Re: Macro Expansion

[Pete Resnick <presnick@qti.qualcomm.com>]

Posting as the responsible AD for the document in question.

On 9/18/13 1:20 PM, Douglas Otis wrote:
> Since this was not understood, I'll attempt to clarify.  An effort to keep these conversations fairly concise seems to lead to a level of confusion with those not familiar with DNS.
>    

I'm afraid I'm going to have to end this thread here and now. The 
problem is not that Doug has tried to keep his explanations concise, or 
that people are not familiar with the DNS and therefore confused. The 
latter may or may not be true, but the problem here is precisely that 
Doug has failed to keep things concise and on point. This is not meant 
as an insult to Doug, and I apologize to him publicly just in case he 
feels offended. It is simply the fact that he is unable to clearly and 
concisely explain to others the security problem he believes exists in 
this protocol. For example:

> SPFbis macros inhibit normal caching protections by imposing mechanisms not directly supported by DNS and having targets constructed from email message components.

Doug never explains in this sentence *what* the mechanisms are the 
SPFbis macros are using, he never explains *in what way* those 
mechanisms are not supported by the DNS, he never explains *how* use of 
these mechanisms inhibits caching, and never gives an example of *how* 
the targets (I presume attack targets) are constructed.

After a long conversation with Doug, I *think* I may understand what 
he's raising. I *suspect* the issue could be addressed by a sentence or 
two added to 11.5.3 or, more likely, to the third and fourth bullet of 
11.1. But I'm not sure, and even after that long conversation, I was 
unable to get a clean explanation of the problem or reasonable text for 
a solution.

So, barring further information, I am simply forced to say that Doug is 
going to be in the rough part of the consensus. If someone else thinks 
they will be able to clearly and concisely characterize the problem and 
propose some text, I welcome such suggestions, though I ask that you 
communicate first with the SPFBIS chairs and/or myself to make sure that 
we all understand the specifics. We are far past the point of 
diminishing returns now, and I do not wish further disruption to either 
the IETF list or the SPFBIS list on this topic.

Again, I intend no insult to Doug, and I again apologize to him for 
having to take this step publicly. I hope, if there is a problem here 
that needs to be noted, that Doug can work with someone else so that we 
can improve the document.

Thanks.

pr

-- 
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478