Re: Appeal: Publication of draft-lyon-senderid-core-01 in conflict with referenced draft-schlitt-spf-classic-02
"william(at)elan.net" <william@elan.net> Wed, 14 December 2005 17:42 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EmaeS-0000s0-0x; Wed, 14 Dec 2005 12:42:52 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EmaeQ-0000qV-7e for ietf@megatron.ietf.org; Wed, 14 Dec 2005 12:42:50 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA00283 for <ietf@ietf.org>; Wed, 14 Dec 2005 12:41:43 -0500 (EST)
Received: from sokol.elan.net ([216.151.192.200]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EmafW-00012B-Vc for ietf@ietf.org; Wed, 14 Dec 2005 12:43:59 -0500
Received: from sokol.elan.net (sokol [127.0.0.1]) by sokol.elan.net (8.13.1/8.13.1) with ESMTP id jBEHgdYj016862; Wed, 14 Dec 2005 09:42:39 -0800
Received: from localhost (william@localhost) by sokol.elan.net (8.13.1/8.13.1/Submit) with ESMTP id jBEHgcgC016859; Wed, 14 Dec 2005 09:42:39 -0800
X-Authentication-Warning: sokol.elan.net: william owned process doing -bs
Date: Wed, 14 Dec 2005 09:42:38 -0800
From: "william(at)elan.net" <william@elan.net>
To: Douglas Otis <dotis@mail-abuse.org>
In-Reply-To: <1134578214.5110.83.camel@bash.adsl-64-142-13-68>
Message-ID: <Pine.LNX.4.62.0512140838560.6721@sokol.elan.net>
References: <200512092141.NAA00720@gra.isi.edu> <x4fyp1n5xs.fsf@footbone.schlitt.net> <tslbqznbcem.fsf@cz.mit.edu> <x48xuqksa1.fsf@footbone.schlitt.net> <1134489989.5110.47.camel@bash.adsl-64-142-13-68> <439F0E4C.1493@xyzzy.claranet.de> <x4slswke7k.fsf@footbone.schlitt.net> <F7153948-7108-4DC0-B89E-F8B4A19CCCC1@mail-abuse.org> <Pine.LNX.4.62.0512131325560.6721@sokol.elan.net> <1134578214.5110.83.camel@bash.adsl-64-142-13-68>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 00e94c813bef7832af255170dca19e36
Cc: ietf@ietf.org, wayne <wayne@schlitt.net>
Subject: Re: Appeal: Publication of draft-lyon-senderid-core-01 in conflict with referenced draft-schlitt-spf-classic-02
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
On Wed, 14 Dec 2005, Douglas Otis wrote: > Actually there was case that came close to this limit by an access > provider, but was rewritten into CIDR notation to reduce the number of > records, increasing their chances for error. At the email > authentication summit in NY, there was a large company that complained > they could still not fit into this large limit. DNS is well designed to > resolve host names and sub-sets of hosts for a domain. SPF wants this > to always be a complete set, even for multiple domains. Nobody said it wants to be complete set and that all possible ip addresses must be entered in one spf record of 512 bytes as ip ranges (although clearly this can be achieved with majority of domains). And there are in fact people at SPF that believe that it should be more properly layered and it is desirable to list mx and host names and then those are resolved to ip address by A lookup (i.e. like CSV) even though that causes 2 lookups instead of just one. >> Funny how you forget to mention that what is called BATV was invented >> by people working on SPF - at first as advanced version of SRS, which >> was thereafter released as SES [1] and anybody with technical knowledge >> will quickly see that BATV basically implements subset of SES (although >> I agree that is the more useful subset of that proposal). > > The idea of tagging the Return-path was not invented by the SPF group. > Something like VERP could be an example. It would be incorrect to > describe the simplicity of BATV as having a genesis from the SPF group. > RFC2304 could be called the genesis for the idea. : ) I did not say "tagged" return path - certainly VERP is predecessor to SRS in that idea. I did say encrypted address, i.e. using private (or public) encryption scheme to create custom "tag" for use in return-path - this is what SES is about and what BATV afterward used as well. > BATV would be the correct choice in my view. SES attempts the same > everything and the kitchen-sink complexity that could be seen as the > hallmark of SPF, which also makes SPF with its problems an integral > component. The difference is purely semantic in different formats for return-path tag. Thereafter you have a choice of which schemes to use which BATV does not describe in the draft at all and SES describes in quite a bit of detail but in practice if you don't want to use particular scheme, you dont have to (as far as I know most people who use SES are doing similar with HMAC private scheme as what one person using BATV does). And BTW as I mentioned similar also applies for its use, SES can be used independent of SPF implemented on the sender site only processing incoming bounces, 100% same as BATV. But it can also [optionally] be implemented as external service [again optionally] integrated with SPF. These are all extra functionality one does not have to use if he/she does not want to. What is clear to me is that SES people did not publish their spec right and should have separated it into several documents - one describing MAILFROM tag semantics [doc 100% equivalent to BATV] and then couple documents describing signature schemes and then document describing public dns validation service and another one for special alternative udp validation. I told them as much and as you know at some point tried to advocate that BATV and SES work together because I thought BATV has done a good job on writing semantics draft already (which could be made compatible with everything else with just few changes), where as SES have done fairly good job describing other details for cryptographic signature generation, etc. Unfortunately neither group had any serious interest in working together. And as far as my opinion using BATV/SES together with SPF makes more sense - both in reducing computation cryptographic computation when it does not have to be used and also because by itself BATV/SES are easily suspectable to a replay attack. -- William Leibzon Elan Networks william@elan.net _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
