ietf
[Top] [All Lists]

RE: Appeal: Publication of draft-lyon-senderid-core-01 inconflictwith referenced draft-schlitt-spf-classic-02

2005-08-27 22:09:50

On Sat, 27 Aug 2005, Douglas Otis wrote:

On Sat, 2005-08-27 at 12:00 -0700, william(at)elan.net wrote:

But if reuse of spf1 records is really realy the only way for MS
and it wants to continue, then the only possibility for negotiation
I see is to get it part the way for both sides. This would involve:
   1. MS agrees to change its draft and only use positive results of
      SID verification on v=spf1 records (but not fail, softfail or
      results if record is absent) and that for negative results real
      SPF2.0 record would be needed.

This overlooks a problem related to abuse-feedback techniques accruing
to "Sender-ID verified" identities.  An erroneous positive verification
based upon a PRA, unchecked by the sender perhaps due to licensing
issues, could be a serious concern.  These SPF records are public and
outbound servers are often shared.

I did not say its good way for the future, but it does eliminate the cases of failures [i.e. email not delivered] due to record being used by incorrect protocol, which is a lot worse then what you describe. And what I said is that this maybe an acceptable [temporary] compromise (not something that
either side is fully happy with) while waiting for permanent solution, which
is #3 on on my list -.both sides agree to work on the next version of SPF that has clear scoping and when finished promote that instead of spf1.

--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf