Re: [Last-Call] Last Call: <draft-billon-expires-06.txt> (Updated Use of the Expires Message Header Field) to Proposed Standard
Keith Moore <moore@network-heretics.com> Mon, 05 December 2022 03:55 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13A47C14CF19 for <last-call@ietfa.amsl.com>; Sun, 4 Dec 2022 19:55:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.595
X-Spam-Level:
X-Spam-Status: No, score=-2.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hjk43zhiegdc for <last-call@ietfa.amsl.com>; Sun, 4 Dec 2022 19:55:06 -0800 (PST)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00592C14CE29 for <last-call@ietf.org>; Sun, 4 Dec 2022 19:54:32 -0800 (PST)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id B412532003C0 for <last-call@ietf.org>; Sun, 4 Dec 2022 22:54:31 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Sun, 04 Dec 2022 22:54:31 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1670212471; x=1670298871; bh=i1EH9gvQ2VGXnfgjTBrEPgnqtXG0 S5uT+FYVQYGOzNM=; b=aM6JBKtyT+7+QL6qXQF7iZ6JB0/lHiAkw/5HyTWv0o04 ywValXhH2HykSmsUpGH0J2ewG+zlCKo6jfRsy29n0cix72RWP1lIRlrDiLa4uNDH AHiIgvaD81t0A5w7k+WEw4scSBs3JPmmZ4f8FjeGM1Aw3uLO5dkOVVst0Vb476Es 03ciYnaMbTkcDlxc9oU0kY/CuTDWXCDqbRxm0vWhVfSlNAepFGae7+xWE4gU4BoV PrkUHSHdcQ+uLOHC/BPQfqMTIDXGFSrtK5rV052Jj5vtsvs7hFV512vEwjFS+NFl jL/3W/EIAWQ7uoFyIhAv7VascKBSxopxR/UD1YnEIg==
X-ME-Sender: <xms:d2uNY9syQlkeP-fUyXqxiVyFt2510uWUL8ilWH8pf9YdddcVRF_QkQ> <xme:d2uNY2eFuo4JuYtPcSsqCWXgb4CredTw_72C3KuVbHkD9OwHgpisTk4RNO07_Fvak fl5f90BtExTxg>
X-ME-Received: <xmr:d2uNYwyvmZ2xPXcTGcsXcBjswzGdXdbn-kWUy7ihtPAZ-KCh5gDvJISslweICwyZ_XTIgWSxf2KoCguudHr2O0nVoUI6zrFukIg6GseVIH4FJMaVwMuxeA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudefgdeihecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurheptgfkffggfgfuvfhfhfgjsegrtderre dtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthifohhr khdqhhgvrhgvthhitghsrdgtohhmqeenucggtffrrghtthgvrhhnpeehfeduvdeggfefve eiiefggeeludefjeduieetledugeefffelffevieffkeeiffenucevlhhushhtvghrufhi iigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqd hhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:d2uNY0O8pzmNM9eepQgOlvNEZ6EYBCW0GRoYnYr7K3p5T1ZWUBWLjA> <xmx:d2uNY98elyMr-TtAVXdzikSLS8X_A34vu_Za5bPAelvy9zVa9yJGjQ> <xmx:d2uNY0Ubj0XxqqOr2Oobtf2ggIWeMQJ4ikAper0MUF4dfSQbj-22-w> <xmx:d2uNYwL-FYoPppjbxgPFsqAGozUi7AGjtMEcTrQiCUJmO4Mq9M4apw>
Feedback-ID: i5d8c41f0:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <last-call@ietf.org>; Sun, 4 Dec 2022 22:54:30 -0500 (EST)
Content-Type: multipart/alternative; boundary="------------VHkGh0ERATUo0PqrY4M0Sq86"
Message-ID: <ab3c841b-8e46-a039-0c2d-4f55d7259b8e@network-heretics.com>
Date: Sun, 04 Dec 2022 22:54:29 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2
Content-Language: en-US
To: last-call@ietf.org
References: <166973210946.22951.15613495979123865103@ietfa.amsl.com> <ff51b5cb-494a-a848-b346-6e7df1d273f5@network-heretics.com> <bd085e0f-9fbf-472c-a2a0-40156afda2f3@betaapp.fastmail.com>
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <bd085e0f-9fbf-472c-a2a0-40156afda2f3@betaapp.fastmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/qz3B8O44t-iK10wVmYfbHy5L7OI>
Subject: Re: [Last-Call] Last Call: <draft-billon-expires-06.txt> (Updated Use of the Expires Message Header Field) to Proposed Standard
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2022 03:55:11 -0000
