Re: I-D ACTION:draft-kucherawy-sender-auth-header-02.txt
Bruce Lilly <blilly@erols.com> Tue, 10 May 2005 01:05 UTC
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j4A15x8M017098; Mon, 9 May 2005 18:05:59 -0700 (PDT) (envelope-from owner-ietf-822@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j4A15xZW017097; Mon, 9 May 2005 18:05:59 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-822@mail.imc.org using -f
Received: from ns1.townisp.com (ns1a.townisp.com [216.195.0.132]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j4A15taQ017088 for <ietf-822@imc.org>; Mon, 9 May 2005 18:05:59 -0700 (PDT) (envelope-from blilly@erols.com)
Received: from mail.blilly.com (dhcp-0-8-a1-c-fa-f7.cpe.townisp.com [216.49.158.220]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "marty.blilly.com", Issuer "Bruce Lilly" (not verified)) by ns1.townisp.com (Postfix) with ESMTP id 1D8102993C for <ietf-822@imc.org>; Mon, 9 May 2005 21:05:51 -0400 (EDT)
Received: from marty.blilly.com (marty.blilly.com [192.168.99.98] (may be forged)) by mail.blilly.com with ESMTP id j4A15mC3017982(8.13.1/8.13.1/mail.blilly.com sendmail.mc.mail 1.23 2005/03/23 20:35:49) (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) ; Mon, 9 May 2005 21:05:48 -0400
Received: from marty.blilly.com (localhost [127.0.0.1]) (authenticated (0 bits)) by marty.blilly.com with ESMTP id j4A15iK7017970(8.13.1/8.13.1/blilly.com submit.mc 1.3 2005/04/08 12:29:31) (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) ; Mon, 9 May 2005 21:05:47 -0400
From: Bruce Lilly <blilly@erols.com>
Reply-To: ietf-822 <ietf-822@imc.org>
Organization: Bruce Lilly
To: ietf-822 <ietf-822@imc.org>
Subject: Re: I-D ACTION:draft-kucherawy-sender-auth-header-02.txt
Date: Mon, 09 May 2005 21:05:27 -0400
User-Agent: KMail/1.8
References: <200505052024.QAA09057@ietf.org> <200505091411.13936.blilly@erols.com> <427FF365.3B56@xyzzy.claranet.de>
In-Reply-To: <427FF365.3B56@xyzzy.claranet.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200505092105.30751.blilly@erols.com>
Sender: owner-ietf-822@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-822/mail-archive/>
List-ID: <ietf-822.imc.org>
List-Unsubscribe: <mailto:ietf-822-request@imc.org?body=unsubscribe>
On Mon May 9 2005 19:33, Frank Ellermann wrote: > > Bruce Lilly wrote: > > > Review of draft-kucherawy-sender-auth-header-02 by B. Lilly > > Is your review tool also available as Web form ? No. It's a set of troff/nroff macros and template that can be used to generate a review document (or one could edit the text version). > Something > like proto-I-D in, death sentence (or whatever) out ? No, it requires human review. > The "idnits webservice" (and related tools like rfcdiff) does > not work from my POV, I get no output, only the "usage" page: > > <http://ietf.levkowetz.com/tools/idnits/idnits.pyht> I just run idnits locally. > > [X] ABNF [R4.RFC2234] > > Somewhat beside the point, but this draft doesn't contain the > string "2234" or "ABNF". It should, since it uses ABNF. Since one needs to understand ABNF and its core rules to understand the draft ABNF (well, maybe if the draft ABNF weren't so badly broken), it should be a normative reference. > And if you check it anyway Scott H. > wants us to use the new 2234bis in the References. A normative reference would hold up publication, as the 2234 successor isn't yet a published RFC. > > 20:0: error: Empty rule > > 22:0: error: Empty rule > > > Clearly, the "ABNF" is badly broken. > > That's not helpful, so how should we reference terms defined > elsewhere ? a) use a term defined elsewhere, including the source as a normative reference. or b) write the necessary ABNF. It's not rocket science. Note that according to the IETF "I-D Checklist" http://www.ietf.org/ID-Checklist.html "All ABNF must be checked". Foisting unchecked broken "ABNF" on reviewers is a waste of time. > > [X] None of the above. > > Is that your personal opinion or idnits output ? My opinion, based on what I see (my guess is that the concept is so incompatible with the Internet Architecture and the reality of SMTP and the message format that it should be withdrawn; but I stopped short of saying so in case there's some merit lurking somewhere behind the broken ABNF and formatting). > > [X] missing or inadequate IANA considerations > > = missing 3864 header registration form at least. Probably also keyword