Re: "why I quit writing internet standards"
Hector Santos <hsantos@isdg.net> Sun, 20 April 2014 19:44 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D5B31A0007 for <ietf@ietfa.amsl.com>; Sun, 20 Apr 2014 12:44:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.602
X-Spam-Level:
X-Spam-Status: No, score=-100.602 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 38PJPr_PHWkZ for <ietf@ietfa.amsl.com>; Sun, 20 Apr 2014 12:44:00 -0700 (PDT)
Received: from news.winserver.com (secure.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 2D1EC1A0002 for <ietf@ietf.org>; Sun, 20 Apr 2014 12:43:59 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=1895; t=1398023028; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=wTrMAII3dpERXB2eHoHIDXBK/rA=; b=wlS7/TM0BH5U/WpkKwj1 rub98qBbNMTs80AVd2EQvBarYeZHo6xAwm21xpdoyYoYslloJ7xWsq8mj1cGM+Xk e1qibFpENl1n0MaZ6r0qy00fJ/aILK2Vr3nHhqyQwrM8KeQbFgbjGYOVlbxnxyy3 E4soLZiu1w7mZeNuaoLFhqk=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Sun, 20 Apr 2014 15:43:48 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from hector.wildcatblog.com (opensite.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 1131599974.9381.1388; Sun, 20 Apr 2014 15:43:47 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=1895; t=1398022953; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=MqNkUTh +Sfk+GFi3eKjhslSM1R0AUFZ+uNC8TxUGWLo=; b=zLYI+wn89jRzmhdJxFgmCBy Y5C4VVkcLVfRRqTVrzsbxCH2jzIPs+DKMX9IkWq4XpfxOwMdQK5KhID88su63s85 rhBBTbGW9FswpwKTEdFb2BXvgE5B64i9wDIoEG6k0VotcN9KlL5QFiq7B6gTkDIt EWid6nZ6g98hxSYNocAk=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Sun, 20 Apr 2014 15:42:32 -0400
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 1151128984.9.10960; Sun, 20 Apr 2014 15:42:32 -0400
Message-ID: <53542370.9040409@isdg.net>
Date: Sun, 20 Apr 2014 15:43:44 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Douglas Otis <doug.mtview@gmail.com>, Dave Crocker <dcrocker@bbiw.net>
Subject: Re: "why I quit writing internet standards"
References: <CF71721A.180A9%wesley.george@twcable.com> <534C067D.8080506@meetinghouse.net> <CAL0qLwa5CRwxn0V=7D84KFv9K_u5W5L+PPUXc3KPkD0YHkNo1w@mail.gmail.com> <4756885.Eo3b3po9Vj@scott-latitude-e6320> <5353FEF7.2060708@bbiw.net> <AB5D3900-BB09-4C4A-B52C-46349C086927@gmail.com>
In-Reply-To: <AB5D3900-BB09-4C4A-B52C-46349C086927@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/E3zZ5NdRfJq69mEeB8z9juGLVMM
Cc: Scott Kitterman <scott@kitterman.com>, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Apr 2014 19:44:05 -0000
On 4/20/2014 2:25 PM, Douglas Otis wrote:
>
> That said, DMARC was never intended to address needs beyond the
>narrow scope of high value transactional email.
And unfortunately, this attitude was always wrong. Hate to say, but "I
told you so." What the design attitude says is this:
If the domain is high value, then only applied policy.
For all others, ignore it.
Well, is is "high value?" How do you distinguish "value" in an
anonymous world? Must everyone have a profile in some Good Reputation
Databases? Fee based? Even if we want this, we are not there yet!!
The seed to all this author domain brush back was born in the
unfortunate RFC5016 DKIM Signing Practice requirements document last
minute addition of item 10 in section 5.3 where it strongly mandates
that a 1st party policy MUST NOT override the 3rd party policy.
RFC 5016, Section 5.3
10. SSP MUST NOT provide a mechanism that impugns the existence of
non-first party signatures in a message. A corollary of this
requirement is that the protocol MUST NOT link practices of first
party signers with the practices of third party signers.
INFORMATIVE NOTE: the main thrust of this requirement is that
practices should only be published for that which the publisher
has control, and should not meddle in what is ultimately the
local policy of the receiver.
Refs: Deployment Consideration, Section 4.3.
