RE: [Asrg] CRI Header

Yakov Shafranovich <research@solidmatrix.com> Sun, 15 June 2003 21:45 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA11616 for <asrg-archive@odin.ietf.org>; Sun, 15 Jun 2003 17:45:49 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5FLjMi28321 for asrg-archive@odin.ietf.org; Sun, 15 Jun 2003 17:45:22 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5FLjMm28318 for <asrg-web-archive@optimus.ietf.org>; Sun, 15 Jun 2003 17:45:22 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA11602; Sun, 15 Jun 2003 17:45:18 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19RfHG-0005VA-00; Sun, 15 Jun 2003 17:43:06 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19RfHG-0005V7-00; Sun, 15 Jun 2003 17:43:06 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5FFd1a07249; Sun, 15 Jun 2003 11:39:01 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5FFcgm07236 for <asrg@optimus.ietf.org>; Sun, 15 Jun 2003 11:38:42 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA04652 for <asrg@ietf.org>; Sun, 15 Jun 2003 11:38:40 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19RZYS-00043z-00 for asrg@ietf.org; Sun, 15 Jun 2003 11:36:28 -0400
Received: from 000-249-011.area7.spcsdns.net ([68.27.212.92] helo=68.27.212.92) by ietf-mx with smtp (Exim 4.12) id 19RZYQ-00043t-00 for asrg@ietf.org; Sun, 15 Jun 2003 11:36:27 -0400
Message-Id: <5.2.0.9.2.20030615113752.00bb7318@solidmatrix.com>
X-Sender: research@solidmatrix.com
X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9
To: "Eric D. Williams" <eric@infobro.com>, Eric Dean <eric@purespeed.com>, "asrg@ietf.org" <asrg@ietf.org>
From: Yakov Shafranovich <research@solidmatrix.com>
Subject: RE: [Asrg] CRI Header
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-MimeHeaders-Plugin-Info: v2.03.00
X-GCMulti: 1
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Sun, 15 Jun 2003 11:37:53 -0400

So I am assuming that you will be adding extensibility requirements as part 
of the requirements draft you are working on?

At 11:48 PM 6/14/2003 -0400, Eric D. Williams wrote:

