spf-discuss
[Top] [All Lists]

Re: Re: For SPF council review: NOT RECOMMENDED

2005-05-08 08:19:16
In <427D9A71(_dot_)684A(_at_)xyzzy(_dot_)claranet(_dot_)de> Frank Ellermann 
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> writes:

Scott Kitterman wrote:

I like NOT RECOMMENDED, but not at the expense of having an
RFC.

Actually this ought to be checked with MarkL and Ted Hardie.
My best guess is that it's the usual FUD of the Sender-ID
faction.  Maybe plus a confession of Meng that he broke his
word given in an earlier Council meeting about this issue.

And a confirmation of William's analysis that there are only
three persons who were in the position to add this obscure
"RfC editor note" to draft -00:  Meng, Wayne, and Ted.

I very much doubt that Ted did this alone on his own account.
And I'd bet that it wasn't Wayne.  So that leaves Meng, maybe
it was before he gave his word in the SPF Council.  Maybe not.

I am almost certain that I saw that note to the RFC editor to remove
the "NOT RECOMMENDED" line before Meng mentioned it in a later SPF
council meeting.  The SPF council did not vote on the subject until
the meeting that Meng raised the point in.  Hence, if Meng gave his
permission to have the draft changed, he did so without violating any
SPF council recommendations.

On the other hand, Meng would have done so without consulting me and
it would have been the very first suggested made to either the
draft-lentczner-spf-00 draft or the draft-schlitt-spf-classic-00
draft.  (Ok, Meng asked the council to confirmed that HELO checking
should be in the SPF draft, but it was already in the draft.)




Now I have no idea if Meng's right or wrong

I have.  Meng belongs to a small club of big players supporting
MS Sender-ID, and because this club has no base without v=spf1
they try to steal it.

FYI;  I think it would be best if we stopped calling it SenderID
because SenderID is a trademark of another email system and the MARID
WG decided that the term "SenderID" should not be used.  (After
consulting the IETF lawyers, IIRC.)


                                                          Would
you join an IETF WG where Andy is the chair ?

Yeah, I probably would.  I think Andy worked hard to try and manage a
bad situation.  I think it was mostly Ted Hardie that overruled the
co-chairs and forced through the MS changes.  Andy, for example, was
one of only two people to actually do research on the effectiveness of
the MARID proposals, MarkL was the other.  Considering how strongly MS
was pushing this, these were not the people that I expected to publish
actual data backing up the claims that the MARID proposals were safe
and effective.  But then, the results published by both Andy and MarkL
showed that the MARID proposals weren't as safe or effective as SPF.


no matter what our RFC says, it isn't going to stop people
doing what they want with v=spf1 records.

That's Phil's line.  Of course you can abuse SPF for whatever
you like, e.g. block all senders without sender policy.

Yep, that's PHB's line.  He also seems to think that SPF records
represent all outgoing MTAs controlled by a company, but that isn't
true either.


-wayne