[apps-discuss] Proposed "spfbis" working group charter
"Murray S. Kucherawy" <msk@cloudmark.com> Mon, 14 November 2011 05:46 UTC
Return-Path: <msk@blackops.org>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9325821F8CBC for <apps-discuss@ietfa.amsl.com>; Sun, 13 Nov 2011 21:46:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Byr++RMJp3+T for <apps-discuss@ietfa.amsl.com>; Sun, 13 Nov 2011 21:46:07 -0800 (PST)
Received: from medusa.blackops.org (medusa.blackops.org [208.69.40.157]) by ietfa.amsl.com (Postfix) with ESMTP id D98B121F846B for <apps-discuss@ietf.org>; Sun, 13 Nov 2011 21:46:06 -0800 (PST)
Received: from medusa.blackops.org (msk@localhost.blackops.org [127.0.0.1]) by medusa.blackops.org (8.14.4/8.14.4) with ESMTP id pAE5k2HC035232 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <apps-discuss@ietf.org>; Sun, 13 Nov 2011 21:46:03 -0800 (PST) (envelope-from msk@medusa.blackops.org)
X-DKIM: OpenDKIM Filter v2.4.2 medusa.blackops.org pAE5k2HC035232
X-SenderID: Sendmail Sender-ID Filter v1.0.0 medusa.blackops.org pAE5k2HC035232
Authentication-Results: medusa.blackops.org; sender-id=softfail header.from=msk@cloudmark.com; spf=none smtp.mfrom=msk@medusa.blackops.org
Received: (from msk@localhost) by medusa.blackops.org (8.14.4/8.14.2/Submit) id pAE5k1aW035215; Sun, 13 Nov 2011 21:46:01 -0800 (PST) (envelope-from msk)
Date: Sun, 13 Nov 2011 21:46:01 -0800
Message-Id: <201111140546.pAE5k1aW035215@medusa.blackops.org>
From: "Murray S. Kucherawy" <msk@cloudmark.com>
To: apps-discuss@ietf.org
Subject: [apps-discuss] Proposed "spfbis" working group charter
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2011 05:46:58 -0000
As discussed today in the APPSAWG meeting. Comments welcome. --- 8< --- snip --- 8< --- Working Group Name: SPF Update (SPFBIS) IETF Area: Applications Area Chair(s): TBD Applications Area Director(s): Pete Resnick <presnick@qualcomm.com> Peter Saint-Andre <stpeter@stpeter.im> Applications Area Advisor: Pete Resnick <presnick@qualcomm.com> Mailing Lists: General Discussion: spfbis@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/spfbis Archive: http://www.ietf.org/mail-archive/web/spfbis/ Description of Working Group: The Sender Policy Framework (SPF, RFC4408) specifies the publication of a DNS record which states that a listed IP address is authorized to send mail on behalf of the listing domain name's owner. SMTP servers extract the domain name in the SMTP "MAIL FROM" command for confirming this authorization. The protocol has had Experimental status for some years and has become widely deployed. This working group will revise the specification, based on deployment experience and listed errata, an will seek Standards Track status for the protocol. The MARID working group created two specifications for publication of email-sending authorization: Sender-ID (RFFC4405, RFC4406 and RFC4407) and SPF (RFC4408), with both having Experimental status. By using IP addresses, both protocols specify authorization in terms of path, though unlike SPF, Sender-ID uses domain names found in the header of the message rather than the envelope. The two protocols rely on the same policy mechanism, namely a specific TXT resource record in the DNS. This creates a basic ambiguity about the interpretation of any specific instance of the TXT record. Because of this, there were concerns about conflicts between the two in concurrent operation. The IESG Note added to each invited an expression of community consensus in the period following these publications. Both enjoyed initially large deployments. Broad SPF use continues, and its linkage to the envelope -- rather than Sender-ID's linkage to identifiers in the message content -- has proven sufficient among operators. This concludes the experiment. This working group will therefore refine the SPF specification based on deployment experience and listed errata, and will seek Standards Track status for the protocol. Changes to the specification will be limited to the correction of errors, removal of unused features, addition of any enhancements that have already gained widespread support, and addition of clarifying language. The working group will also produce a document describing the course of the SPF/Sender-ID experiment (defined in the IESG note on the RFCs in question), bringing that experiment to a formal conclusion. Specifically out-of-scope for this working group: * Revisiting past technical arguments that were covered in the MARID working group, except where review is reasonably warranted based on operational experience. * Discussion of the merits of SPF. * Discussion of the merits of Sender-ID in preference to SPF. * Extensions to SPF other than the one specified in the "scope" document. The working group will re-charter to process other specific proposed extensions as they are identified. The initial draft set: draft-kitterman-rfc4408bis draft-mehnle-spfbis-scope Goals and Milestones: MMM YYYY: A standards track document defining SPF, based on RFC4408 and as amended above, to the IESG for publication. MMM YYYY: A document describing the SPF/Sender-ID experiment and its conclusions to the IESG for publication. MMM YYYY: A standards track document creating the "scope" extension to the IESG for publication.
- [apps-discuss] Proposed "spfbis" working group ch… Murray S. Kucherawy
- Re: [apps-discuss] Proposed "spfbis" working grou… Martin J. Dürst
- Re: [apps-discuss] Proposed "spfbis" working grou… Murray S. Kucherawy
- Re: [apps-discuss] Proposed "spfbis" working grou… Murray S. Kucherawy
- Re: [apps-discuss] Proposed "spfbis" working grou… Martin J. Dürst
- Re: [apps-discuss] Proposed "spfbis" working grou… Murray S. Kucherawy
- Re: [apps-discuss] Proposed "spfbis" working grou… Barry Leiba