-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Thomas
Sent: Wednesday, September 11, 2013 9:42 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617
(ADSP) to Historic
On 9/11/13 6:15 PM, Murray S. Kucherawy wrote:
I also agree with this proposal. I don't have much to add over the
text in the formal request; it lays out the case based on my
experience implementing DKIM and ADSP in open source. I can also say
that I have never encountered an operation that actively uses it, including
current and previous employers.
It doesn't help that ADSP's author actively wanted to subvert it.
You made that assertion when the working group was working on ADSP. I disagreed
with John on a number of points at the time but I wouldn't call those
differences of opinion an attempt on his part to subvert ADSP. Various folks
compromised to get the spec out the door. I think that was perhaps because what
happened with the MARID working group was in the back of people's minds. If I
had a do-over I might not be so willing to compromise. It's water under the
bridge.
As far as I can tell, DMARC is warmed over ADSP with a different set of
participants to claim credit for their original ideas.
I think you need to look more closely. Many people realized very quickly that
ADSP had significant flaws that made implementation extremely risky for both
senders and mailbox providers. There were a number of private efforts to move
email authentication forward. DMARC was only one of them. Some of those private
efforts were premised on a pay-to-play model. DMARC was premised on creating an
open standard that worked instead of a private club. A number of the
participants in DMARC.org were also active participants in the ADSP
discussions. We all learned from operational experience interacting through
private channels. The problems with ADSP and how to move past them were
certainly a point of discussion (in all the groups I participated in - how
could it not be?). The initial attempts were one-on-one pairs of senders and
receivers and it was very quickly realized that a standard way of communicating
and reporting was needed. ADSP never had reporting on the radar screen and alig!
nment with SPF wasn't a factor either.
I haven't seen any of the DMARC participants thumping their chests seeking
credit. I see folks from various organizations that needed to solve a problem
and having seen positive results in a closed environment felt that an open
solution was better than a closed one. As far as credit, J.D. Falk deserves
mention for DMARC even though he didn't live to see it come to fruition. I'd
like to think that J.D. is smiling somewhere at how far we have come. And yes,
he was an active participant in the DKIM/ADSP effort among his many other
anti-spam efforts..
Just a few thoughts. Apologies to anyone offended by ths trip down memory lane.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html