ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Macro Expansion

2013-09-18 13:50:36
from [Pete Resnick] [Permanent Link] 
Posting as the responsible AD for the document in question.

On 9/18/13 1:20 PM, Douglas Otis wrote:

Since this was not understood, I'll attempt to clarify.  An effort to keep 
these conversations fairly concise seems to lead to a level of confusion with 
those not familiar with DNS.
I'm afraid I'm going to have to end this thread here and now. The problem is not that Doug has tried to keep his explanations concise, or that people are not familiar with the DNS and therefore confused. The latter may or may not be true, but the problem here is precisely that Doug has failed to keep things concise and on point. This is not meant as an insult to Doug, and I apologize to him publicly just in case he feels offended. It is simply the fact that he is unable to clearly and concisely explain to others the security problem he believes exists in this protocol. For example: 


SPFbis macros inhibit normal caching protections by imposing mechanisms not 
directly supported by DNS and having targets constructed from email message 
components.
Doug never explains in this sentence *what* the mechanisms are the SPFbis macros are using, he never explains *in what way* those mechanisms are not supported by the DNS, he never explains *how* use of these mechanisms inhibits caching, and never gives an example of *how* the targets (I presume attack targets) are constructed.
After a long conversation with Doug, I *think* I may understand what he's raising. I *suspect* the issue could be addressed by a sentence or two added to 11.5.3 or, more likely, to the third and fourth bullet of 11.1. But I'm not sure, and even after that long conversation, I was unable to get a clean explanation of the problem or reasonable text for a solution.
So, barring further information, I am simply forced to say that Doug is going to be in the rough part of the consensus. If someone else thinks they will be able to clearly and concisely characterize the problem and propose some text, I welcome such suggestions, though I ask that you communicate first with the SPFBIS chairs and/or myself to make sure that we all understand the specifics. We are far past the point of diminishing returns now, and I do not wish further disruption to either the IETF list or the SPFBIS list on this topic.
Again, I intend no insult to Doug, and I again apologize to him for having to take this step publicly. I hope, if there is a problem here that needs to be noted, that Doug can work with someone else so that we can improve the document. 

Thanks.

pr

--
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Macro Expansion (was: Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard), Douglas Otis
Next by Date:  Re: IPR Disclosures for draft-ietf-xrblock-rtcp-xr-qoe, John C Klensin
Previous by Thread:  Re: Macro Expansion (was: Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard), Douglas Otis
Next by Thread:  RE: [sidr] Last Call: <draft-ietf-sidr-bgpsec-threats-06.txt> (Threat Model for BGP Path Security) to Informational RFC, George, Wes
Indexes:  [Date] [Thread] [Top] [All Lists]