How do people feel about coming up with a draft RFC that
focuses on RFC2821
MAIL FROM first and following up with a DATA/Headers
extension to it later?
Can we have multiple draft RFC's come from the same working group?
That is the usual approach.
But if we are going to divide up the work this way we still need to think
about the flag now.
If MARID is going to gain traction it has to have at least the
level of functionality that SPF and CID already provide. (Functionality
<> features).
I am going to strongly advise frequent phishing victims to deploy
SPF, CallerID AND Marid as soon as possible. We are currently finding
that the best means of discovery of a new attack is analyzing bounce
messages.
Phill