Re: 50 people vs. newman
Valdis.Kletnieks@vt.edu Tue, 05 August 1997 15:21 UTC
Received: from cnri by ietf.org id aa11068; 5 Aug 97 11:21 EDT
Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by cnri.reston.va.us (8.8.5/8.7.3) with ESMTPid LAA13139; Tue, 5 Aug 1997 11:19:27 -0400 (EDT)
Received: (from majordomo@localhost) by mail.proper.com (8.8.5/8.7.3) id HAA08184 for ietf-822-bks; Tue, 5 Aug 1997 07:36:36 -0700 (PDT)
Received: from black-ice.cc.vt.edu (black-ice.cc.vt.edu [128.173.14.71]) by mail.proper.com (8.8.5/8.7.3) with ESMTP id HAA08180 for <ietf-822@imc.org>; Tue, 5 Aug 1997 07:36:30 -0700 (PDT)
Received: from black-ice.cc.vt.edu (LOCALHOST [127.0.0.1]) by black-ice.cc.vt.edu (8.8.7/8.8.7) with ESMTP id KAA34916 for <ietf-822@imc.org>; Tue, 5 Aug 1997 10:40:39 -0400
Message-Id: <199708051440.KAA34916@black-ice.cc.vt.edu>
To: ietf-822@imc.org
Subject: Re: 50 people vs. newman
In-Reply-To: Your message of "Tue, 05 Aug 1997 15:19:36 +0200." <5089.870787176@dale.uninett.no>
From: Valdis.Kletnieks@vt.edu
X-Url: http://black-ice.cc.vt.edu/~valdis/
X-Face: 34C9$Ewd2zeX+\!i1BA\j{ex+$/V'JBG#; 3_noWWYPa"|,I#`R"{n@w>#:{)FXyiAS7(8t( ^*w5O*!8O9YTe[r{e%7(yVRb|qxsRYw`7J!`AM}m_SHaj}f8eb@d^L>BrX7iO[<!v4-0bVIpaxF#-) %9#a9h6JXI|T|8o6t\V?kGl]Q!1V]GtNliUtz:3},0"hkPeBuu%E,j(:\iOX-P,t7lRR#
References: <5089.870787176@dale.uninett.no>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_1092358604P"; micalg="pgp-md5"; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Tue, 05 Aug 1997 10:40:39 -0400
Sender: owner-ietf-822@imc.org
Precedence: bulk
On Tue, 05 Aug 1997 15:19:36 +0200, Harald.T.Alvestrand@uninett.no said: > The Newman proposal describes a *per site* mechanism, with no effect > (that I can see) on systems apart from the ones that *choose* to > adopt this mechanism. > With some care, it can be used *per user*, with no effect on the > other users of the same mailhost. Alas Harald, it's not *quite* that simple. Now, I could support this draft as going out as an "Informational" describing "here's the way some sites do it". Unfortunately, as written, I think this would be a Bad Idea for even "Elective" status, much less 'MUST" status. The problem is that everything is too damned intertwined. For instance, let's say we have a mailing list A, and subscribers X, Y, and Z at seperate sites. Now, if the administrators at sites X and Y upgrade to this new scheme, *it doesn't really do any good* if site A is unaware. Site A treats the 'local part' as an opaque cookie to be dealt with by sites X and Y. As such, it's *not* permitted to look "inside" the opaque-cookie local-part and say "Oh, this is from zlortch@X, he's allowed to modify zlortch+biglist@X entries". Of course, being able to do this sort of parsing *was* the whole *point* of the proposal... So site A upgrades. And thus breaks size Z, which happens to use '+' (or whatever meta-char we picked) as a seperator for something ELSE. Remember, since it's elective, site Z can opt out. However, site A now has a dilemma - it has no way of knowing which sites are using the subaddressing scheme and which aren't. Anybody who says "Site A can just keep a list of which sites X Y Z are using which style" can go back and read up on why the DNS was invented. And don't propose an "Extended MX" - it's been proven that people can't get *REGULAR* MX configured right (how long has "compuserve.com" been pointing their MX at a CNAME? ;) Bottom line - I think this proposal is a non-starter unless it provides a way for a *remote* system (such as a MLM or what-have-you) to determine if the option is available or not. Yes, I know RFC1123 says 'you MUST support postmaster'. However, notice that the status of 1123 means that a remote system is allowed to use simple lexical operations to determine address validity for those reserved addresses. If they accept a connection on port 25, it has to be safe to mail to 'postmaster@'. However, there is no similar way for a remote host to verify whether it should consider 'fred', 'fred+warbot', 'fred+ghost' etc to be the "same" or not. As has been pointed out, this has a *large* impact on MLM systems, and on anything that wants to do cryptographic signatures. This message is PGP-signed. Would I have to add a new userid to my public key and re-send it to the keyservers each time I started using a new '+whatever' address? Remember - the answer to this is *NOT* PGP-specific... ;) -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
- 50 people vs. newman D. J. Bernstein
- Re: 50 people vs. newman Harald.T.Alvestrand
- Re: 50 people vs. newman Valdis.Kletnieks
- Re: 50 people vs. newman Bart Schaefer
- MLM subaddress requirement Chris Newman
- Re: MLM subaddress requirement Valdis.Kletnieks
- Re: MLM subaddress requirement Chris Newman
- Re: 50 people vs. newman D. J. Bernstein
- Re: 50 people vs. newman Donald E. Eastlake 3rd
- Re: MLM subaddress requirement Valdis.Kletnieks
- Re: 50 people vs. newman D. J. Bernstein
- Re: MLM subaddress requirement Donald E. Eastlake 3rd