RE: Announcement: Mailbox Reputation Scheme

I have been working on a specification for accreditation in SPF (attached).

Some comments:

1) It is a good idea, to publish reputation through DNS even if you have a
PKI. You certainly don't want to have to pull a cert chain just to check
reputation in an MTA. The PKI model is to push processing to the edge so
that you can avoid compute intensive operations like cert chain formation at
network bottlenecks.

2) The term accreditation is pretty well established in the community after
the Aspen meeting. I do not see how the term 'peer' is relevant. 

acme.com IN TXT "v=mrn1 accreditor=example.net"

Is rather easier to read. Peer suggests to me something very different.

3) You don't need to commit to an accreditation policy. The peer scheme may
well work, looks to me like it would be easy to defeat but in the end the
filters will give empirical measurement of the effectiveness of the various
schemes.

4) It works much better as an SPF entry pointing to the existence of an mrn
record:

acme.com IN TXT "v=spf1 +mx -all accreditor=example.net"

That way we do not need to worry about overloading TXT, electors or
anything. If the record gets big you can use:

acme.com IN TXT "v=spf1 +mx -all include=_spf1"
_spf1.acme.com IN TXT "v=spf1 accreditor=example.net"

5) Rather than form a new group it would be better to separate the spf group
into deployment and development sections.

6) Creating new acronyms diltes the power of the SPF brand. 



> -----Original Message-----
> From: Dan Boresjo [mailto:dan(_at_)boresjo(_dot_)demon(_dot_)co(_dot_)uk]
> Sent: Friday, January 30, 2004 12:06 PM
> To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
> Subject: [spf-discuss] Announcement: Mailbox Reputation Scheme
>
>
> Hello Everybody!
>
> Following on from the various discussions here on the subject 
> of sender 
> reputation schemes, I would like to make call for 
> participation in the 
> "Mailbox Reputation Network". The URL is here:
>
> http://www.polityresearch.com/mrn
>
> Main features:
> 1) Decentralised and distributed system.
> 2) Immune to gaming.
> 3) Supports both grassroots and corporate organisational models.
> 4) Independent of any particular authentication scheme.
> 5) Policy-neutral with respect to scoring heuristics etc.
>
> _and_
>
> 6) It's more fun than PKI, yet more scaleable than Friendster!
>
> - Dan
>
> -------
> Sender Permitted From: http://spf.pobox.com/
> Archives at http://archives.listbox.com/spf-discuss/current/
> Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
> Wiki: 
> http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
> To unsubscribe, change your address, or temporarily 
> deactivate your subscription, 
> please go to 
> http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

accreditation.txt
Description: Text document