Given the momentum behind SPF, and the desire of Microsoft to do
something similar with Caller ID, I think that something very similar
in spirit to draft-ietf-marid-core is going to be defined and
implemented anyway one way or another, whether blessed by the IETF
standards track or not.
I think it would be beneficial for this effort to happen within the
IETF rather than without.
CSV/CSA takes a very different approach, and is also of benefit.
Whilst it would be possible to validate the HELO identity using an SPF
or XML syntax, the requirements of CSV's problem space make that
overkill.
The two approaches seem complementary to me; is there any reason why
this WG can't advance both to PS?
The charter does says:
This working group will develop *a* DNS-based mechanism for
storing and distributing information associated with that
authorization. [emphasis mine]
Does this have to be interpreted strictly, or is it possible for the
WG to develop *two* DNS-based mechanisms, without being required to
conflate them into a single mechanism, if (as I believe it might be)
it's technically beneficial to specify them independently, and not try
to unify them in any way?
-roy