I have noted some spelling errors and word changes. There is also
several HTML character escapes present that should be removed.
In the basic DNA draft, I think there needs to be some consideration as
how this can be implemented. Rather than a simple ABCD rating
structure, there seems to be a need for a type of class structure
instead. You know I want more than this, but at the minimum there seems
to be a need for more than what is provided.
Something more along the lines:
a) Known good
b) Known good with pending complaints
c) New
d) Known bad
Unlike addresses, there is no significant upper bound on names. As
there is no clearing house to vet applications for domain names, there
must be a way to deal with the expected flood. A "known good" with
pending complaints could be cleared by the provider acknowledging the
complaints. In the interim, some may wish to temporarily hold off
accepting mail until corrections have been made. The new status may
invoke a type of slow path process which limits the number of messages.
Instant recognition could be achieved by agreeing to adhere to
acceptable practices.
I hope this does not exceed the limits envisioned for accreditation.
-Doug
DESCRIPTION OF WORKING GROUP:
The Internet increasingly needs to improve the accountability of mail
transfer activities. Accountability aids in determining the responsible
party for fixing problems, and is useful in dealing with some categories
[types] of email identity abuse. SMTP "envelope" accountability information
<<delete
is contained in the RFC2821.Helo/Ehlo and RFC2821.MailFrom commands. This
working group will produce low-level techniques for validating these
identities,
based on information from the managers of their associated domains names. The
techniques will be compatible with existing usage and operation[al] practices
for <<spelling
Internet mail. In order to provide validation that goes beyond simple
authentication, the working group will also define DNS-based mechanisms for
basic
SMTP client service authorization and [domain] name-based service
accreditation <<spelling
(reputation).
Inputs to the working group will be: draft-ietf-marid-csv-intro, draft-ietf-
marid-csv-csa, draft-ietf-marid-csv-dna, and draft-levine-mass-batv. CSV
performs extended validation of the HELO domain name. BATV provides a
framework for bounce address authentication that supports multiple
techniques. It also supplies a very basic technique for doing private bounce
address authentication.
An epidemic of forged RFC2821.MailFrom addresses is causing great confusion
and reducing the overall reliability of email, by failing to match
notification
messages to messages actually sent from that address. This makes the need for
SMTP client accountability, and detection of misused bounce addresses,
urgent. Therefore, the working group will pursue near-term refinements to the
input proposals, to permit early deployment and use. Discussion of
enhancements
with broader functionality or involving more extensive Internet mail
infrastructure changes are out of scope for this working group.
Authentication, authorization and accreditation each can be useful. Because
accreditation involves new functional territory for Internet mail, the
validation specification will first provide for private accreditation
techniques, such as privately maintained whitelist and blocklist tables. A
DNS-based technique for querying external accreditation services will then be
added. Details about the operation of external accreditation services is
outside the scope of this working group. Only the ability to query for basic
accreditation rating is within scope.
Milestones are in terms of working group deadlines, rather than IESG or IETF
submissions. These latter milestones flow from the working group events.
GOALS AND MILESTONES:
Nov 1 04: Technical reviews on CSV input drafts
Dec 1 04: WG Last Call Consensus draft on CSV, with private
accreditation
Technical reviews on BATV signature draft
Jan 15 05: WG Last Call DNS-based SMTP Client accreditation mechanism
WG Last Call draft on CSV, with DNS-based accreditation
Mar 1 05: WG Last Call on BATV signature framework and initial
method</pre>