- Appeal: Publication of draft-lyon-senderid-core-0… Julian Mehnle
- Re: Appeal: Publication of draft-lyon-senderid-co… Harald Tveit Alvestrand
- Re: Appeal: Publication of draft-lyon-senderid-co… Bill Sommerfeld
- Re: Appeal: Publication of draft-lyon-senderid-co… Ned Freed
- Re: Appeal: Publication of draft-lyon-senderid-co… Bill Sommerfeld
- Re: Appeal: Publication of draft-lyon-senderid-co… Dave Crocker
- Re: Appeal: Publication of draft-lyon-senderid-co… Spencer Dawkins
- Re: Appeal: Publication of draft-lyon-senderid-co… Stephane Bortzmeyer
- Re: Appeal: Publication of draft-lyon-senderid-co… Theodore Ts'o
- Re: Appeal: Publication of draft-lyon-senderid-co… Douglas Otis
- Re: Appeal: Publication of draft-lyon-senderid-co… Julian Mehnle
- Re: Appeal: Publication of draft-lyon-senderid-co… Julian Mehnle
- Re: Appeal: Publication of draft-lyon-senderid-co… Andrew Newton
- Re: Appeal: Publication of draft-lyon-senderid-co… Stephane Bortzmeyer
- Re: Appeal: Publication of draft-lyon-senderid-co… Andrew Newton
- Re: Appeal: Publication of draft-lyon-senderid-co… Andrew Newton
- RE: [spf-discuss] Re: Appeal: Publication of draf… Hallam-Baker, Phillip
- Re: [spf-discuss] Re: Appeal: Publication of draf… Sam Hartman
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Julian Mehnle
- Re: [spf-discuss] Re: Appeal: Publication of draf… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Julian Mehnle
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: [spf-discuss] Re: Appeal: Publication of draf… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- RE: Appeal: Publication of draft-lyon-senderid-co… Thomas Gal
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Bruce Lilly
- Is it necessary to go through Standards Track to … C. M. Heard
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Scott W Brim
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… Douglas Otis
- Re: [spf-discuss] Re: Appeal: Publication of draf… Dotzero
- RE: [spf-discuss] Re: Appeal: Publication of draf… Jeff Macdonald
- Re: [spf-discuss] Re: Appeal: Publication of draf… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… Douglas Otis
- Re: Appeal: Publication of draft-lyon-senderid-co… Brian E Carpenter
- Re: Appeal: Publication of draft-lyon-senderid-co… Brian E Carpenter
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Pekka Savola
- Re: Appeal: Publication of draft-lyon-senderid-co… william(at)elan.net
- Re: Appeal: Publication of draft-lyon-senderid-co… Julian Mehnle
- Re: [spf-discuss] Re: Appeal: Publication of draf… Dick St.Peters
- Re: [spf-discuss] Re: Appeal: Publication of draf… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Julian Mehnle
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… Dick St.Peters
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: [spf-discuss] Re: Appeal: Publication of draf… william(at)elan.net
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… Sam Hartman
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: [spf-discuss] Re: Appeal: Publication of draf… william(at)elan.net
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Bob Braden
- Re declare SPF and Sender-ID to be Informational John Levine
- Re: Re declare SPF and Sender-ID to be Informatio… Dave Crocker
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Re declare SPF and Sender-ID to be Informatio… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: Re declare SPF and Sender-ID to be Informatio… John Levine
- Re: Re declare SPF and Sender-ID to be Informatio… Brian E Carpenter
- Re: declare SPF and Sender-ID to be Informational Frank Ellermann
- Individual submissions and Informational RFCs wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Sam Hartman
- Re: Individual submissions and Informational RFCs John C Klensin
- Re: Individual submissions and Informational RFCs Harald Tveit Alvestrand
- Re: Individual submissions and Informational RFCs wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Sam Hartman
- Last call IETF experiments (was: Appeal ....) Frank Ellermann
- Re: Last call IETF experiments Frank Ellermann
- Re: Last call IETF experiments (was: Appeal ....) John C Klensin
- Re: Last call IETF experiments Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… Douglas Otis
- Re: Appeal: Publication of draft-lyon-senderid-co… Frank Ellermann
- Re: Appeal: Publication of draft-lyon-senderid-co… wayne
- Re: Appeal: Publication of draft-lyon-senderid-co… Keith Moore
- Re: Appeal: Publication of draft-lyon-senderid-co… Douglas Otis
- Re: Appeal: Publication of draft-lyon-senderid-co… william(at)elan.net
- Re: Appeal: Publication of draft-lyon-senderid-co… Douglas Otis
- Re: Appeal: Publication of draft-lyon-senderid-co… william(at)elan.net
- SES or BATV (was: Publication of draft-lyon-sende… Frank Ellermann
- SES vs BATV Douglas Otis
- Re: Last call IETF experiments Sam Hartman
- Re: Publication of draft-lyon-senderid-core-01 in… Douglas Otis
- Re: Last call IETF experiments Frank Ellermann
- Re: Publication of draft-lyon-senderid-core-01 in… Frank Ellermann