>This message intends to address the issue raised concerning this statement:
>
>'Another very important point, is the need to define the CRI protocol as
>extensible. We need to provide space for implementors to add their own 
>features
>such as hash cash, digital signatures, etc.'
>
>This is a SHOULD part of the broader requirement.  Sorry if that was unclear.
>  I am getting back up to speed after a few days, only this message left 
> to go
>;-).
>
>-e
>
>On Saturday, June 14, 2003 11:07 PM, Yakov Shafranovich
>[SMTP:research@solidmatrix.com] wrote:
> > Can you be more specific as to which part of the CRI proposal you were
> > referring to?
> >
> > At 10:58 PM 6/14/2003 -0400, Eric D. Williams wrote:
> >
> > >Currently this is the 'requirement' - it is being slightly modified 
> per Paul
> > >Judge's inputs.
> > >
> > >2.9 Goal Oriented Solution
> > >
> > >  The proposal SHOULD provide a carefully drafted scope of its
> > >  goals and its effectiveness at addressing those goals. Systems
> > >  SHOULD consider how they interoperate with other [anti-spam] systems.
> > >
> > >-e
> > >
> > >On Monday, June 09, 2003 12:22 PM, Yakov Shafranovich
> > >[SMTP:research@solidmatrix.com] wrote:
> > > > At 05:09 PM 6/8/2003 -0400, Eric Dean wrote:
> > > >
> > > >
> > > > >Maybe I'm a minimalist, but I'm not sure where 998 characters is a
> > > limit for
> > > > >CRI.  Hell, I'm not even concerned about the 78 characters that are
> > > > >"preferred".
> > > > >
> > > > >I would prefer not including hash cash, digital sigs, etc within a CRI
> > > > >model.  I'd prefer to keep it simple.  that's not to say that these
> > > > >additional capabilities are not warranted nor provide additional
> > > value.  In
> > > > >fact, they may be of such value that they can stand alone.
> > > >
> > > > Should we be building in an extension mechanism that would allow for
>that?
> > > >
> > > > SMTP for example is a simple protocol, but has an extension mechanism
> > > > which
> > > > allows for a lot more complex stuff.
> > > >
> > > > >Regarding SMTP mods..I think we should reserve that concept and 
> develop
> > > > >it
> > > > >within a subsequent version...but rather focus and define what's
> > > > >currently
> > > > >at hand.  There are a few dozen C/R system that could benefit from an
> > > > >interworking model
> > > >
> > > > Agreed.
> > > >
> > > > > > Now that the issue on the RFC 2822 headers is settled, I would like
> > > > > > to
> > > > > > bring up the issue of MIME and SMTP for CRI. Like I pointed out
> > > > > > before, in
> > > > > > my opinion the CRI protocol should utilize both RFC 2822 and MIME
> > > > > > headers,
> > > > > > with optional SMTP negotiation. In certain instances, like Vernon
> > > stated,
> > > > > > MIME headers would have to be used when large amounts of data
> > > > > > (larger than
> > > > > > the 998 character limit of RFC 2822 headers) need to be 
> transferred.
> > > > > > Examples would be C/R systems transferring digital certificate
> > > chains and
> > > > > > replying with a single challenge/response message for multiple
> > > > > > recipients.
> > > > > > Additionally, SMTP CRI via some ESMTP extension would be useful
> > > > > > in certain
> > > > > > cases.
> > > > > >
> > > > > > Another very important point, is the need to define the CRI 
> protocol
> > > > > > as
> > > > > > extensible. We need to provide space for implementors to add their
> > > > > > own
> > > > > > features such as hash cash, digital signatures, etc.
> > > > > >
> > > > > > Yakov
> > > > > >
> > > > > >
> > > > > > At 10:47 AM 6/8/2003 -0400, Eric Dean wrote:
> > > > > >
> > > > > > >I'm pretty sure that it's clear we should move forward with
> > > > > > proposing a new
> > > > > > >RFC2822 header.  If a BOF wants to throw an X in front of it,
> > > > > > then so be it.
> > > > > > >I'll proceed br producing a draft with real 2822-type headers.
> > > > > > >
> > > > > > >However, if someone out there is interested, we could interoperate
> > > > > > >in
> > > > > > >the
> > > > > > >meantime using X or optional headers as well as with proposed
> > > > > > 2822 headers
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Eric D. Williams [mailto:eric@infobro.com]
> > > > > > > > Sent: Saturday, June 07, 2003 11:11 PM
> > > > > > > > To: 'Yakov Shafranovich'; 'Eric Dean'; asrg@ietf.org
> > > > > > > > Subject: RE: [Asrg] CRI Header
> > > > > > > >
> > > > > > > >
> > > > > > > > On Thursday, June 05, 2003 10:57 AM, Yakov Shafranovich
> > > > > > > > [SMTP:research@solidmatrix.com] wrote:
> > > > > > > > > At 11:15 PM 6/4/2003 -0400, Eric D. Williams wrote:
> > > > > > > > >
> > > > > > > > > >On Wednesday, June 04, 2003 3:54 PM, Eric Dean
> > > > > > > > [SMTP:eric@purespeed.com]
> > > > > > > > > >wrote:
> > > > > > > > > >8<...>8
> > > > > > > > > > > ok..optional headers or do we introduce a new one?  There
> > > > > > > > isn't an RFC
> > > > > > > > > > > 2822
> > > > > > > > > > > registration process that I am aware of.
> > > > > > > > > >
> > > > > > > > > >IMHO the question at this stage is 'optional headers or the
> > > > > > > > introduction
> > > > > > > > > >of an
> > > > > > > > > >new one?  Would a comparable RFC 2822 header field be as
> > > > > > effective?'
> > > > > > > > > >[..]
> > > > > > > > >
> > > > > > > > > Both an "X-CRI" and "CRI" headers should be defined. Until
> > > > > > the standard
> > > > > > > > > gets approved, the "X-" headers will be used, once the 
> standard
> > > > > > > > is approved
> > > > > > > > > then both the "X-CRI" and "CRI" headers are used. This is
> > > > > > similar to the
> > > > > > > > > HTTP protocol where both "gzip" and "x-gzip" are used to
> > > > > > indicate gzip
> > > > > > > > > encoding (RFC 2616, section 3.5).
> > > > > > > >
> > > > > > > > I understand that, thanks.  But the issue I was trying to
> > > > > > > > interpose is that
> > > > > > > > perhaps the consideration of which would be more effective for
> > > > > > > > the proposal is
> > > > > > > > the type of question that should be asked at this state.
> > > > > > > >
> > > > > > > > -e
> > > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >_______________________________________________
> > > > >Asrg mailing list
> > > > >Asrg@ietf.org
> > > > >https://www1.ietf.org/mailman/listinfo/asrg

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg