spf-discuss
[Top] [All Lists]

Re: news from the Seoul BOF

2004-03-04 12:43:51
In <20040304141611(_dot_)3F21558F(_at_)dumbo(_dot_)pobox(_dot_)com> 
mengwong(_at_)dumbo(_dot_)pobox(_dot_)com (Meng Weng Wong) writes:

Well, that went fairly well.

I have just finished viewing the video of this meeting.  I was very
pleased with what I saw.  Not only was it informative (compared to
another BoF session that I viewed), but things were *FAR* more
positive than I had expected.

The BoF session was scheduled to last for 2.5 hours.  The video
apparently started 15 minutes early and the meeting started 5 minutes
late, so you can safely skip the first 20 minutes.  The video went for
exactly 3 hours and the meeting still wasn't finished.  Someone who
was there will have to fill us in on anything we missed.


I got the impression from viewing the video that this was an unusually
popular session for an IETF BoF.  And, considering that it was the
first time this subject has apparently been addressed by the IETF, I
think things went very smoothly.



The points I got out of this BoF were:

1) This is an important subject that the IETF should address.

2) There will likely be a couple of proposed solutions to a couple of
   problem areas rather than just one solution.  That is, there may be
   a proposal for addressing the MAIL FROM forging, one for "is this
   IP allowed to be an MTA?" question, and maybe one for the From:
   header forging problem.

3) There was strong resistance to using TXT records.

4) There was as strong an objection to "this breaks email" as I had
   expected, but there is a lot of concerns about what gets broken,
   and why it would be worth it.  I had expected strong resistance to
   any breakage at all, but the impression I got was there a lot of
   support for change, IF DONE CORRECTLY.  (Of course, the devil is in
   the details, so who knows if anyone will agree to any changes.)

5) MicroSoft announcing their Caller-ID proposal was probably a big
   plus.  It was never directly talked about since MS hasn't submitted
   a draft of it to the IETF, but I think that may have been part of
   why people were so concerned about addressing these problems and
   "doing it right" rather than just letting things go on as they have
   been.



-wayne