On Wed, 18 Aug 2004, Hallam-Baker, Phillip wrote:
Is it in order for the WG to proceed to last call with a
solution which:
- addresses only half the problem space and
- increases the number of unauthorized, frequently
virus-carrying, messages
on the Internet?
By longstanding IETF precedent a charter only states the problems that
a WG MAY solve. There is no requirement that the eventual solution
MUST meet all the criteria that might be claimed to be in the scope
of the charter.
The IETF has a longstanding precedent of having running code that
demonstrates the validity of the solution. From the Mission Statement:
http://www.ietf.org/internet-drafts/draft-alvestrand-ietf-mission-02.txt
Anyway, I thought that someone was going to go off and test SPF (hopefully
in a realistically hostile environment). It seems rather premature to
move before that is complete. Or has that test been abandoned?
In the case of bounces Jim Lyons proposed a scheme that allows a party
acting on their own to eliminate fake bounces without requiring
any other party to adopt the standard.
I didn't see Lyons proposal. But how can you tell a fake bounce from a
real bounce without some reference to the _actual_ original message and
the _actual_ state of the mail system? This is a relevant point that I'm
discussing with attorneys in another issue.
Perhaps this could be written up as informational so everything was
on the table.
Just to illustrate the weakness of the current WG proposal, I
postulate some
press headlines which, in my opinion, would be
technologically accurate:
They would not be technically accurate in my opinion.
Well, the press to date certainly hasn't been very accurate. I read an
article in one of the linux magazines (linux journal, I think) that was
_way_ overstating what SPF would do.
--Dean