On Thu, 23 Sep 2004, Frank Ellermann wrote:
Mark Lentczner wrote in mxcomp (list of the former MARID WG):
draft-ietf-marid-protocol-03
Now after the IETF has closed MARID, and the IESG has not yet
accepted my appeal, I guess it's the best to continue all SPF
discussions in spf-discuss for the moment.
I'm not sure its good idea to pursue continuation of MARID with IESG
appeals. IETF was in very difficult position with all that happened
during last week.
For SPF I'd like to see an update of draft-mengwong-spf-01.txt,
reflecting all the work that has gone into protocol-03. The
syntax in protocol-03 is much better than the original syntax.
I think it would be approriate to continue in the path was going on
at MARID and with marid-protocol draft being renamed to spf-protocol
and with separate draft covering mail-from as has been recently
published by Mark. This goes along the Universal SPF direction.
I think we also need to look at some modifications made to protocol by
Mathew Elvey which he released as spf3.
The things I like to see changed from marid-protocol in particular is
removal of mentioning specific scope (other then in example) but keeping
scoping capabilities (I'll comment on this separately).
We probably can't use the stuff about different scopes for now,
therefore I propose to remove this from the "protocol", and
return to the original v=spf1 prefix instead of spf2.0/mfrom.
I've commented before that scoping can be achieved by means of
"sc=" scoping modifier. It is actually more capable as far
as supporting shared records then spf2.0 scoping. But at the
same time SPF2.0 scoping is more structured with less chance of
errors by those publishing records.
I've made private comments to Mark regarding how SPF2.0 scoping
could be improved to provide better support for sharing records.
If we contunue with SPF2.0 direction, I'll bring it up when
subject of scoping comes around again.
If we do not continnue with SPF2.0 and will keep v=spf1, I'd
like to see scoping modifier. Either way I don't want to see
scoping support disappear - it is important for Unified SPF.
Without the IETF we can also remove the parts about a new DNS
RR SPF and return to the plain TXT approach. That's not very
elegant, but the TXT "v=spf1" syntax _is_ common practice, and
introducing any incompatability with this common practice makes
no sense at this moment.
Absolutly not. I'll not particAipate in the SPF effort further if we
do not agree to work on moving to new dedicated SPF RR DNS records
for the future.
AFAIK the Received-SPF: header in draft-mengwong-spf-01.txt is
the only interesting part of "classic SPF" not yet covered by
protocol-03 plus mailfrom-00.
I'd like to see this covered as separate draft. I'd like to see
this being more general then just SPF. One possibility is working
to extend draft-kucherawy-sender-auth-header-00.txt and to document
use of such header for SPF needs.
There are still a lot of minor issues with protocol-03 and
mailfrom-00, but I'm most interested in salvaging as much as
possible from this "fun ride" (quoting Yakov Shafranovich).
"Fun ride" for SPF is not over by a long shot.
We're just starting on the long road towards deployment and standartization
of SPF and Unified SPF road and this road we're sure to see more interesting
curves and bumps on our way from draft proposals to experimental wide-scale
deployment and onto de-facto standard and finally to de-jure standard.
And if you think we can disregard internet standards process just because
IETF WG failed - think again!
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net