J. Trevor Hughes wrote:
Even more has been said about the sub-licensing of Sender ID. While I
do acknowledge the concerns of many on this list, we feel that the
friction caused by sub-licensing is a worthwhile quid pro quo for the
greater value of broad implementation of an authenticated email
solution. Again, any attorney acting as counsel for a corporation
would seek such terms. They are neither surprising, nor objectionable.
They may not be surprising, but they are objectionable to a significant
portion of the people who would be developing and implementing MARID.
I do want to raise one issue that has not been discussed on MARID yet
(at least as far as I have seen). The eyes of the world are upon
industry at this time and great expectations have been created for
authenticated email technologies to emerge quickly and broadly. The
Federal Trade Commission recently issued a report to Congress and
strongly advocated for authenticated email solutions. They will be
holding a workshop on the topic later this fall. Failure to move
forward with Sender ID at this juncture will likely put us back at
least 6 months and perhaps more. Such a delay will only invite
interference from legislators and regulators. I certainly do not think
that is in the best interests on anyone!
Not true. SPF is more mature than Sender-ID.
Finally, I want to share a dystopian vision of how things may play out
if we fail to move Sender ID forward. Multiple IP-based authentication
mechanisms will be a disaster for email. We run the risk of balkanized
ISP solutions – and the ensuing demands of multiple protocols on all
senders. Not a good result coming out of an effort to create a standard!
This is the most troubling issue that I forsee, I agree. However, I have
to wonder why everyone who is pro-Sender-ID doesn't feel it necessary to
try to pressure Microsoft into adopting SPF instead. To my mind, there
are ZERO hinderences to Microsoft adopting SPF, but there are plenty of
hinderences for most everyone else to adopt the encumbered Sender-ID.
I urge the participants on this list to consider the greater good that
will be borne from the wide adoption of Sender ID. This is a good
tool. The actions of the various parties involved are understandable
and reasonable. The license terms are workable and within the scope of
IETF standards and history. And it will have a positive effect on our
ability to reduce phishing and protect legitimate email.
And I urge Microsoft to consider the greater good and drop their
licensing requirements or else adopt SPF instead.