I changed the subject as I think that a discussion of architecture
that starts off with an assertion of fault on the part of one party is
probably wrong and bad faith, certainly so.
On Sun, Oct 25, 2015 at 6:09 PM, Brian E Carpenter
<brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:
My proposal was not to eject them but to mark them as second class citizens.
Indeed. And if it came to that, speaking for myself, I would switch to an
address
not contaminated by dmarc p=reject, unless a good solution for mailing
lists was found first.
What we lack here is a viable concept of Internet architecture that is
free of the clutter from history.
Most computer systems have historical clutter, it is somewhat
inevitable. For example, why do printer drivers have to be installed
with system privilege in Windows etc? I am a user connecting to a
machine via the network. I don't need system privs to talk to the
network, why do I need them to install a 'driver'? When it would cost
$3500 to replace a 36" plotter which works fine except for the lack of
a signed driver, this is not an abstract question.
When you get into the reasons, it turns out that back when VMS was
designed, the computer was responsible for tracking number of pages
printed and enforcing quotas. An approach that obviously worked a lot
better in the old days when the printer connected to the computer and
not the network.
In the old days people belonged to an institution that issued their
users 'email addresses' and people got to assume that being
alice(_at_)example(_dot_)com meant that Alice was the owner of the email address
and could decide how it was used. Which was a fairly odd assumption to
make since it obviously only ever extended to outbound email. Inbound
email was always going to arrive at example.com
But people could send their mail without any reference to the domain
name owner and so it was assumed that this should be the way the
Internet works.
Let us imagine for the sake of argument that we were designing a whole
new Internet from scratch applying lessons learned. How would we set
about describing a domain name? I think that we would arrive at a set
of rules that include the following:
* Domain names are unique, each name has a single owner.
* Domain names may be subdivided to accommodate an unbounded number of
Internet services and account holders.
* The owner of a domain name has exclusive control over the use of the
name and all subdivisions thereof.
* To ensure the goal of accessibility is met, domain names must be
easy and cheap to obtain and maintain.
We might quibble over the wording but I think that is pretty much
where we would arrive at and that is pretty much where the Internet is
today. If you want to be a first class citizen on the Internet you
need to have your own domain name. Otherwise you are at the mercy of
someone else.
I read all my IETF mail through Gmail but I don't own that domain and
so I don't get to make the rules governing it. Instead I use
phill(_at_)hallambaker(_dot_)com which is a domain I own. One of the reasons I
have that domain is so that I have control of my mail and not Google.
The architectural description above is reasonably concise and can be
consistently applied. Now consider what sort of architectural
statement would be required to support the folk who allege that DMARC
is somehow broken. Instead of saying the domain name owner gets to
decide how it is used we would have to make separate statements about
the domain name owner and the users who have accounts in that domain.
And to do that we would have to start talking about specific
applications and specific circumstances.
I think architecture should read like a theory in physics. The simpler
the statement, the more generally it is seen to apply in practice, the
fewer corner cases, the better. If you have an architectural statement
that resorts to special pleading, it is a pretty good sign that it is
wrong.
As a rule, I don't think there is anything wrong in the IETF taking
decisions to make things easy for ourselves. But what is the biggest
problem we face? Is it really our personal ability to exchange email
on mailing lists? I thought there were rather more important
objectives at stake.