spf-discuss
[Top] [All Lists]

Re: Re: change of version string

2004-08-05 18:44:44
In <2622C366-E745-11D8-A694-000393A56BB6(_at_)glyphic(_dot_)com> Mark Lentczner 
<markl(_at_)glyphic(_dot_)com> writes:

I ask because some service providers are going to want to
run checks using SPF, Sender ID, CSV and when ready
DomainKeys.
There is nothing stopping those checks from being performed
concurrently.  Nor anything stopping a domain from participating in
all four schemes.  However, the working group as a whole did not show
any serious interest in a "unified" approach, such as put forth by
Meng and I.  It isn't clear to the group as a whole that the "correct"
solution involves all four schemes and "pick and choose" approach for
publishers and checkers.  Advancing the "unified" approach essentially
enshrines such a path as standard practice.

I strongly disagree that that the MARID working group did not show any
serious interested in a "unified" approach.

First off, the Unified-SPF specs were barely discussed on MARID list
because, from what I can tell, preasure from Microsoft.  Secondly, the
2821 checks were not abandoned, but delayed until after the 2822 PRA
checks were finished.  These 2821 checks are coming back in the form
of CSV (etc.), but there is no reason not to push for the Unified-SPF
approach at the same time.  

When you say "It isn't clear to the group as a whole ..."  are you
speaking as a co-chair?  If so, your comments seem to conflict with
the words of the other co-chairs in their interim meeting minutes.

Even in the last jabber session before IETF-60, the continued support
for SPF-classic brought up.  I know that both you and Meng think that
the entire SPF community will follow along and switch to the PRA and
MARID, but I don't believe it for a second.  Your own study of the PRA
showed that it had a much higher error rate than SPF and as tiny as
your study was, it is the largest todate.  There simply has been
almost no testing of the PRA and little reason to trust it.

I realize that you haven't participated much in the MARID list and
need to ask question basic questions like "who is raising the issue of
using a unified-spf approach?".  However, if you want to discuss the
issue of MARID version numbers, it would really make much more sense
to discuss it on the MARID list than here.  I note that you have not
responded to my comments on the version numbers on the MARID list at
all.


Yeah, I'm not that happy to see you abandoning something that works
for something that doesn't and then trying to convince people here
that the IETF won't consider Unified-SPF.



-wayne