[Top] [All Lists]

Re: BATV pseudo-Last Call

2008-05-20 13:01:40

Dave Crocker wrote:

It has been in development for some time, with a useful
amount of deployment experience.

For some years actually, but I'm not aware of the deployment
experience, does BATV work as good as expected ?  On the
SPF list folks used to talk about "SES" (back in 2004/2005),
a related idea, but of course "talk about" is not the same as
"deployment experience".

We think it is ready for Proposed Standard

Dunno, ready for publication maybe, but for a PS it would help
if it is compatible with other standards, especially RFC 3834.

There should be far more references, normative and informative,
starting with 2821bis, DSN, MDN, mailing list, and Sieve RFCs.

"Known problems" AFAIK include "does not work very well with
conforming 3834 + Sieve-vacation scripts", the prose should state
this explicitly.

As always I consider HMAC-SHA1 as indication that folks want
some "magic" but are not exactly sure which "magic", HMAC-MD5
should be more than only good enough to get three bytes.

There should be a complete example. As noted by Ned, the length
issue could be a real obstacle, because it is hard to show that it is in
practise *no* issue. The draft could state why ignoring this issue is
justified (= because databases of used local parts are a nightmare).


<Prev in Thread] Current Thread [Next in Thread>