ietf
[Top] [All Lists]

Re: How IETF treats contributors

2004-08-31 10:35:50
it's hard to understand why any of you bother to respond to dean anderson;
his goals in participating here are manifestly incompatible with most others'.
the worst part is, while i never see dean's words directly (he and bernstein
and some others are on an internet that my user agents keep me from seeing),
i end up seeing his text when other people respond to it.  ick.  please stop.

The idea came from David Green, and Vixie says it originated from Jim
Miller in 1998.  Vixie had little or nothing to do with it. Why the draft
claims the earliest known work is due to Vixie is unclear.

          --Dean

I've never heard before of David Green as being source of the idea, if
he's still around, we may ask him and Vixie and Jim Miller about the
exact details and if they are satisified with current information in
acknolidgement sections of MARID drafts. But based on message from
namedroppers sited by Dean, it seems that David Green came up with idea
separate and already after Vixie wrote original "Repudiating Mail From"
draft.

William Leibzon

here's what happened.  one day i was walking down the net minding my own
business, when all of a sudden, the following message appeared in my inbox:

        Date: Sun, 14 Dec 1997 23:44:54 -0500 (EST)
        From: Jim Miller <jmiller(_at_)jcmco(_dot_)com>
        To: paul(_at_)vix(_dot_)com
        Subject: An idea & congrats on RBL

        Mr. Vixie,

        ...

        May I offer an idea for your suggestions and opinion?

        My idea is this: extend the use of DNS as a spam blocking mechanism
        to support a rudimentary form of "authentication".... That is, use
        DNS to list the machines that are "valid" *senders* of mail from a
        domain.

        ...

        I propose that the entities participating in this "idea" define a
        well-known name in their DNS server - for each of their domains -
        which lists all of the systems that will be sending mail from that
        domain.  This would be along the lines of an alias such as "mail",
        "ftp", or "www".

        For the purposes of this example, I'll use the name "outbound-smtp"
        and the domain "foo.com":

        foo.com.         IN      SOA    ....whatever....

        outbound-smtp    IN      MX     10 host1
                         IN      MX     20 host2
                         IN      MX     30 host3
        
        host1            IN      A      10.1.2.3
        host2            IN      A      10.2.3.4
        host3            IN      A      10.3.4.5

        By creating the "outbound-smtp" record, I, as the operator of
        "foo.com", indicate that the ONLY systems that are supposed to be
        sending Internet mail with an address of "@foo.com" will be host1,
        host2, and host3.foo.com.  The fact that I used MX records is in no
        way related to the true purpose of MX records -- it's just the RR
        that I chose to provide a "list".

        Now, for how this would be used...

        ...

no mention of david green.  and i'm sorry for the confusion, it was 1997,
not 1998 as i've been reporting.  for the record, i first heard the idea
from jim miller, in the e-mail excerpted above, and it was a good idea,
and if we'd written it up and widely deployed it in ~1997, e-mail forgery
would be dead by now and we'd working on other more important issues like
bonded expressions of intent.  instead i see MARID making this whole thing
way more complicated than it needs to be, with 2005 as the earliest date
upon which e-mail forgery will be dead.

so, i did one duty, by acknowledging that the idea was not my own.  but, i
failed another duty, which was to push hard on getting a good idea shipped.
writing <http://sa.vix.com/~vixie/mailfrom.txt> and posting it to
namedroppers was not nearly what was required to help kill e-mail forgery.
i'm currently failing another duty, which is to try to stop MARID from
rubber-stamping ~SPF and to try to stop MARID from using either TXT RRs or
a new RRtype.  i've found that you just can't stop newbies from wanting to
make their own mistakes.  (like teenagers in that way.)
-- 
Paul Vixie

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf