spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: change of version string

2004-08-05 18:08:38
from [Mark Lentczner] [Permanent Link] 
On Aug 5, 2004, at 3:55 PM, John Glube wrote:

You indicated in response to a question from Frank that the
marid protocol will be set up to allow for checks involving
either SMTP mail from or PRA.
I wasn't clear. The MARID Working Group is proceeding with a set of drafts that only define checking the PRA. The group (as a whole) has never advanced drafts checking MAIL FROM. My examples were just showing that the change in version string allows one to continue to check MAIL FROM using "v=spf1" records. The MARID drafts will not mention "v=spf1" at all, nor checking MAIL FROM. 


I thought EHELO was included in previous versions. Why has
this been dropped?
There has been some group motion toward a set of drafts that check HELO/EHLO. These drafts are called CSV and have no relation to the original SPF work or the current Sender ID work. In particular, they do not use the same record format for publishing a domains authorizations. 


Is there any intent, consideration or thought being given
to adding, "want to test for ehelo go here, want to test
for sender from go here, do you like unified, consider
this?"
If this is the where you think the world should be, then you shouldn't be pushing for ANY draft to come out of the working group. The normal IETF practice would have been to: Wait until several methods of interest have been implemented and deployed for a year or more. Let domains learn about them. Let them decided what to implement and publish. Wait some more time and gather real data on both public interest and operational impact. THEN form a working group to pick only that which really works and hammer it all down into a spec.
In other words, if you think we should be just letting everyone try anything they'd like, then we don't need an IETF spec for that. Just develop ideas, write code, disseminate, evangelize, win hearts, minds and hosts.
However, many people felt that spam had reached such a critical state, and that something like SPF was such a clear win if we could promote quick adoption. Getting it approved as an IETF spec could help do that, and so the working group was convened with the specific charter to hammer it all out very quickly, without the normal multi-year lets see how they all work processes. 


I ask because some service providers are going to want to
run checks using SPF, Sender ID, CSV and when ready
DomainKeys.
There is nothing stopping those checks from being performed concurrently. Nor anything stopping a domain from participating in all four schemes. However, the working group as a whole did not show any serious interest in a "unified" approach, such as put forth by Meng and I. It isn't clear to the group as a whole that the "correct" solution involves all four schemes and "pick and choose" approach for publishers and checkers. Advancing the "unified" approach essentially enshrines such a path as standard practice. 

        - Mark
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DNS Wildcards Myth #1, Richard Parker
Next by Date:  Re: Re: change of version string, wayne
Previous by Thread:  RE: Re: change of version string, John Glube
Next by Thread:  Re: Re: change of version string, wayne
Indexes:  [Date] [Thread] [Top] [All Lists]