[dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Draft DMARC working group charter
Jim Fenton <fenton@bluepopcorn.net> Thu, 26 June 2014 17:26 UTC
Return-Path: <fenton@bluepopcorn.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1F051B2BFA for <dmarc@ietfa.amsl.com>; Thu, 26 Jun 2014 10:26:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: YES
X-Spam-Score: 7.348
X-Spam-Level: *******
X-Spam-Status: Yes, score=7.348 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, URIBL_WS_SURBL=10] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nqbZgO4WUXFe for <dmarc@ietfa.amsl.com>; Thu, 26 Jun 2014 10:26:29 -0700 (PDT)
Received: from v2.bluepopcorn.net (v2.bluepopcorn.net [IPv6:2607:f2f8:a994::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FD381B2BF5 for <dmarc@ietf.org>; Thu, 26 Jun 2014 10:26:06 -0700 (PDT)
Received: from [10.10.20.3] (c-50-136-244-117.hsd1.ca.comcast.net [50.136.244.117]) (authenticated bits=0) by v2.bluepopcorn.net (8.14.3/8.14.3/Debian-9.4) with ESMTP id s5QHQ4wS029976 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for <dmarc@ietf.org>; Thu, 26 Jun 2014 10:26:05 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net; s=supersize; t=1403803566; bh=ZPGqWy+fWNTWDLGXrk93Ked3ciKRwuJkt5TC923GhaE=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=jrpds7Sr5eM+790Giek2B0hRRNKBjlXeF7D/as3BbTQV4dRJbiJVfFzw3ZK0puyc5 u2lYnDJNYrsKqWPyB7Q2mtwzpjpE8WrgWlhfVU6Se6bdyQdXeROvFHYVhXf2P2fMug 8fiN9GFAbzz//i8zfTCMbhyhyyRZcIDzPMul/3yk=
Message-ID: <53AC57AC.2050705@bluepopcorn.net>
Date: Thu, 26 Jun 2014 10:26:04 -0700
From: Jim Fenton <fenton@bluepopcorn.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: dmarc@ietf.org
References: <539AE0FB.1090909@bbiw.net> <CAL0qLwa03uEVxoS5oeHctAyTChLyQPQC7KL-pSYUQnLvFMMWMQ@mail.gmail.com> <53A098DB.4090801@bbiw.net> <1EFCC6B6-83CD-4D14-9E8E-B72769764E2B@eudev.net> <alpine.BSF.2.00.1406181126570.78397@medusa.blackops.org> <alpine.BSF.2.00.1406181135010.78397@medusa.blackops.org> <f74dd22a-9b7a-4f90-8031-3060b79092db.maildroid@localhost> <6DA6615A-B1B4-495D-BE7A-C5BA0770A6C8@eudev.net> <53A48DB1.9080706@gmail.com> <CALaySJKjaRPgeJJ5Aofsfo0LtGgHj4KhL_C1PVHdE3T7jk_hNg@mail.gmail.com>
In-Reply-To: <CALaySJKjaRPgeJJ5Aofsfo0LtGgHj4KhL_C1PVHdE3T7jk_hNg@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/dmarc/FX6Ch4gJD4QANnP30Xb1ssHc9h0
Subject: [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Draft DMARC working group charter
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jun 2014 17:26:33 -0000
[removed the SPAM tag from subject] On 06/22/2014 10:44 PM, Barry Leiba wrote: > I'd like to steer the discussion on this list for now: > Dave posted the following message to the list on Friday. > Unfortunately, the list seems to have marked it as spam, and it's not > in the archive. I hope this copy will get into the archive, and to > everyone's mailbox. > > And so: > Let's please stop all the other discussions for now, and say that the > purpose of the <dmarc@ietf.org> mailing list is, for now, to discuss > the charter proposal and converge on a charter for a working group. > > Please have at it. (And please remove me from the CC list when you > reply to this; I subscribe to the list from another email address, and > don't want a separate copy.) > > Barry, Applications AD > > > On Fri, Jun 20, 2014 at 3:38 PM, Dave Crocker <dcrocker@gmail.com> wrote: > Folks, > > Here is some draft text to consider for a DMARC working group charter: > > Working group name: dmarc > Chair(s): > Area and Area Director(s): > Responsible Area Director: > Mailing list: https://www.ietf.org/mailman/listinfo/dmarc > > Description of working group > ---------------------------- > > Domain-based Message Authentication, Reporting & Conformance (DMARC) > extends stable, domain-level validation to the RFC5322.From field. DMARC > builds upon existing mail authentication technologies (SPF and DKIM), > using DNS records to add policy-related requests for receivers and > defining a feedback mechanism from receivers back to domain owners. This > can allow a domain owner to advertise that mail, which does not > authenticate use of the domain name in the From field, can safely > receive differential handling, such as rejection. Existing deployment of > DMARC has demonstrated utility at internet scale, in dealing with > significant email abuse, and has permitted simplifying some mail > handling processes. However, DMARC is problematic for mail that does not > flow from operators having a relationship with the domain owner, > directly to receivers operating the destination mailbox. Examples of > such "indirect" flows are mailing lists, publish-to-friend > functionality, mailbox forwarding (".forward"), and third-party services > that send on behalf of clients. The working group will explore possible > updates and extensions to the specifications in order to address > limitations and/or add capabilities. It will also provide technical > implementation guidance and review possible enhancements elsewhere in > the mail handling sequence that could improve could