spf-discuss
[Top] [All Lists]

RE: Moving Forward ...

2004-10-13 19:21:09
From: Carl Hutzler Sent: October 13, 2004 8:26 PM
<snip>

|Our concern really stems from the fact that others have
|concerns. And those concerns :may: slow adoption. This
|would be a downside as SID and other technologies really
|rely on wide-spread adoption to be effective.
|
|But for now, we do like the changes Meng spoke of above -
|support for PRA and mail-from and backwards compatibility
|with the v1 and v2 records.

Carl,

I appreciate your being so forthcoming. 

My issue is less on the technical side, although I do have
concerns about the effect wide scale deployment of SPF and
Sender ID may have on the email infrastructure. 

Which is why I believe having a focused technical review of
the proposals to ensure no deleterious effect is important.

My fundamental concern revolves around the draft patent
license issue, the impact this will have on wide scale
deployment and just as importantly the underlying question
of what form of patent license is appropriate for an open
standard.

See as an example the decision by the Apache Foundation not
to proceed with implementing Sender ID checking in Spam
Assassin.

I also happen to be of the view that Microsoft's stance on
this issue is not in its long term business interests, but
my views on this point are irrelevant.

The problem is that since we know in advance there is going
to be a huge battle, why not use this fact to get a better
result and so ultimately allow the "desired" technical
solution to move ahead?

By ignoring the draft patent license issue, it is sort of
like everyone saying "what elephant?" :-)

Having said this I appreciate your pointing out:

|From AOL's perspective we do not have an issue with the
|patent specifically as we are a big company with lots of
|patents and are confident in our ability to defend
|ourselves. We also know MSFT has only APPLIED for a patent
|and has not been awarded one and in fact may need to revise
|it due to its rather general language.
|
|On the license, we have never had an issue as we don't
|resell software except maybe for the iplanet stuff which is
|minor right now. And we are confident MSFT would not try
|and submarine us with a change in the license later on.
|MSFT has told us this emphatically and even published some
|information which would make it hard for them change the
|license and to make claims later on if they even wanted to.

Unfortunately, this does not deal with the concerns of the
folks at organizations like the Apache Foundation. 

Without their support, as expressed in their public
statement to the MARID list, in my view deployment of
Sender ID will be limited, so impairing any effectiveness
as an authentication tool.

Perhaps we could hear from someone from the Apache
Foundation on this whole discussion?

John

John Glube
Toronto, Canada

The FTC Calls For Sender Authentication
http://www.learnsteps4profit.com/dne.html



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.776 / Virus Database: 523 - Release Date: 12/10/2004