ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Trouble with Sender Authentication

2006-11-06 16:48:50
from [Julian Mehnle] [Permanent Link] 
Douglas Otis wrote:

In Dusseldorf, Julian and Ming received *constructive* recommendations to
allow record scoping, but this was ignored and became the basis for
Julian's ignored complaint made to the IESG.


Sorry to barge in on this particular topic (which is mostly unrelated to 
the issues raised by K.J. Petrie or the alleged DoS issue), but this ain't 
correct.  The v=spf1/pra re-use issue was indeed discussed at the MAAWG 
meeting in Düsseldorf.  I'm not sure what you mean when you say that
"allowing record scoping" was proposed, but what was actually proposed were 
two different things (depending on whom I talked to):

 A. Accept the v=spf1/pra re-use and start promoting v=spf1 as having a
    different meaning than what had been defined back in 2003.

 B. Abandon v=spf1 entirely in favor of spf2.0 (or some completely
    different) scheme in order to avoid the misinterpretation of v=spf1
    records for PRA purposes.

At that point (2005-06), materially changing the definition of v=spf1 was 
out of the question as SPFv1 (and many, many records) had existed 
essentially unchanged since at least early 2004.  And agreeing to jump 
ship towards spf2.0 (Microsoft's Sender ID) was out of the question, too, 
due to the idiotic patent issue which many just could not simply ignore.

(Now Microsoft seems to have seen the light after all and has subjected 
their patent to their Open Specification Promise, which might make the 
issue go away.  I'll leave it up to Debian, the ASF, or others to decide 
whether spf2.0 AKA Sender ID is now free-software compatible.)

And finally, the appeal to the IESG was not "ignored".  It was rejected.  
The reason being that the IESG did not want to take sides in the conflict 
and change the Sender ID I-D or even bar it from publication as an RFC.
On a technical level, the IESG even confirmed in their response[1] to the 
appeal that they "have found merit in [the] technical concerns".

When people discuss past matters as delicate as those above, I do expect 
some accuracy.  Otherwise the truth will fall through the cracks and 
disappear all too easily. 

References:
 1. http://www.ietf.org/IESG/APPEALS/appeal-response-julian-mehnle.txt

Attachment: pgpgLKSQLA78y.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Trouble with Sender Authentication, wayne
Next by Date:  Re: Trouble with Sender Authentication, Frank Ellermann
Previous by Thread:  Re: Trouble with Sender Authentication, Frank Ellermann
Next by Thread:  Re: Trouble with Sender Authentication, Julian Mehnle
Indexes:  [Date] [Thread] [Top] [All Lists]