ietf-smtp
[Top] [All Lists]

PRA question (was: Bounce/System Notification Address Verification)

2005-07-01 00:50:47

Keith Moore wrote:

  [quoting Bruce]
that would be the principle that an experiment only affects
those who choose to participate in the experiment, and if
the experiment is a failure, no great harm is done to the
deployed infrastructure at large.

which of course is not true in this case.

Frank, if you were willing to write up an I-D of the form
"SPF experiment considered harmful", explaining just why this
is a Bad Idea, that might be a valuable community service.

It's more like "using PRA with v=spf1 considered harmful", and
from the v=spf1 side it's already a NOT RECOMMENDED (plus the
"without explicit consent" disclaimer).  From the PRA side it
is a SHOULD, do you think a new I-D addressing only why it is
really NOT RECOMMENDED helps ?

Offering an option for the eplicit consent, and some "ranting"
why PRA is a very dubious idea even with consent or on its own.

The part about the option is ready, up to some of the security
considerations.  And assuming that this I-D somehow makes it,
should it move the PRA RFC to historic, or update it ?

I'm very much for creative uses of the process, but so far all
I created is an unpublished "3710 obsolete" about this problem.

With the discussions between Brian, Dave, Sam, and John on the
general list another idea I had today was to update RFC 2026
so that authors could insist on a proper "IETF last call" for
an experimental RFC even if it was not created by an IETF WG.

                            Bye, Frank



<Prev in Thread] Current Thread [Next in Thread>