Re: [apps-discuss] DMARC working group charter proposal

Scott Kitterman <> Tue, 02 April 2013 01:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B268D11E80A6 for <>; Mon, 1 Apr 2013 18:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id VVddJW-EKMRd for <>; Mon, 1 Apr 2013 18:52:41 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id F0E4611E80A5 for <>; Mon, 1 Apr 2013 18:52:40 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id 74D7820E40D5; Mon, 1 Apr 2013 21:52:40 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=2007-00; t=1364867560; bh=U7PRFk8xBAcrtd3+aZBa29poRMLriDoticepSjswV20=; h=From:To:Subject:Date:In-Reply-To:References:From; b=WJsfPo7NJknXhnthjKJ4CqYPUup0GtTsid5TKkflRxkqxJB2p3ounTVUST7xeg9I2 T9XPMWM9BtbMx/7iweyDh9s1573G6uVRShFvHIwyDe8uTOp9bPvev+uBV7T2JMM5Hp mYsuK1mnMHZ7cZywaeL35Z3csqactoBqLGzJr08E=
Received: from scott-latitude-e6320.localnet ( []) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 58D1920E4090; Mon, 1 Apr 2013 21:52:39 -0400 (EDT)
From: Scott Kitterman <>
Date: Mon, 01 Apr 2013 21:52:39 -0400
Message-ID: <1981405.krhrID7K1t@scott-latitude-e6320>
User-Agent: KMail/4.9.5 (Linux/3.5.0-26-generic; KDE/4.9.5; i686; ; )
In-Reply-To: <>
References: <> <> <>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
Subject: Re: [apps-discuss] DMARC working group charter proposal
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 02 Apr 2013 01:52:41 -0000

On Monday, April 01, 2013 06:35:42 PM Dave Crocker wrote:
> On 4/1/2013 5:37 PM, Peter Saint-Andre wrote:
> > FWIW, the original XMPP WG (2002) had the following text in its
> > charter regarding backward compatibility with the existing
> > implementations and deployments of the Jabber protocols...
> There are important phases to the development and deployment of a
> specification.  One of those is the period immediately after release of
> a new specification, as has been done with DMARC.  Existing implementers
> have just made a large investment.  New adopters need to assess whether
> they are going to be safe in implementing the existing spec or whether
> they should wait.
> Change the spec in ways that force significant -- or worse, incompatible
> -- software changes too quickly, and the adoption of the technology is
> severely disrupted due to market confusion.  The folks that did the
> X.400 email specs learned this the hard way.  Many others have too.
> Hence my point about the recent, extensive deployment of DMARC.
> A serious bug is one thing; those need to be fixed.  Stray changes that
> are not essential are quite another; those can be deferred.  Working
> groups often show less concern for the distinction than one would like.
> The classic charter language ultimately says that a working group can do
> whatever it wants -- and no matter what 'preferences' are expressed in
> the charter text, the ultimate rule that gets specified is 'the working
> group decides whatever it wants'.  It needs a better anchor.
> Hence the current draft requires consulting the installed base.

If the installed base cares about backward compatibility, then they should 
show up for the working group.  The IETF is a much more open venue than where 
DMARC was incubated.  No matter how painful it is to contemplate, if it's not 
the IETF that has change control and the final say, then it's not IETF work.

I think using the DKIM charter as a model is a reasonable compromise.  I think 
there are enough people who understand deployment momentum and what's been 
done so far that you needn't worry over much about change for change sake 
being dumped on DMARC.

Scott K