DMARC compatibility. > > The existing base specification is being submitted as an Independent > Submission to become an Informational RFC. I'm not sure if this belongs in the charter, but in any case I wonder if it creates market confusion to pursue both an Informational Independent Submission and a Standards-track working group RFC. Are there other examples of where that has been done? As a counter-example, note that the publication of DomainKeys (RFC 4870) was delayed until DKIM published to avoid confusion, and there the names were somewhat different. > > The base specification relies on the ability of an email receiver to > determine the organizational domain responsible for sending mail. An > organizational domain is the basic domain name obtained through a public > registry, such as example.com or example.co.uk. While the common > practice is to use a "public suffix" list to determine organizational > domain, it is widely recognized that this solution will not scale, and > that the current list often is inaccurate. The task of defining a > standard mechanism for identifying organizational domain is out of scope > for this working group. However the working group can consider extending > the base DMARC specification to accommodate such a standard, should it > be developed during the life of this working group. I don't see how this can be considered out of scope without a viable alternative. The identification of the Administrative Domain is a normative requirement in DMARC, and if this problem is not solved, the specification will be stuck. Having tried and failed to solve this problem several years ago, I am convinced that this is a very difficult problem. > > Goals and milestones > -------------------- > > Phase I: > > Draft description of interoperability issues and plausible methods > for eliminating or reducing them. This will not include final choices. > > Draft Guide on DMARC Usage > > > Phase II: > > Specification of DMARC improvements to support better > interoperability > > Review and refinement of the DMARC specification Does this include the publication of a standards-track specification? > > Phase III: > > Completion of Guide on DMARC Usage > > > References > ---------- > DMARC - http://dmarc.org > SPF - RFC7208 > DKIM - RFC6376 > Internet Message Format - RFC5322 > OAR / Original Authentication Results - draft-kucherawy-original-authres > Using DMARC - draft-crocker-dmarc-bcp-03 Overall, this seems like a very long and complex charter, although I'm sure someone will find one even longer and more complex. -Jim
- [dmarc-ietf] ***SPAM*** 8 (5) Draft DMARC working… Dave Crocker
- [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- [dmarc-ietf] ***SPAM*** 11.422 (5) Re: Draft DMAR… Barry Leiba
- Re: [dmarc-ietf] Draft DMARC working group charter Alessandro Vesely
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] ***SPAM*** 11.422 (5) Re: Draft … Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Draft D… Jim Fenton
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- [dmarc-ietf] ***SPAM*** 8.001 (5) Re: ***SPAM*** … Murray S. Kucherawy
- [dmarc-ietf] ***SPAM*** 8 (5) Re: Draft DMARC wor… Dave Crocker
- Re: [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Dra… Barry Leiba
- Re: [dmarc-ietf] ***SPAM*** 7.348 (5) Re: Re: Dra… Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter Jim Fenton
- Re: [dmarc-ietf] Draft DMARC working group charter John R Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter J. Trent Adams
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- [dmarc-ietf] Draft DMARC working group charter Tim Draegen
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Tim Draegen
- Re: [dmarc-ietf] Draft DMARC working group charter Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter Mike Jones
- Re: [dmarc-ietf] Draft DMARC working group charter Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Terry Zink
- Re: [dmarc-ietf] Draft DMARC working group charter Brandon Long
- Re: [dmarc-ietf] Draft DMARC working group charter Steven M Jones
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Alessandro Vesely
- Re: [dmarc-ietf] Draft DMARC working group charter Steven M Jones
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Douglas Otis
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Murray S. Kucherawy
- Re: [dmarc-ietf] Draft DMARC working group charter Barry Leiba
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Alessandro Vesely
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Andrew Sullivan
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter John Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Andrew Sullivan
- Re: [dmarc-ietf] Draft DMARC working group charter Dave Crocker
- Re: [dmarc-ietf] Draft DMARC working group charter John R Levine
- Re: [dmarc-ietf] Draft DMARC working group charter Stephen J. Turnbull
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Hector Santos
- Re: [dmarc-ietf] Draft DMARC working group charter Pete Resnick
- Re: [dmarc-ietf] Draft DMARC working group charter Andreas Schulze