On 15 Jun 2004, John Levine wrote:
rough consensus. However, the long standing IETF mantra has, to the
best of my knowledge, been "rough consensus *AND* working code". What
we lack with most proposals is working code.
I think implementations are a good thing, a very good thing.
However, RFC 2026 mentions that to get a Proposed Standard RFC
implementations are not required (though they are encouraged).
We really do need working code. Publishing records is fine, but until
people start running a lot of mail through MARID authentication
checkers, we won't know whether it really scales or how easy it is for
bad guys to circumvent. This doesn't mean that you have to use it for
live spam filtering (you'd be nuts to bounce mail that failed SPF, for
example) but at least log it and count what you find.
I know there's open source code for domain keys coming shortly. What's
available for SPF, Caller ID, and the merged thing?
Its inappropriate to compare domain keys to MARID, they are not doing IETF
WG effort. If anything you can compare it to individual/non-IETF-group effort
like SPF and in that case you see that there is substantial amount of
working code available and they are major component of the MARID.
Considering SPF community, I think once standards here are formalized and
these standards have community support (i.e. "consensus"), the code will
become available very soon.
---
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net