Hector,
On 23/12/2016 15:55, Hector Santos wrote:
On 12/22/2016 5:46 PM, S Moonesamy wrote:
Hi Hector,
At 13:12 22-12-2016, Hector Santos wrote:
Is that the new modus operandi within the IETF, that extremely weak,
poorly engineered Informational Docs can be fast tracked as a
"standard" in the IETF?
The way to publish an IETF Proposed Standard or IETF Informational
document has been the same for over a decade. I don't think that the
IETF has changed its way of doing that.
Well, for a while now, there has a number of efforts to fast track
items using Informational Status submissions which has, no doubt, been
leveraged as a means to bypass critical IETF reviews.
Please read up on the Independent Submission stream of RFCs, how they
work, and what they are for: https://www.rfc-editor.org/about/independent/
It isn't a matter of fast tracking; actually I suspect that it's significantly
slower than the IETF track in many cases.
DMARC is most
definitely one of them. Lets not fool ourselves.
For all intent and purposes, DMARC has been pushed as a "standard"
work item within the IETF working group(s).
Whether or not it was pushed, it was not accepted and did not gain
IETF consensus, as Informational or anything else. The fact that marketing
managers and journalists can't read plain English is no surprise, but
not something that the IETF can fix. Among ourselves, we should read the
"status of this memo" section of every RFC we consult.
Brian
Additional add-ons and
higher overhead mail altering suggestions are being proposed to
address problems it causes. The same problem ADSP was abandoned for.
We might call it a "pseudo-standard" because of wide usage but in
reality it is still an informational status document. That should
change so it can get the proper status and wider and more complete
engineering reviews, and frankly more serious considerations. Since
ADSP was abandoned, a large investment was lost. I have a problem of
fully committing to a Informational Status DMARC protocol that has the
same problems ADSP had. Why should I further invest in it?
I support an IETF standardization effort of DMARC with a charter that
includes development of additional options we need in order to support
3rd party Authorization method with the expansion of policy options
and plus relaxation of any reporting requirements.
If we had completed this work when ADSP was the proposed standard, we
would of been done with this issue long ago or at least completed to
the point where List systems would be in a better position to adjust
with a simpler policy DNS lookup protocol. Its been over 10 years
now. Something has to give with this work already.
Thanks