Re: Last Call: <draft-levine-herkula-oneclick-04.txt> (Signalling one-click functionality for list email headers) to Proposed Standard
"John R. Levine" <johnl@iecc.com> Tue, 13 September 2016 01:45 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B477712B18F for <ietf@ietfa.amsl.com>; Mon, 12 Sep 2016 18:45:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O6Lc59dCXOQq for <ietf@ietfa.amsl.com>; Mon, 12 Sep 2016 18:45:49 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D048312B18E for <ietf@ietf.org>; Mon, 12 Sep 2016 18:45:48 -0700 (PDT)
Received: (qmail 30098 invoked from network); 13 Sep 2016 01:45:46 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=7591.57d75a4a.k1609; bh=hqNsVYQ+8Rbk33bLh7MpQqC3cOCITv7XR9BAKOn+Lro=; b=Y4VobUWz0g5cZQXmxGrj4O61IS4bGk1PXlIf6JxqvzdPNrxqNsCSL0QTId7LMDXvl+U83jFNwtbYreFe/yofbjeuKi+ZHWsSpmH/5AcRA1bsQ0wL59HU/JjvVU4vsiUaO0wLogJ7jgI7Ehh9bW2m7Eo5daJzjL6tG4dcSVhIUBBCn5tdPl8apYLinnj6YGeBaHoh4peYsM3X4mVE5yZ1VhQd58636Lf8wWgneOuQBVSucqCbGTgqXpA2ocKfdR/J
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 13 Sep 2016 01:45:46 -0000
Date: Mon, 12 Sep 2016 21:45:47 -0400
Message-ID: <alpine.OSX.2.11.1609122139220.63493@ary.local>
From: "John R. Levine" <johnl@iecc.com>
To: John C Klensin <klensin@jck.com>
Subject: Re: Last Call: <draft-levine-herkula-oneclick-04.txt> (Signalling one-click functionality for list email headers) to Proposed Standard
In-Reply-To: <B717E322B172FC10398721BE@JcK-HP8200>
References: <147369951847.3676.9919080158898452438.idtracker@ietfa.amsl.com> <B717E322B172FC10398721BE@JcK-HP8200>
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WC8f0xsQWkvy69krXAFhOS4kNek>
Cc: alexey.melnikov@isode.com, IETF general list <ietf@ietf.org>, tobias.herkula@optivo.de, Paul Kincaid-Smith <paulkincaidsmith@gmail.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2016 01:45:51 -0000
> important protection against accidental (but, IMO, badly > designed) or malicious bad behavior. So this specification > proposed a way to bypass those safeguards and protection? No, of course not. The unsubscribe links in the mail this will affect are invariably unique to the message's recipient with a hard to forge hash of some sort. So if you have the message, you are the subscriber or the subscriber gave the message to you. I've talked at some length to the people at Gmail who plan to implement this, and they've clearly dealt with more mail forgery than any of us. By the way, in the US, it is not just poor practice to require confirmation of unsubscribe requests for commercial mail, but under the FTC's CAN SPAM rules, it is illegal to do so. R's, John
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John C Klensin
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John R. Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John C Klensin
- Re: Last Call: <draft-levine-herkula-oneclick-04.… tobias.herkula
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John C Klensin
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John R Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Viktor Dukhovni
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Alexey Melnikov
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Dave Crocker
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Dave Crocker
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Dave Crocker
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Dave Crocker
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John R Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Viktor Dukhovni
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Viktor Dukhovni
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Viktor Dukhovni
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Dave Crocker
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John R Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Viktor Dukhovni
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Dave Crocker
- Re: Last Call: <draft-levine-herkula-oneclick-04.… John R. Levine
- Re: Last Call: <draft-levine-herkula-oneclick-04.… Viktor Dukhovni