Re: DMARC: perspectives from a listadmin of large open-source lists

["Murray S. Kucherawy" <superuser@gmail.com>]

On Mon, Apr 14, 2014 at 3:02 PM, Dave Cridland <dave@cridland.net> wrote:

> One of the very specific items that was on the proposed charter was
>> dealing with the question of how to integrate DMARC with mailing lists.
>> This was called out very early on as an open issue, as were some other
>> important ones:
>>
>> http://wiki.tools.ietf.org/wg/appsawg/trac/wiki/DMARC
>>
>
> Right, but the WG was expected to make it work with mailing lists without
> changing it. Tough ask.
>

Could it not have been done as an extension?  And as I recall, one of the
proposed paths was to just record and publish DMARC as it is now, and then
get a WG going to help revise it into something that also resolves the
questions in the proposed charter, on the standards track.  This also
failed to gain acceptance.


> Sorry, but given the way in which IETF participants were asked to work on
> DMARC, there is absolutely no way you could say that the "DMARC people came
> to the IETF to [...] complete development" - it was more or less stated
> that development was done and dusted - and the IETF didn't reject it on the
> basis that no engineering work remained - the DMARC people rejected any
> engineering work happening.
>
> It doesn't actually matter whether you think the reasons behind this were
> valid; the fact is that you're putting one heck of a slant on recent
> history, and it's not borne out by what's in the archives.
>

I remember what was said.  I'm not trying to be revisionist here.  Rather,
I think I'm trying to remember all the details of a very chaotic
negotiation.

I can't say I blame the DMARC people, or anyone for that matter, for trying
to insulate itself against its work being bogged down for months or longer
rat-holing on things as has been the fate of so many past efforts in the
same area.  (See the thread Wes George started this morning separately.)
Maybe they tried too hard and maybe I even contributed.  But I also think
maybe the IETF needs to rethink its position on taking on work from outside
organizations in the first place, which was one of several road blocks that
came up.  Another is that it was too far along the deployment axis to be
eligible for consideration as new IETF work, regardless of whether the main
document was up for revision.  Yet another is that despite repeated
requests, we couldn't even more than a couple of people (I can remember
four) to submit substantive reviews of the current document; it seemed like
the IETF wasn't interested regardless of the other "regulatory" issues.

I don't have any idea how to retroactively fix all of that, and I suspect
it would be another rat-hole to try.  What I'd really like to talk about is
where we go from here.

-MSK