Re: [apps-discuss] DMARC working group charter proposal

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

On 04/01/2013 11:16 PM, Murray S. Kucherawy wrote:
> Hi Stephen,
> 
> We've already had this very conversation, so we're aware of the issue.  The
> text we have was an attempt to re-create the same constraints DKIM had,
> preferring no changes, but not completely proscribing it either.  It sounds
> like we have a little more text massaging to do to make it clear that's
> where were trying to go.

Right. If the outcome is charter text like we had with DKIM that'd
be fine. FWIW, the initial charter for DKIM said:

"Experimentation has resulted in Internet deployment of these
specifications. Although not encouraged, non-backwards-compatible
changes to these specifications will be acceptable if the DKIM working
group determines that the changes are required to meet the group's
technical objectives."

I don't know if that's something that'd work for dmarc but I
think it does hit the right note, and I think with DKIM that
worked fine. (But I'm biased of course;-)

S

> 
> Thanks,
> -MSK
> 
> 
> On Mon, Apr 1, 2013 at 11:53 AM, Stephen Farrell
> <stephen.farrell@cs.tcd.ie>wrote:
> 
>>
>> FWIW, I'm concerned about this charter text:
>>
>> "The strong preference is for the working group to preserve existing
>> software and procedures. For changes likely to affect the installed
>> base, the working group will seek review and advice, beyond working
>> group participants, to include other developers and operators of
>> DMARC-based mechanisms. "
>>
>> I don't know how the not-yet-formed WG can have a preference nor
>> how a formed-wg can seek advice "beyond the working group" with
>> our processes.
>>
>> Both of those would seem like charter-show-stoppers to me (and
>> fairly reek of rubber-stamping to put it pejoratively).
>>
>> We had to, and did, address similar issues with DKIM/DomainKeys
>> so I hope that a similar approach will also work here - its
>> fine for proponents of a technology to prefer no change but
>> its not fine to constrain an IETF WG to rule out changes, but
>> I reckon its actually not that hard to write down something
>> that works, as we eventually did in the DKIM case.
>>
>> (I've not read the draft yet so this is just a comment on the
>> charter text, not on the meat of the proposal. I do think this
>> point deserves to be raised on apps-discuss given that its not
>> really dmarc-specific.)
>>
>> Cheers,
>> S.
>>
>> On 04/01/2013 06:25 AM, Murray S. Kucherawy wrote:
>>> At the IETF meeting in Atlanta, Tim Draegen presented a proposal for
>> DMARC,
>>> which is an email authentication and reporting layer atop SPF and DKIM.
>>> The externally-developed proposal is now in widespread deployment by a
>>> number of large-scale providers.  The group that developed it is seeking
>> to
>>> bring it to the IETF for further development and broad review, and
>>> development of operational guidance.
>>>
>>> A first draft of a charter can be found linked from
>>> http://wiki.tools.ietf.org/wg/appsawg/trac/wiki.
>>>
>>> There is a dmarc@ietf.org list available for discussing the technical
>>> contents of the work and also this draft charter.  Please follow up there
>>> with any charter contents so we don't innundate this list with that
>>> discussion.  To subscribe to that list:
>>>
>>> https://www.ietf.org/mailman/listinfo/dmarc
>>>
>>> -MSK
>>>
>>>
>>>
>>> _______________________________________________
>>> apps-discuss mailing list
>>> apps-discuss@ietf.org
>>> https://www.ietf.org/mailman/listinfo/apps-discuss
>>>
>>
>