On 7/17/2014 11:15 AM, John C Klensin wrote:
To me, that makes decisions about damage-mitigation work for a
non-essential protocol complicated because one way to
eliminate the damage is to not support the protocol at all,
possibly including stripping its headers whenever they are
encountered.
What 'headers' are you referring to?
Perhaps it would have been more precise to say "delete all
DMARC-related headers", i.e., DKIM and/or SPF ones. While that
SPF has no 'headers'.
At first blush, dictating deletion of a DKIM-Signature field sounds like
a layer violation.
At second blush it won't do anything useful. (Really!)
At third blush, it starts to look as if the current details of the DMARC
specification need to be better understood before suggested remedies to
the collateral damage of its use are considered.
would be pretty drastic in some respects, whether it is
justifiable depends on perceptions of the damage that DMARC can
It is not a matter of 'perception'. It needs to be a matter of utility.
cause. I think that is a topic for WG discussion.
Unfortunately, I still can't tell what that discussion would be about or
would be intended to accomplish.
On 7/17/2014 11:06 AM, John C Klensin wrote:>
I just want to be absolutely sure that the charter doesn't
constrain any of those options and that the WG is on notice that
it will be accountable for, and required to explain, the choices
it makes.
1. You want to be 'absolutely sure' of the way an IETF charter will be
interpreted? You realize, I hope, that uttering such a statement mostly
means we can all be absolutely sure you are not the John Klensin who has
participated in the IETF for such a long time.
2. If you want to strengthen the charter's language towards whatever
specific protections you have in mind, then please suggest language to
that end.
3. What you have expressed so far is sufficiently vague, I still have no
idea what particulars might be responsive to those concerns.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net