ietf-mxcomp
[Top] [All Lists]

Re: consensus call on pra/mailfrom deployment and versioning/scope

2004-09-08 13:33:42

Hi,

If I understand all this, I would agree this is the right approach.   This
will allow for the separation, breakdown, usage and implementation of one or
more EPV (End Point Validation) techniques open, patented or otherwise.

I would recommend the following to help faciliate your proposal:

1) Refine RFC 2821 to eliminate conflicts and ambiguities.

1a) What are required and enforcable entities?

2) Refine RFC 2822 to eliminate conflicts and ambiguities.

1a) What are required and enforceable entities?

More so with #1,  I don't believe good progress will be made until RFC 2821
is
cleaned up.  This could be in the same vain as it was done with RFC2476 for
SMTP of applying a more strict transaction process , but it need not go that
far.

With #2, clearing up the ambiguities, like with the Resent-To, etc.
However, I don't see this a major part since it is not an established
requirement unlike the issues in 2821 with HELO and MAIL FROM.

In short, the new draft need to improves upon the hosting requirements and
once this is done, I believe MARID will become more stronger as a plausible
technology to implement.  It will also open the door for new possibilities
as well.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com



----- Original Message -----
From: "Andrew Newton" <andy(_at_)hxr(_dot_)us>
To: "IETF MARID WG" <ietf-mxcomp(_at_)imc(_dot_)org>
Sent: Wednesday, September 08, 2004 9:37 AM
Subject: consensus call on pra/mailfrom deployment and versioning/scope



It is the opinion of the co-chairs at this time (before the end of last
call) that the MARID working group has no consensus regarding the
deployment of Sender ID.  This lack of consensus centers around the IPR
associated with the PRA algorithm.  Since predicting deployment is a
subjective matter and not strictly a technical concern, we would like
to offer the working group a proposal for modifying Sender ID that
would take the issue of deployment out of the hands of the IETF and
place it in the hands of the ultimate decision-makers, the systems and
network administrators of the Internet.  We feel that this is where
decisions of deployment should really be made.

It is also the opinion of the co-chairs that many in the working group
are willing to deploy MAIL FROM checking as specified in
draft-mengwong-spf.  Therefore, we ask for consideration of the
following proposal:

The ABNF in -protocol 3.4.1 is (mostly from a post by Wayne)

    version     = "spf2." ver-minor "/" ver-scope *( "," ver-scope )
    ver-minor   = 1*DIGIT
    ver-scope   = "pra" / "mailfrom" / name
    name        = alpha *( alpha / digit / "-" / "_" / "." )

And the following stipulations:

  1) "mailfrom" checking will be defined in a new draft
  2) multiple records are allowed
  3) a scope (e.g. "pra") can only appear in one record of one type for
validity purposes

The question before the working group: assuming no technical errors
with the above, is there anybody who vehemently objects with this
proposal?

-andy





<Prev in Thread] Current Thread [Next in Thread>