On Sun, 2004-10-10 at 06:18, Alan DeKok wrote:
Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:
The means to the same end was what I considered important in that this
is stating a means to the same goal and my comments are directed to what
I see as serious defects that can be mended. You seem to have
abstracted something sinister in these comments.
Everyone knows you prefer EHLO checking, and why. If you see flaws
in a proposal, then it would be preferred to discuss those flaws, and
only those flaws, in any thread centered around that proposal. Any
reference to another method would be best left to one sentence, and a
reference URL to an I-D proposal.
When a thread is about topic X, and you spend a significant part of
a message talking about topic Y, others can view that as trying to
change the topic of conversation. Changing topics in the middle of a
thread usually warrants a change of subject line.
There was about a draft submitted as indicated by the subject line. I
read this draft and made comments directed at problems seen with the
reasoning proffered to support of these substantial changes. I
described the problem and offered a context to describe solutions.
This was reviewing 18 lines of draft text with 36 lines of comments
largely constrained to offering alternatives for the names attempted to
be passed by Submitter. To understand the basis for Submitter seems to
require reviewing the elemental goals, and how they can be safely
achieved. These statements were to elicit a discussion on these basics.
I think being stubborn would be a way of describing both views it
would seem.
I have seen people on this list discuss EHLO checking in threads
with you. Other threads you join (like this one), which are on other
topics, often end in discussing EHLO checks, with the same subject
line. This can be viewed as thread hijacking.
This misses the points being made by suggesting this was about HELO
domain name checks. An allowance for an open comparison of related
problems and solutions for these problems is appropriate. Comments
regarding suspected motives is inappropriate and do not dismiss the
substance of these concerns. I have no desire for forums that ignore
grave problems. This forum, if earnest in endeavor, should address,
support, defend, or explain the basis for critical decisions.
Ignoring the problems does not make them disappear however.
Accusing others of ignoring a problem because they don't like thread
hijacking is missing the point.
The topic Re: I-D ACTION:draft-leibzon-responsible-submitter-00.txt
seems to be the ideal thread for comments related to concerns regarding
the text of this draft and the stated aims.
If a proposal has flaws, then the proof of those flaws doesn't need
to include discussions of EHLO checking.
This was not about EHLO checking. In fact, it has little to do with
EHLO checking. It was about using a name list rather than an address
list to overcome problems related to knowing when the list is open,
dealing with the problems of an open list, enabling stronger preventions
of spoofing and phishing, and establishing fair accountability for
discovered abuse. When done properly, this removes the need for the
entire Submitter proposal!
Going into lecture mode, a name list rather than an address list solves
many problems that place mail and DNS at serious risk as with SPF or
Sender-ID. When implemented with a name list, this still allows
tracking the sender by either the the From, or the MailFrom and largely
makes the PRA algorithm unneeded, but still possible.
Leave it out of the discussion, spend time talking about the flaws,
and you're less likely to get accused of having sinister intent.
I will be happy to limit discussion to specific areas, provided this
does not artificially exclude valid solutions. Offering a solution to a
problem also dismisses a view this problem is just a burden that must be
endured as a cost for change. The goals for MARID were reasonable and
there are possible solutions. SPF or Sender-ID/Submitter, as currently
structured, are not reasonable solutions.
Thank you for your advise. I know I must remain guarded.
-Doug