Re: Re: change of version string
2004-08-05 18:08:38
On Aug 5, 2004, at 3:55 PM, John Glube wrote:
You indicated in response to a question from Frank that the
marid protocol will be set up to allow for checks involving
either SMTP mail from or PRA.
I wasn't clear. The MARID Working Group is proceeding with a set of
drafts that only define checking the PRA. The group (as a whole) has
never advanced drafts checking MAIL FROM. My examples were just
showing that the change in version string allows one to continue to
check MAIL FROM using "v=spf1" records. The MARID drafts will not
mention "v=spf1" at all, nor checking MAIL FROM.
I thought EHELO was included in previous versions. Why has
this been dropped?
There has been some group motion toward a set of drafts that check
HELO/EHLO. These drafts are called CSV and have no relation to the
original SPF work or the current Sender ID work. In particular, they
do not use the same record format for publishing a domains
authorizations.
Is there any intent, consideration or thought being given
to adding, "want to test for ehelo go here, want to test
for sender from go here, do you like unified, consider
this?"
If this is the where you think the world should be, then you shouldn't
be pushing for ANY draft to come out of the working group. The normal
IETF practice would have been to: Wait until several methods of
interest have been implemented and deployed for a year or more. Let
domains learn about them. Let them decided what to implement and
publish. Wait some more time and gather real data on both public
interest and operational impact. THEN form a working group to pick
only that which really works and hammer it all down into a spec.
In other words, if you think we should be just letting everyone try
anything they'd like, then we don't need an IETF spec for that. Just
develop ideas, write code, disseminate, evangelize, win hearts, minds
and hosts.
However, many people felt that spam had reached such a critical state,
and that something like SPF was such a clear win if we could promote
quick adoption. Getting it approved as an IETF spec could help do
that, and so the working group was convened with the specific charter
to hammer it all out very quickly, without the normal multi-year lets
see how they all work processes.
I ask because some service providers are going to want to
run checks using SPF, Sender ID, CSV and when ready
DomainKeys.
There is nothing stopping those checks from being performed
concurrently. Nor anything stopping a domain from participating in all
four schemes. However, the working group as a whole did not show any
serious interest in a "unified" approach, such as put forth by Meng and
I. It isn't clear to the group as a whole that the "correct" solution
involves all four schemes and "pick and choose" approach for publishers
and checkers. Advancing the "unified" approach essentially enshrines
such a path as standard practice.
- Mark
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- RE: Re: change of version string, (continued)
- Re: Re: change of version string, Mark Lentczner
- RE: Re: change of version string, John Glube
- Re: Re: change of version string,
Mark Lentczner <=
- Re: Re: change of version string, wayne
- Re: Re: change of version string, James Couzens
- RE: Re: change of version string, John Glube
- Re: Re: change of version string, Meng Weng Wong
- RE: Re: change of version string, John Glube
- Re: Re: change of version string, Meng Weng Wong
- Re: change of version string, John Glube
- RE: Re: change of version string, John Glube
- Re: Re: change of version string, Mark Lentczner
- RE: Re: change of version string, John Glube
|
|
|