ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

2013-09-11 23:02:02


-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Thomas
Sent: Wednesday, September 11, 2013 9:42 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617
(ADSP) to Historic

On 9/11/13 6:15 PM, Murray S. Kucherawy wrote:
I also agree with this proposal.  I don't have much to add over the
text in the formal request; it lays out the case based on my
experience implementing DKIM and ADSP in open source.  I can also say
that I have never encountered an operation that actively uses it, including
current and previous employers.

It doesn't help that ADSP's author actively wanted to subvert it.


You made that assertion when the working group was working on ADSP. I disagreed 
with John on a number of points at the time but I wouldn't call those 
differences of opinion an attempt on his part to subvert ADSP. Various folks 
compromised to get the spec out the door. I think that was perhaps because what 
happened with the MARID working group was in the back of people's minds. If I 
had a do-over I might not be so willing to compromise. It's water under the 
bridge.

As far as I can tell, DMARC is warmed over ADSP with a different set of
participants to claim credit for their original ideas.


I think you need to look more closely. Many people realized very quickly that 
ADSP had significant flaws that made implementation extremely risky for both 
senders and mailbox providers. There were a number of private efforts to move 
email authentication forward. DMARC was only one of them. Some of those private 
efforts were premised on a pay-to-play model. DMARC was premised on creating an 
open standard that worked instead of a private club. A number of the 
participants in DMARC.org were also active participants in the ADSP 
discussions. We all learned from operational experience interacting through 
private channels. The problems with ADSP and how to move past them were 
certainly a point of discussion (in all the groups I participated in - how 
could it not be?). The initial attempts were one-on-one pairs of senders and 
receivers and it was very quickly realized that a standard way of communicating 
and reporting was needed. ADSP never had reporting on the radar screen and alig!
 nment with SPF wasn't a factor either. 

I haven't seen any of the DMARC participants thumping their chests seeking 
credit. I see folks from various organizations that needed to solve a problem 
and having seen positive results in a closed environment felt that an open 
solution was better than a closed one. As far as credit, J.D. Falk deserves 
mention for DMARC even though he didn't live to see it come to fruition. I'd 
like to think that J.D. is smiling somewhere at how far we have come. And yes, 
he was an active participant in the DKIM/ADSP effort among his many other 
anti-spam efforts..

Just a few thoughts. Apologies to anyone offended by ths trip down memory lane.

Mike

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html