IETF Logo Mail Archive

Re: Bad/Good ideas and damage control by experienced participants

Miles Fidelman <mfidelman@meetinghouse.net> Tue, 21 June 2022 16:57 UTC

Return-Path: <mfidelman@meetinghouse.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38063C157B4F for <ietf@ietfa.amsl.com>; Tue, 21 Jun 2022 09:57:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.787
X-Spam-Level:
X-Spam-Status: No, score=-3.787 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-1.876, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sVj32J4flKbl for <ietf@ietfa.amsl.com>; Tue, 21 Jun 2022 09:57:16 -0700 (PDT)
Received: from server1.neighborhoods.net (server1.neighborhoods.net [207.154.13.48]) by ietfa.amsl.com (Postfix) with ESMTP id C0531C157B36 for <ietf@ietf.org>; Tue, 21 Jun 2022 09:57:15 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by server1.neighborhoods.net (Postfix) with ESMTP id 87341CC063 for <ietf@ietf.org>; Tue, 21 Jun 2022 12:57:11 -0400 (EDT)
X-Virus-Scanned: by amavisd-new-2.6.2 (20081215) (Debian) at neighborhoods.net
Received: from server1.neighborhoods.net ([127.0.0.1]) by localhost (server1.neighborhoods.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 6-2t5d4C3Qtp for <ietf@ietf.org>; Tue, 21 Jun 2022 12:57:10 -0400 (EDT)
Received: from [192.168.1.170] (pool-74-104-183-235.bstnma.fios.verizon.net [74.104.183.235]) by server1.neighborhoods.net (Postfix) with ESMTPSA id 3DF55CC061 for <ietf@ietf.org>; Tue, 21 Jun 2022 12:57:10 -0400 (EDT)
Subject: Re: Bad/Good ideas and damage control by experienced participants
To: ietf@ietf.org
References: <20220621152816.38D0743EE646@ary.qy>
From: Miles Fidelman <mfidelman@meetinghouse.net>
Message-ID: <afcde9d1-06d6-10f3-97e8-eaab18a81da2@meetinghouse.net>
Date: Tue, 21 Jun 2022 12:57:09 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:68.0) Gecko/20100101 Firefox/68.0 SeaMonkey/2.53.12
MIME-Version: 1.0
In-Reply-To: <20220621152816.38D0743EE646@ary.qy>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/J341Q8NcV9fdkjqiKZC2HMcv8A0>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jun 2022 16:57:18 -0000

John Levine wrote:
> It appears that Nick Hilliard  <nick@foobar.org> said:
>>> It seems like, these days, all people do is promulgate broken mechanisms
>>> (e.g., DMARC), in the name of blocking resource sharing & collaboration
>>> - bringing us back to the days of a walled gardens and closer to the
>>> days of the Tower of Babel, at the same time no less.  And they do it,
>>> largely, by going around IETF processes entirely.
>> the issue is not whether this is true, but how it is presented to people
>> who stumble on the same blocks that we stumbled on when we started.
> DMARC is an interesting example.  As originally designed and implemented,
> it was a reasonable approach to a real problem, phishing mail that
> impersonates famous brands, notably Paypal.  Unfortunately a few years
> later it was repurposed by AOL and Yahoo, after they each let crooks
> steal their users' address books, to outsource the costs of spam they
> were getting with mail "from" their own users.  I suppose it was
> inevitable in retrospect that someone would do that but I know I was
> not the only one who was surprised when they did, and particularly
> that Yahoo did it in full knowledge that it would screw up every
> discussion list to which their users were subscribed.
>
> Many of the people who designed DMARC were and are active in the IETF,
> but I don't blame them for not doing it here because they'd be overrun
> with people who have no idea what the issues are in running large
> mail systems and would just say it's broken, go away.  I am certainly
> not saying that DMARC is wonderful, and the band-aid ARC that is intended
> to fix some of the mailing list issues is rolling out much too slowly,
> but doing nothing was and is not an option.
>
Personally, having been hit by it as a list manager (currently having 
serious problems with list mail getting to gmail recipients)... I have 
to say that a process that allowed something as damaging as DMARC, to 
make it into widespread use - is just broken.  Heck, it broke THIS list 
- folks at both google (like Vint), and gmail were not getting IETF list 
traffic.

Talk about broken!

Miles Fidelman

-- 
In theory, there is no difference between theory and practice.
In practice, there is.  .... Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

v2.23.0 | Report a Bug | By Email