registries. Possibly some discussion of private-use/experimental keywords and non-registration of same. > > [X] incompatible with the Internet Architecture > > If that's American humour please add an I18N version. Not humor, see the specific references to RFC 1958, end-to-end issues, and lack of transitive trust. > > Trust needs to be end-to-end. > > No. If you can partition the net into "ours" and "not-ours", > and find an imaginary border between these partitions along the > lines of "our MX", then you can reduce this admittedly simple > check to the hop from the last "not ours" to the first "ours" > MTA, The concept is known as MX. Provides no useful information; "it came from somewhere". If all received mail is local '"ours"' (and header content is trusted), then any spam is a purely local problem. Conversely w/o an end-to-end mechanism, all one can say about non-local content is that it's not local '"not-ours"'. > > there exist domain names which have no corresponding IP > > addresses. > > So what ? So the domain name in an SMTP HELO or ESMTP EHLO might not correspond to the IP address of the SMTP client. Nothing suitable for authentication there. Ditto for the domain part of reverse paths. > The last MTA used on the "not ours" side has an IP. So what? "it came from somewhere". No unsigned content from there (in particular, any plaintext assertions of prior authentication) is trustworthy. > > SMTP transfer does not alter content except for addition of > > time-stamp fields (a.k.a. Received fields), and (at "final" > > delivery) a Return-Path field. > > Obviously this draft proposes a new trace header field. No, it's more serious than that. The draft proposes *deletion* of message header content, which does not now happen (other than at gateways). Worse, it leaves such deletion optional (MAY), making it unpredictable whether or not such content might make it through transport [requiring deletion would break backwards compatibility with the entire installed SMTP base, so I suspect that there's no way to salvage this proposal]. > > modification of message header content in transit. > > In other words it adds a header field, but does not modify any > existing header field. No, see above. > > [X] [R57.Errata] > > That's a dubious source, I've tested it two times, and so far > nothing happened (after an inquiry I got the confirmation that > they got it for the first). There exist errata for many of the documents suggested for consultation (e.g. 2234). > Try to make these reviews shorter, e.g. remove anything that's > clearly not applicable. Noted. > You managed to reference your own I-D, > therefore you could do the same with 2234bis or taobis. Most of the references are approved BCP, FYI, STD or RFCs. Mere drafts (e.g. "2234bis") are less desirable where there is a suitable stable reference.
- Re: ABNF, and miscellany Bruce Lilly
- Re: ABNF Dave Crocker
- Re: ABNF Frank Ellermann
- Re: ABNF Bruce Lilly
- Re: ABNF Dave Crocker
- Re: ABNF Charles Lindsey
- Re: ABNF, and miscellany Frank Ellermann
- Re: ABNF, and miscellany Bill Fenner
- Re: ABNF, and miscellany Arnt Gulbrandsen
- Re: ABNF, and miscellany Bruce Lilly
- Re: ABNF, and miscellany Frank Ellermann
- Re: ABNF, and miscellany Frank Ellermann
- Re: ABNF, and miscellany Bruce Lilly
- Re: ABNF, and miscellany william(at)elan.net
- Re: ABNF, and miscellany Bruce Lilly
- Re: ABNF Bruce Lilly
- Re: ABNF Bruce Lilly
- Re: ABNF, and miscellany Frank Ellermann
- Re: ABNF, and miscellany Frank Ellermann
- Re: ABNF, and miscellany Bruce Lilly
- Re: ABNF, and miscellany Bill Fenner
- Re: ABNF, and miscellany Frank Ellermann
- Re: ABNF Dave Crocker
- Re: ABNF ned+ietf-822
- Re: ABNF, and miscellany Keith Moore
- Re: ABNF, and miscellany Bruce Lilly
- Re: ABNF Bruce Lilly
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… ned+ietf-822
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Keith Moore
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Frank Ellermann
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Bill Fenner
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Bruce Lilly
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Frank Ellermann
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Bruce Lilly
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Frank Ellermann
- Re: I-D ACTION:draft-kucherawy-sender-auth-header… Bruce Lilly