Re: MLM subaddress requirement Tue, 05 August 1997 17:01 UTC

Received: from cnri by id aa13599; 5 Aug 97 13:01 EDT
Received: from ( []) by (8.8.5/8.7.3) with ESMTPid MAA13501; Tue, 5 Aug 1997 12:59:27 -0400 (EDT)
Received: (from majordomo@localhost) by (8.8.5/8.7.3) id JAA09682 for ietf-822-bks; Tue, 5 Aug 1997 09:38:29 -0700 (PDT)
Received: from ( []) by (8.8.5/8.7.3) with ESMTP id JAA09675 for <>; Tue, 5 Aug 1997 09:38:20 -0700 (PDT)
Received: from (LOCALHOST []) by (8.8.7/8.8.7) with ESMTP id MAA15290 for <>; Tue, 5 Aug 1997 12:42:37 -0400
Message-Id: <>
Subject: Re: MLM subaddress requirement
In-Reply-To: Your message of "Tue, 05 Aug 1997 09:30:22 PDT." <>
X-Face: 34C9$Ewd2zeX+\!i1BA\j{ex+$/V'JBG#; 3_noWWYPa"|,I#`R"{n@w>#:{)FXyiAS7(8t( ^*w5O*!8O9YTe[r{e%7(yVRb|qxsRYw`7J!`AM}m_SHaj}f8eb@d^L>BrX7iO[<!v4-0bVIpaxF#-) %9#a9h6JXI|T|8o6t\V?kGl]Q!1V]GtNliUtz:3},0"hkPeBuu%E,j(:\iOX-P,t7lRR#
References: <>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_1444093296P"; micalg="pgp-md5"; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Tue, 05 Aug 1997 12:42:37 -0400
Precedence: bulk

On Tue, 05 Aug 1997 09:30:22 PDT, Chris Newman said:
> A subaddress aware MLM MUST provide a way for a user to use his
> primary address with a subaddress for subscription and use just his
> primary address for posting.  Some ways to meet this requirement include:
> (1) Having no restrictions on who can post to the list.

Not Acceptable.

> (2) Permitting subscribers to register different posting and submission
> addresses.

Pain in the ass.

> (3) Ignoring subaddresses for the purpose of permitting postings.

This doesn't work.  Remember - the MLM *CAN NOT TELL* whether a piece
of mail from '' is from a subaddress-aware site or if
it's just from a site that has some OTHER meaning for '+'.  As such,
if you "ignore", and the list is closed, you just allowed ''
to improperly post/subscribe/etc to the list.

> This now directly dictates the interoperability issue rather than a
> particular solution to it (which is what I should have done in the first
> draft).  There are plenty of ways to address this requirement without any
> significant impact on MLM systems or security validation.

No there aren't.  See above.

> > Bottom line - I think this proposal is a non-starter unless it provides
> > a way for a *remote* system (such as a MLM or what-have-you) to
> > determine if the option is available or not.
> Do you still feel this is necessary if I make the above change?

Yes.  If the remote system is unable to tell if an optional feature is in
use, it *MUST* assume that the feature is *NOT* present.  Blindly saying
"This is SO $%(*^$% neat that I'll assume the world does it TOO" is just
a good way to screw the users to the wall.

				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech