IETF Logo Mail Archive

Re: [apps-discuss] WGLC on draft-ietf-appsawg-rfc7001bis-05

Scott Kitterman <scott@kitterman.com> Wed, 08 April 2015 14:29 UTC

Return-Path: <scott@kitterman.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB4991B3139 for <apps-discuss@ietfa.amsl.com>; Wed, 8 Apr 2015 07:29:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.298
X-Spam-Level:
X-Spam-Status: No, score=0.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MANGLED_TOOL=2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Vt3mV07JeA8 for <apps-discuss@ietfa.amsl.com>; Wed, 8 Apr 2015 07:29:13 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [IPv6:2607:f0d0:3001:aa::2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2905E1B312D for <apps-discuss@ietf.org>; Wed, 8 Apr 2015 07:29:13 -0700 (PDT)
Received: from kitterma-e6430.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 2AFF3C4001A for <apps-discuss@ietf.org>; Wed, 8 Apr 2015 09:29:12 -0500 (CDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=201409; t=1428503352; bh=tcA/MtHRTFLAinuKSoC4sOaYh0D09aEFFP4q/3eSNj4=; h=From:To:Subject:Date:In-Reply-To:References:From; b=fQSh38aKlJxaznbgjOBF3yMD3KRR00/CMJais9FNcI40p9k45LTyvJAaAfXS5v3ok b6MeEMiRV08PGKOMCV4L6EiLZn7s3CKdiEUN4nEkX+Qj0qRpGy8L2JTwT4/PndfTF/ +Rb0eCUS84xHVbHtQoT9Drmt0lfc6RxywInDq2HM=
From: Scott Kitterman <scott@kitterman.com>
To: apps-discuss@ietf.org
Date: Wed, 08 Apr 2015 10:29:11 -0400
Message-ID: <2383989.tErOfD7dMh@kitterma-e6430>
User-Agent: KMail/4.13.3 (Linux/3.13.0-48-generic; KDE/4.13.3; x86_64; ; )
In-Reply-To: <5518019A.7080508@isode.com>
References: <5518019A.7080508@isode.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <http://mailarchive.ietf.org/arch/msg/apps-discuss/q2jBXu2JKqNPnGWkT7JHjGkxmIc>
Subject: Re: [apps-discuss] WGLC on draft-ietf-appsawg-rfc7001bis-05
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 14:29:15 -0000

On Sunday, March 29, 2015 02:43:54 PM Alexey Melnikov wrote:
> This message is starting 3 weeks (*) Working Group Last Calls on
> draft-ietf-appsawg-rfc7001bis-05 (Message Header Field for Indicating
> Message Authentication Status). The WGLC ends on
> April 19th.
> 
> Please send your comments on the document in a reply to this message or
> directly to me. If you read the document and you think the document is
> ready for publication, saying so would also be helpful.

I've reviewed the document and believe it's essentially ready for publication.  
I think there is a bit of editorial adjustment needed in the prose about 
different a-r methods.

Here's my list of A-R related RFCs:

RFC 5451/7001 Message Header Field for Indicating Message Authentication 
Status
RFC 5617 DKIM/ADSP
RFC 6008 DKIM signature identification (header.b)
RFC 6212 Vouch By Reference (VBR)
RFC 6577 Sender Policy Framework (SPF)
RFC 7281 Authentication-Results Registration for S/MIME
RFC 7293 The Require-Recipient-Valid-Since Header Field
RFC7489 DMARC

Here's what the draft currently says about different methods:

  At the time of publication of this document, the following are
  published, domain-level email authentication methods in common use:

  o  Author Domain Signing Practices ([ADSP])
  o  SMTP Service Extension for Authentication ([AUTH])
  o  DomainKeys Identified Mail Signatures ([DKIM])
  o  Sender Policy Framework ([SPF])
  o  Vouch By Reference ([VBR])
  o  reverse IP address name validation ("iprev", defined in Section 3)

   In addition, the following are non-standard methods recognized by
   this specification that are no longer common:

  o  DomainKeys ([DOMAINKEYS]) (Historic)
  o  Sender ID ([SENDERID]) (Experimental)

I think the list misses DMARC, S/MIME and RRVS.  I also question the 
description of ADSP and VBR as "common".  Additionally, ADSP is historic.

Instead of getting into a bike shed discussion about what's common and how can 
we tell, what about something like this:

  At the time of publication of this document, the following are
  published, authentication methods:

  o  Author Domain Signing Practices ([ADSP]) (Historic)
  o  Domain-based Message Authentication,  Reporting and Conformance ([DMARC])
  o  DomainKeys ([DOMAINKEYS]) (Historic)
  o  DomainKeys Identified Mail Signatures ([DKIM])
  o  reverse IP address name validation ("iprev", defined in Section 3)
  o  Require-Recipient-Valid-Since Header Field and SMTP Service Extension
       ([RRVS])
  o  SMTP Service Extension for Authentication ([AUTH])
  o  Sender ID ([SENDERID]) (Experimental)
  o  Sender Policy Framework ([SPF])
  o  S/MIME Signature Verification [SMIME-REG]
  o  Vouch By Reference ([VBR])

None of these are marked deprecated in the registry:

http://www.iana.org/assignments/email-auth/email-auth.xhtml

As a result, I don't think we should treat them differently in the text beyond 
noting the status of the relevant RFC.

Scott K

v2.23.0 | Report a Bug | By Email