Re: [apps-discuss] WGLC on draft-ietf-appsawg-rfc5451bis-00

Alessandro Vesely <vesely@tana.it> Thu, 16 May 2013 15:22 UTC

Return-Path: <vesely@tana.it>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF5DA21F90B3 for <apps-discuss@ietfa.amsl.com>; Thu, 16 May 2013 08:22:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.519
X-Spam-Level:
X-Spam-Status: No, score=-3.519 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, J_CHICKENPOX_54=0.6, J_CHICKENPOX_62=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lZWPJClH4xuh for <apps-discuss@ietfa.amsl.com>; Thu, 16 May 2013 08:22:22 -0700 (PDT)
Received: from wmail.tana.it (mail.tana.it [62.94.243.226]) by ietfa.amsl.com (Postfix) with ESMTP id 3195F21F8FDD for <apps-discuss@ietf.org>; Thu, 16 May 2013 08:22:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=beta; t=1368717735; bh=xD+BkjwcDFY3V//maoF7wu0VNDXsLBxNcwr5LbIxyCE=; l=1647; h=Date:From:To:CC:References:In-Reply-To; b=StK4QfGpSCBc50BGXBjpPiQacUy3ks+gyOUs2qBc2nwK4eBSa9erklwt2oAdnjHkk FSFnGzQEuVF2/JmrOH33uezzkfA2Yp0+YCUbMGDLmo5ees2hEeJXkzbmayBCNt3j9G sSwcw9MTKqpEemfsU6qSmpBOEBVYUBR6uomb7xxU=
Authentication-Results: tana.it; auth=pass (details omitted)
Received: from [172.25.197.156] (printer.tana [172.25.197.156]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by wmail.tana.it with ESMTPSA; Thu, 16 May 2013 17:22:15 +0200 id 00000000005DC02B.000000005194F9A7.00002702
Message-ID: <5194F9A7.8090003@tana.it>
Date: Thu, 16 May 2013 17:22:15 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: "Murray S. Kucherawy" <superuser@gmail.com>
References: <6.2.5.6.2.20130503141649.0d8252f0@elandnews.com> <51923CFB.8090702@isode.com> <CAL0qLwbF3CUfChe9C2yASW_FaOtEQwVA7+vyrU2OKpXbdXzZyw@mail.gmail.com> <67D63FBF-D54E-4C99-9A5C-F74FDD635226@isode.com> <CAL0qLwYWfUcBA7UkQFPuxxQGbM3C0wR58jysaTS5ynALSjeQBA@mail.gmail.com> <5194DE26.1000702@tana.it> <CAL0qLwbHKgDE913UfXmG7RJ+OQX5Pm9FdpKrAh35W-c=UDYF6A@mail.gmail.com>
In-Reply-To: <CAL0qLwbHKgDE913UfXmG7RJ+OQX5Pm9FdpKrAh35W-c=UDYF6A@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: Sam Varshavchik <mrsam@courier-mta.com>, IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] WGLC on draft-ietf-appsawg-rfc5451bis-00
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2013 15:22:36 -0000

On Thu 16/May/2013 16:27:00 +0200 Murray S. Kucherawy wrote:
> On Thu, May 16, 2013 at 6:24 AM, Alessandro Vesely <vesely@tana.it> wrote:
> 
>> One is the DNS White List (dnswl) method, used by Courier (mentioned
>> in Appendix E).  It writes:
>>
>>   Authentication-Results: wmail.tana.it;
>>       dnswl=pass dns.zone=list.dnswl.org
>>       policy.ip=127.0.9.1
>>       policy.txt="ietf.org http://dnswl.org/s?s=1703"
>>
>> Since it was me who suggested to use Authentication-Results, I think
>> it's up to me to register that.  I'm waiting for this I-D to get
>> published so as to avail of Designated Expert rather than IETF review.
>
> To be consistent with the other registered methods, the policy.ip and
> policy.txt things wouldn't be included.  A-R is meant to provide results
> and return details of what visible parts of a message were evaluated (e.g.,
> header fields, SMTP properties).  The client IP isn't one of those, nor is
> resulting text.

That's not a client IP, but the return value of the lookup.  Passing
that value to downstream filters is the whole point of adding this
header field, otherwise it would have to be looked up again.  Details
such as DKIM's key length, IMHO, are often in a comment because they
are of minor importance, not because they are not a visible part of
the message.)

The policy.txt is important as it contains a domain name.  Albeit A-R
is not intended to be restricted to domain-based authentication,
that's by far the most common case, a granularity that was settled
many years ago.  By indicating a "somewhat responsible" entity, the
method is semantically consistent with that strategy.