Re: [Asrg] seeking comments on new RMX article

"Alan DeKok" <aland@freeradius.org> Wed, 07 May 2003 13:07 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA29128 for <asrg-archive@odin.ietf.org>; Wed, 7 May 2003 09:07:57 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h47DGuG14753 for asrg-archive@odin.ietf.org; Wed, 7 May 2003 09:16:56 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h47DGu814750 for <asrg-web-archive@optimus.ietf.org>; Wed, 7 May 2003 09:16:56 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA29113; Wed, 7 May 2003 09:07:27 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DOfr-00011W-00; Wed, 07 May 2003 09:09:31 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19DOfr-00011T-00; Wed, 07 May 2003 09:09:31 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h47D61813183; Wed, 7 May 2003 09:06:01 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h47D3R813041 for <asrg@optimus.ietf.org>; Wed, 7 May 2003 09:03:27 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA28537 for <asrg@ietf.org>; Wed, 7 May 2003 08:53:58 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DOSp-0000sh-00 for asrg@ietf.org; Wed, 07 May 2003 08:56:03 -0400
Received: from giles.striker.ottawa.on.ca ([192.139.46.36] helo=mail.nitros9.org ident=root) by ietf-mx with esmtp (Exim 4.12) id 19DOSo-0000se-00 for asrg@ietf.org; Wed, 07 May 2003 08:56:03 -0400
Received: from localhost ([127.0.0.1] helo=giles.striker.ottawa.on.ca ident=aland) by mail.nitros9.org with esmtp (Exim 3.34 #1) id 19DOeY-0007Rt-00 for asrg@ietf.org; Wed, 07 May 2003 09:08:10 -0400
From: Alan DeKok <aland@freeradius.org>
To: asrg@ietf.org
Subject: Re: [Asrg] seeking comments on new RMX article
In-Reply-To: Your message of "Tue, 06 May 2003 23:23:18 PDT." <22331.1052288598@kanga.nu>
Message-Id: <E19DOeY-0007Rt-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 07 May 2003 09:08:10 -0400

J C Lawrence <claw@kanga.nu> wrote:
> > Each domain configures its own RMX records, on its own name servers,
> > to authenticate its own outgoing mail.  
> 
> Right, with the implicit assumption that each domain validly controls
> all mail sent in its name, or has reasonable control and expectation
> that it can or even should be able to control all mail sent in its name.
> I find those assumptions to be unsupportable and destructive.

  Nonsense.  It's not about control, it's about consent.

  When you receive a message with an envelope 'from' in a domain, has
that domain consented to the use of it's name?  Right now, we don't
know.  With something like RMX, the owners of that domain can make
their consent explicit.

  Your objections appear to be based on the idea that establishing
consent is a bad thing.  Further, you appear to be claiming that a
domain does NOT control the use of it's name (i.e. mail sent in it's
name), and that there's no reason why it should.

  Stated that way, your objections appear ..., well, surprising.

> > There is no new central authority.  
> 
> Sure there is, you're naming the holders of the DNS keys as the central
> authority for the domain.  Not good.

  So the people controlling DNS for a domain are NOT, in fact,
authorized to make any statements about the domain.  They're not
authorized to set up RMX records, and most likely also not authorized
to set up existing MX records.  If that's true, why the heck are they
controlling DNS?

  Is this really your position?  The people controlling MX records do
not have authority to add RMX records?

  I think you'll understand that I'm a little confused by what you're
saying.

> DNS, as a system, is external to the edge nodes that generate mail.

  The proponents of RMX have specifically and repeatedly addressed the
interactions of "edge nodes that generate mail" with RMX, and thus
DNS.  Please go back and read those statements before repeating
objections which have already been addressed.

  Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg