spf-discuss
[Top] [All Lists]

RE: Article with Microsoft comments on future of Sender ID

2004-09-28 13:19:12
From: william(at)elan.net
Sent: September 28, 2004 2:07 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Article with Microsoft comments on future
of Sender ID

|I'll note that Microsoft is making incorrect statements
|regarding its "SenderID" framework. In fact MARID IETF
|working group HAS NOT "recommended to move forward with the
|framework as experimental", such recomendation would have
|required consensus of the WG and in fact majority of
|participants in the WG were completely against Sender ID
|and PRA documents to become either experimental or standard
|track RFC. 
|
|What did happen is that IETF Area Director "asked"
|individual participants to submit their proposals to IETF
|for review by yet to be formed IETF directorate that will
|then decide if they are worth moving forward to become
|EXERIMENTAL RFC based on their value and based on if they
|are or not in conflict with existing IETF standards.

http://www.pointnclickinc.com/articles09272004msftqanda.htm

A quick follow up comment. William's description of the
process is not entirely correct, although the point may be
somewhat one of semantics.

My understanding from a post made by Steve Hollenbeck (the
other Applications Area Director) to the MARID list (in
response to William's post) is that:

|IETF Directorates do not make decisions.  I know that some
|people think they do, but they have no decision making
|power.  They exist to provide focused review at the request
|of members of the IESG.  The IESG ultimately decides if a
|proposal will be published as an experimental RFC.

For what it is worth, in my view people should not consider
that any proposal which may be submitted to the IETF
Directorate for a focused review will ultimately be put
forward as an experimental RFC by the IESG.

What the IESG ruling said was:

|Given the importance of the world-wide email and DNS
|systems, it is critical that IETF-sponsored experimental
|proposals likely to see broad deployment contain no
|mechanisms that would have deleterious effects on the
|overall system. The Area Directors intend, therefore, to
|request that the experimental proposals be reviewed by a
|focused technology directorate.

To me, this means a security and operations review. One of
the issues will be DNS load based on wide scale deployment.
Conflict with an existing RFC, presuming the result is a
deleterious effect on the overall system would be another.
There are other issues. This is not a slam dunk.

Also, there is at least one and possibly two public calls
for review based on my reading of RFC 2026. 

The first apparently occurs when the proposal is submitted
to the RFC editor - section 4.2.3. The second occurs after
the IESG decides a particular proposal should go forward as
an experimental RFC - section 6.1.2 

Of course, having said all of this, William is quite right
to raise the issue of what is being reported on the topic. 

It also shows why any statements made by persons on behalf
of SPF need proper framing. What's good for the goose is
good for the gander.

I for one am grateful. Thanks.

John

John Glube
Toronto, Canada

For the Record, Will Microsoft Own Email?
http://www.learnsteps4profit.com/wme.html
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.767 / Virus Database: 514 - Release Date: 21/09/2004
 


<Prev in Thread] Current Thread [Next in Thread>