ietf-mxcomp
[Top] [All Lists]

Microsoft Statement regarding Sender I.D. Update and Plans (forwarded by request)

2004-09-25 00:40:18

The following was sent to a large list of various interested parties,
and is forwarded here by request:

Subject:  Sender ID Update & Plans

Dear John,

Over the past few months there have been several developments with the
IETF and the status of the Sender ID Framework.  The following mail is
intended to provide clarify to the status and Microsoft's
implementation plans.

After discussion with the IETF MARID chairs, we jointly agreed to move
forward with a proposal that provides implementers the choice of
utilizing PRA or MAIL FROM for the Sender ID check mechanism.  While
the working group has recently shut down, we continue to work with the
chairs and key stakeholders to move forward.  Based on these recent
discussions we have agreed to insure backward compatibility to SPF1
records.  We believe this will help accelerate adoption for the early
adapters and insure the majority of e-mail senders do not have to make
any record changes.  We anticipate these revised Sender ID specs will
be published within the next week and posted at
www.microsoft.com/senderid.

While we would have preferred a single technical mechanism as the
standard, we believe the specification to allow multiple scopes in the
protocol is a reasonable approach, providing choice and flexibility. 
For Microsoft's implementation, we continue to move forward to utilize
the PRA check because it examines header information in email, which
we believe, provides a more reliable method to detect forged mail and
phishing attempts.  We also believe it will be easier for forwarders
and other email intermediaries to adapt their practices and software
to Sender ID.  Later this fall Microsoft plans to publish both records
for our customers, but will only be utilizing the PRA check for our
customers.

I would also like to clarify several misstatements pertaining to our
license and patents.  From the onset, Microsoft has confirmed that any
potential patent rights that Microsoft may eventually be granted will
be provided to all users, implementers and distributors of the Sender
ID specification under Microsoft's royalty free license. Microsoft
will not revoke its offer to extend this license to anyone now and in
perpetuity. The information disclosed by Microsoft regarding its
patent applications and its license terms meet and exceed the IETF
requirements for such disclosure.

Moving forward, Microsoft will continue to invest in research to
combat spam and phishing.  Innovation and investments in these
technologies are paramount to insure the reliability and
deliverability of e-mail, confidence in online commence and to protect
the brand and reputations of businesses throughout the world.

In summary, I want to assure you that Microsoft remains committed to
Sender ID.  We look forward to continuing our collaboration with [   
] to help move this important authentication protocol forward.

If you have any questions or concerns, please don't hesitate to call.

Craig Spiezle
Microsoft Corporation
Director, Safety Technology and Strategy Group


<Prev in Thread] Current Thread [Next in Thread>