On 9/11/13 8:18 PM, MH Michael Hammer (5304) wrote:
I think you need to look more closely. Many people realized very quickly that
ADSP had significant flaws that made implementation extremely risky for both
senders and mailbox providers. There were a number of private efforts to move
email authentication forward. DMARC was only one of them. Some of those
private efforts were premised on a pay-to-play model. DMARC was premised on
creating an open standard that worked instead of a private club. A number of
the participants in DMARC.org were also active participants in the ADSP
discussions. We all learned from operational experience interacting through
private channels. The problems with ADSP and how to move past them were
certainly a point of discussion (in all the groups I participated in - how
could it not be?). The initial attempts were one-on-one pairs of senders and
receivers and it was very quickly realized that a standard way of
communicating and reporting was needed. ADSP never had reporting on the radar
screen and al!
ignment with SPF wasn't a factor either.
The list of things DMARC does that ADSP doesn't in its appendix, is a trip down
memory lane
of constraints that were placed on it by the against-it-before-they-were-for it
set. True
SPF wasn't ever on its radar -- SPF has its own policy language, so nobody
wanted to touch
that. And ARF was progressing at the time as it's own spec, so we weren't
completely clueless
about its need. But instead of actually working to make a better spec at the
time, we had an
author whose goal was to subvert it, and endless idiotic flamewars about what
the actual name
of the draft should be as the main priorities. The really sad thing about this
is that they pissed
away 6+ years due to the intrigue.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html