Paul,
MARID was formed to merge Microsoft Caller-ID with SPF and so far has
been successfully used by Microsoft to bully us to submit to their own
proposal or else ... There are better ways to implement mail-from (i.e.
as from Paul's draft which is basicly still the basis for MARID) which
would not require reusing TXT records, nor is it totally clear that
Mail-from is what we actually need to protect, it is being done under
pretese of anti-spam measures but the reality shows that it will most
likely have minimum effect as its far too easy for spammers to adapt to
it anyway. There are however good reasons to have MARID as IETF WG anyway
and hopefully the worst ideas implementation details can be stopped and
new ideas discussed in the future if the group is extended.
Yahoo is different proposal which has nothing to do with MARID and is
being discussed at the ASRG. It is basicly a header containing a signature
added to mail message that signs the content (including headers) with
public key encryption and with public key available in DNS to verify the
signature at the other end. The idea is not new and its a good idea, but
yahoo's implementation is just bad and I think it breaks far too many
things (it breaks with almost all maillists) and offers security that is
too weak because its based on 348-bit key size. It should have been done
different by reusing most likely PGP implementation but with message
signed by MTAs and public key available through dns and if necessary
being split into multiple dns records to have each at < 512k.
On Thu, 27 May 2004, Paul Vixie wrote:
... <HREF="http://sa.vix.com/~vixie/mailfrom.txt">MAIL-FROM</A>.
I do not see a draft in the ietf process anyplace . Was this
ever submitted ? I do notice that several of the other
proposal's make mention of this work , But in none of them do
they mention it as a draft or other ietf work .
there was no working group where it was appropriate at the time it was
written. i've sent it to every one of the dozen people who have asked
me to review some similar, and usually ill considered thing. i've also
sent it to several spam-related and dns-related mailing lists, including
this one (ietf@).
Any plans to submit it as a draft . Tia , JimL
MARID is basically a layer 9 exercise, uninterested in engineering as
such. it was formed to merge two ill considered ideas, one from yahoo
and one from microsoft, in a way that would cause either no loss of face,
or equal loss of face, for those two parties. the people who submit
their own ideas to it are wasting their time.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf