On Thu, 2004-09-02 at 18:13, wayne wrote:
**** CSV ****
1) solid I-D: pretty good
To the best of my knowledge, no one has tried to implement code based
on it, but it appears to have been well reviewed by a fair number of
people. I think there is time to get implementation experience if the
backers hurry.
Better I-Ds have been put forward, but I know of no change on the
implementation experience part.
2) working code: none
3) testing: none
Not extensive, but more than none.
4) IP Licensing: No problems
5) gratuitous incompatibilities: None.
I think that CSV could be one of the proposals, if its backers quickly
start creating working code and doing testing.
I think it is kind of funny that CSV has made it on the WG TODO list,
but neither SPF-classic nor Unified-SPF did.
Looking to the next step, CSV offers an extremely simple extension to
RFC2821 for authenticating the EHLO domain. I see this as highly
important for reputation services, as identities obtained from either
Sender-ID or SPF are not suitable for basing reputation assertions
without running considerable risk when making assumptions of the
integrity of the mail channel.
Once CSV is in place, to implement something extremely similar to SPF or
Sender-ID becomes just a trivial name list created using PTR records
much like DNA. I was hoping to get some feedback before offering code.
http://www.ietf.org/internet-drafts/draft-otis-marid-mpr-00.txt
I would not expect many to be satisfied with just an EHLO check.
-Doug