0012" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Multi-organization TLDs that require DMARC usage (e.g.<span class="delete"> ".bank"</span>:</td><td> </td><td class="rblock"> o Multi-organization TLDs that require DMARC usage (e.g.<span class="insert">, ".bank")</span>:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> TLD DMARC based reports will only be generated for domains that do</td><td> </td><td class="right"> TLD DMARC based reports will only be generated for domains that do</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0013" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> not publish DMARC policy at the organizational level. For domains</td><td> </td><td class="rblock"> not publish <span class="insert">a</span> DMARC policy at the organizational level. For</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> that do publish the required DMARC policy records, the feedback</td><td> </td><td class="rblock"> domains that do publish the required DMARC policy records, the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> reporting addresses (RUA and RUF) of the organization will be</td><td> </td><td class="rblock"> feedback reporting addresses (RUA and RUF) of the organization</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> used. Since TLD DMARC is limited to TLDs that mandate</td><td> </td><td class="rblock"> will be used. Since TLD DMARC is limited to TLDs that mandate</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> organizational domains publish DMARC <span class="delete">policy,</span> the risk of this</td><td> </td><td class="rblock"> organizational domains publish DMARC <span class="insert">policy for existing domains,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> issue is limited to organizational domains that are out of</td><td> </td><td class="rblock"> the risk of this issue is limited to organizational domains that</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> compliance with TLD policy.</td><td> </td><td class="rblock"> are out of compliance with TLD policy.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0014" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Multi-organization TLDs (e.g. ".com") that do not mandate DMARC</td><td> </td><td class="rblock"> o Multi-organization TLDs (e.g.<span class="insert">,</span> ".com") that do not mandate DMARC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> usage. Privacy risks for organizational domains within such TLDs</td><td> </td><td class="right"> usage. Privacy risks for organizational domains within such TLDs</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0015" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> would be significant. This is mitigated by the limitation <span class="delete">of TLD</span></td><td> </td><td class="rblock"> would be significant. This is mitigated by the limitation to <span class="insert">only</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> DMARC</span> to <span class="delete">exclude such</span> TLDs <span class="delete">and</span> the <span class="delete">requirement for a</span> public IANA</td><td> </td><td class="rblock"><span class="insert"> include</span> TLDs <span class="insert">listed in</span> the public IANA <span class="insert">DMARC TLD Registry</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">registry that is required to exclude such TLDs.</span></td><td> </td><td class="rblock"><span class="insert"> described in Section 6.1.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> TLDOs will receive feedback on non-existant domains, which may be</td><td> </td><td class="right"> TLDOs will receive feedback on non-existant domains, which may be</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> similar to existing organizational domains. Feedback related to such</td><td> </td><td class="right"> similar to existing organizational domains. Feedback related to such</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> cousin domains have a small risk of carrying information related to</td><td> </td><td class="right"> cousin domains have a small risk of carrying information related to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> an actual organizational domain. To minimize this potential concern,</td><td> </td><td class="right"> an actual organizational domain. To minimize this potential concern,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> TLD DMARC feedback is best limited to Aggregate Reports. Feedback</td><td> </td><td class="right"> TLD DMARC feedback is best limited to Aggregate Reports. Feedback</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Reports carry more detailed information and present a greater risk.</td><td> </td><td class="right"> Reports carry more detailed information and present a greater risk.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">5. Security Considerations</td><td> </td><td class="right">5. Security Considerations</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
<tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 15 change blocks. </a></th></tr>
<tr class="stats"><td></td><th><i>26 lines changed or deleted</i></th><th><i> </i></th><th><i>26 lines changed or added</i></th><td></td></tr>
<tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.41. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
</table>
</body>
</html>