Re: [apps-discuss] APPSDIR review of draft-melnikov-smtp-priority-13

Alexey Melnikov <alexey.melnikov@isode.com> Wed, 30 May 2012 17:07 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E59C21F8627; Wed, 30 May 2012 10:07:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.527
X-Spam-Level:
X-Spam-Status: No, score=-102.527 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ziIfV3MCSdFd; Wed, 30 May 2012 10:07:48 -0700 (PDT)
Received: from rufus.isode.com (cl-125.lon-03.gb.sixxs.net [IPv6:2a00:14f0:e000:7c::2]) by ietfa.amsl.com (Postfix) with ESMTP id 0BEBD21F8623; Wed, 30 May 2012 10:07:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1338397667; d=isode.com; s=selector; i=@isode.com; bh=1UhU2N+uQaFDSLtCbE93wBi06Ya10RAXFGXnEi9/KVw=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=uE3BfkzQ/kQ/sYUEebRUw0Yla7ar1Hc1Wq0oFW8FgKqGjM1+CFExgKb3uA0LNbzGvew+QK HKd4YubdVaFB8Z7XpxvAEaorSc7ukWELmHN21zzKMIRlp2EMHRzOUuAEkYHsGNAh5+cCKC 9kWYGeKegBDj+jSOkXPRHeVPIkvGov4=;
Received: from [172.16.1.29] (shiny.isode.com [62.3.217.250]) by rufus.isode.com (submission channel) via TCP with ESMTPSA id <T8ZT4QAE48DQ@rufus.isode.com>; Wed, 30 May 2012 18:07:47 +0100
X-SMTP-Protocol-Errors: PIPELINING
Message-ID: <4FC653E0.9000404@isode.com>
Date: Wed, 30 May 2012 18:07:44 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
To: Pete Resnick <presnick@qualcomm.com>
References: <6.2.5.6.2.20120521130747.0c219ab0@elandnews.com> <CALaySJKfcWZYEDeR9_WaLxDM9O-gzwV2cgER0iZRB4Ovy=YOBA@mail.gmail.com> <4FC4E574.6000408@qualcomm.com>
In-Reply-To: <4FC4E574.6000408@qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: draft-melnikov-smtp-priority-13.all@tools.ietf.org, Barry Leiba <barryleiba@computer.org>, S Moonesamy <sm+ietf@elandsys.com>, apps-discuss@ietf.org, iesg@ietf.org
Subject: Re: [apps-discuss] APPSDIR review of draft-melnikov-smtp-priority-13
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 May 2012 17:07:49 -0000

On 29/05/2012 16:04, Pete Resnick wrote:
> On 5/21/12 6:39 PM, Barry Leiba wrote:
>>>>   Message Submission Agents MUST implement a policy that only allows
>>>>   authenticated users (or only certain groups of authenticated users)
>>>>   to specify message transfer priorities, and MAY restrict maximum
>>>>   priority values different groups of users can request, or MAY
>>>>   override the priority values specified by MUAs.
>>> I would have used a "SHOULD only allow authenticated users" and 
>>> explain that
>>> there is a policy override.  It's to get around the "MUST implement a
>>> policy".
>> I think I actually prefer it the way it is, because it highlights the
>> key point that this is all a policy decision.  If, in fact, an
>> implementation should allow a policy that everyone's considered
>> authenticated, and some deployment should choose that policy, I'd be
>> fine with it... because they have chosen their policy. 
>
> But then the "MUST implement a policy that only allows authenticated 
> users" would be bogus, because they didn't do that.
>
> On 5/24/12 3:30 AM, Alexey Melnikov wrote:
>
>> I tend to agree with Barry that this should remain MUST.
>
> To agree with SM to an extent: If it needs to be a MUST, why is it not 
> "Message Submission Agents MUST only allow authenticated users..."? 
> What's with the "implement a policy" thing?
>
> I think you have to make a decision here: If you think that it harms 
> things to have unauthenticated users specifying priorities, say "MUST 
> only allow authenticated users". If you think that it's OK to set 
> policy to allow anyone, say, "SHOULD only allow authenticated users" 
> and explain that policy can change that. I have no idea how the 
> current text is reasonably actionable.

I mostly used the current wording to avoid discussing what is 
authentication. I didn't mean "authentication with SMTP AUTH", because 
authentication by IP address is quite common (and sufficient in some 
environments).