Just replace the term SSP for DMARC and you have the same thing. This
is where all the resistance towards author domain policies began with
this written stone functional requirement. This attitude is still
among us. Not saying its completely wrong, but it certainly not right
either. Yahoo proved it for us.
The irony?
Rather than try to honor policy to keep the security high, we are
looking for ways to circumvent it. Ignoring Policy no longer works.
--
HLS
- "why I quit writing internet standards" George, Wes
- Re: "why I quit writing internet standards" David Meyer
- Re: "why I quit writing internet standards" Miles Fidelman
- Re: "why I quit writing internet standards" Alia Atlas
- Re: "why I quit writing internet standards" Christian de Larrinaga
- Re: "why I quit writing internet standards" Andy Bierman
- Re: "why I quit writing internet standards" Abdussalam Baryun
- Re: "why I quit writing internet standards" Ted Lemon
- Re: "why I quit writing internet standards" Michael Richardson
- Re: "why I quit writing internet standards" Tim Wicinski
- Re: "why I quit writing internet standards" Andy Bierman
- Re: "why I quit writing internet standards" Simon Pietro Romano
- Re: "why I quit writing internet standards" Miles Fidelman
- Re: "why I quit writing internet standards" Murray S. Kucherawy
- Re: "why I quit writing internet standards" David Meyer
- Re: "why I quit writing internet standards" Murray S. Kucherawy
- Re: "why I quit writing internet standards" Murray S. Kucherawy
- Re: "why I quit writing internet standards" Miles Fidelman
- Re: "why I quit writing internet standards" Dale R. Worley
- Re: "why I quit writing internet standards" Scott Kitterman
- Re: "why I quit writing internet standards" Miles Fidelman
- Re: "why I quit writing internet standards" Jari Arkko
- Re: "why I quit writing internet standards" Bjoern A. Zeeb
- Re: "why I quit writing internet standards" Spencer Dawkins
- Re: "why I quit writing internet standards" Carsten Bormann
- Re: "why I quit writing internet standards" Spencer Dawkins
- Re: "why I quit writing internet standards" Thomas Clausen
- Re: "why I quit writing internet standards" Wesley Eddy
- Re: "why I quit writing internet standards" Yoav Nir
- Re: "why I quit writing internet standards" Thomas Clausen
- Re: "why I quit writing internet standards" Wesley Eddy
- Re: "why I quit writing internet standards" Miles Fidelman
- Re: "why I quit writing internet standards" Spencer Dawkins
- Re: "why I quit writing internet standards" Thomas Clausen
- Re: "why I quit writing internet standards" Melinda Shore
- Re: "why I quit writing internet standards" Carsten Bormann
- Re: "why I quit writing internet standards" Thomas Clausen
- Re: "why I quit writing internet standards" Spencer Dawkins
- Re: "why I quit writing internet standards" Brian E Carpenter
- Re: "why I quit writing internet standards" Dave Cridland
- Re: "why I quit writing internet standards" Thomas Nadeau
- Re: "why I quit writing internet standards" Thomas Nadeau
- Re: "why I quit writing internet standards" Benoit Claise
- Re: "why I quit writing internet standards" Benoit Claise
- Re: "why I quit writing internet standards" Benoit Claise
- Re: "why I quit writing internet standards" Thomas Nadeau
- Re: "why I quit writing internet standards" Miles Fidelman
- Re: "why I quit writing internet standards" Yoav Nir
- Re: "why I quit writing internet standards" S Moonesamy
- Re: "why I quit writing internet standards" Benoit Claise
- Re: "why I quit writing internet standards" Douglas Otis
- Re: "why I quit writing internet standards" Andy Bierman
- Re: "why I quit writing internet standards" Hector Santos
- Re: "why I quit writing internet standards" Dave Crocker
- Re: "why I quit writing internet standards" Scott Kitterman
- Re: DMARC not-WG, was "why I quit writing interne… John Levine
- Re: DMARC not-WG, was "why I quit writing interne… Dave Crocker
- Re: DMARC not-WG, was "why I quit writing interne… Hector Santos
- Re: "why I quit writing internet standards" Dave Crocker
- Re: "why I quit writing internet standards" Scott Kitterman
- Re: "why I quit writing internet standards" Dave Crocker
- Re: "why I quit writing internet standards" Scott Kitterman
- Re: "why I quit writing internet standards" Douglas Otis