ietf-mxcomp
[Top] [All Lists]

Re: Forging (was Re: Differences between CSV and Sender-ID )

2004-07-07 20:52:47

(continuing... hit <send> accidentally>
Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:
From this definition of forgery, it would appear you are not referring
to Sender-ID.

  That shouldn't be news.  The original LMAP discussion paper was
written over 8 months ago for ASRG, before MARID was chartered.  The
latest draft was written weeks before the marid-core document, so it
couldn't possibly have referred to Sender-ID.

This is important as Sender-ID is changing the scope of this
protection.  The ASRG definition was based on an effort to reduce
mail traffic by examining RFC 2821 information. Sender-ID uses RFC
2822 information and, as such, will not impact mail traffic.

  I never discussed Sender-ID until your recent question to me.
Unless I'm misreading the charter, MARID is still considering RFC 2821
information, which is where my focus has always been.  So I'm not sure
why you're suddenly trying to poke holes in my "Sender-ID position",
when I haven't publicly taken a position on it.

It also currently allows extensions beyond current definitions which
impacts this concern raised regarding DNS overhead.

  Please address those concerns to the authors of the Sender-ID
document.  I haven't said *anything* about it recently.

 This change in the definition of forgery changes the benefit
equation, as there will be no relief from accepting the mail to
offset the load placed upon the DNS server.  You should consider
revising this draft before using it as a reference.

  Since the document was never intended to address RFC 2822
information, I don't see why any revisions are necessary.


  I'm not going to respond to the rest of your message, as the issues
you raise would best be addressed by the authors or proponents of
Sender-ID.  Since I have never publicly taken a position on Sender-ID
(or even mentioned it, until you asked my opinion of it), I don't see
why you would be asking me to explain or defend it.

  My focus in ASRG & here in MARID has been RFC 2821 identities.  If
MARID is no longer discussing RFC 2821 identities, then that's news to
me.

  Alan DeKok.


<Prev in Thread] Current Thread [Next in Thread>