On 12/4/22 22:16, Bron Gondwana wrote: > My use case (and the tooling I would build for myself if we don't make > it a standard Fastmail feature) would be to flag particular senders as > "auto-expire messages from this sender when their Expires header says > to) - and I'd use for a bunch of transactional edge trigger "reminder" > emails, which contain no content other than a "please go check over here". > > For example: the "you have pending moderation messages" that Mailman > sends every day. If the previous day's one expired at the time a new > one would be sent out, I could have them auto-clear, and they would > either have been superseded by a newer "you have things to action" > email, or be no longer relevant. Yes, I've often wanted this kind of feature for messages emitted by cron jobs, or other "daily alert" kinds of processes. But I also ask myself "how would this field be used in practice, not by geeks like myself, but by ordinary people, or by miscreants?" Enabling auto-delete based on Expires only on a per-sender basis makes some sense, and appears to make it less likely to be abused. > Obviously, we all agree - and the draft agrees - that this MUST never > be turned on by default. At least to the kind of MUST that you can > apply on any system - business logic might automatically turn it on > for some senders inside a business who know their own senders, and we > can't force them to do otherwise with strong words in a draft - but > generally I think the risks of defining this header with this > behaviour are not as great as you suggest. Yes it could be abused but > receipients with a legal requirement to not destroy emails will > already have protections around archiving all incoming email and > that's not going to change because there's a header there. Right, but there's also a possibility that intermediate systems, or the recipient's mail service provider, will delete messages based on Expires. And this draft doesn't make it clear which component has the responsibility of deleting based on Expires. To me that's one of the biggest potential sources of problems. If it's clear that deletion based on Expires is ALWAYS a function of the recipient's MUA (even if it's a webmail interface, it's still acting as an MUA) and ALWAYS enabled only by the recipient, it's less likely to cause trouble. But in practice Internet email doesn't have a great envelope/header separation anyway, and this draft just further muddies the distinction. (I've often wished that the email header was opaque to the mail transport, but that ship sailed decades ago.) And I really don't think that there should be a general expectation that Expires in email should be interpreted in the Usenet sense. Or maybe the field name shouldn't be Expires because it's too easily interpreted as "any component that processes this message has permission to drop or delete this message after this date-time". I didn't say that Expires was an inherently Bad Idea, I said the draft needs more work and clarity. It needs to benefit from more of this very kind of discussion. Keith
- Re: [Last-Call] Last Call: <draft-billon-expires-… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-billon-expires-… Alexey Melnikov
- Re: [Last-Call] Last Call: <draft-billon-expires-… Barry Leiba
- Re: [Last-Call] Last Call: <draft-billon-expires-… Alexey Melnikov
- Re: [Last-Call] Last Call: <draft-billon-expires-… Keith Moore
- Re: [Last-Call] Last Call: <draft-billon-expires-… John C Klensin
- Re: [Last-Call] [standcore.com-standards] Re: Las… John R. Levine
- Re: [Last-Call] [standcore.com-standards] Re: Las… John R. Levine
- Re: [Last-Call] [standcore.com-standards] Re: Las… Keith Moore
- Re: [Last-Call] [standcore.com-standards] Re: Las… John Levine
- Re: [Last-Call] [standcore.com-standards] Re: Las… Keith Moore
- Re: [Last-Call] [standcore.com-standards] Re: Las… Alexey Melnikov
- Re: [Last-Call] Last Call: <draft-billon-expires-… Keith Moore
- Re: [Last-Call] Last Call: <draft-billon-expires-… Keith Moore
- Re: [Last-Call] Last Call: <draft-billon-expires-… Bron Gondwana
- Re: [Last-Call] Last Call: <draft-billon-expires-… Keith Moore
- Re: [Last-Call] Last Call: <draft-billon-expires-… Alessandro Vesely
- Re: [Last-Call] Last Call: <draft-billon-expires-… Keith Moore
- Re: [Last-Call] Last Call: <draft-billon-expires-… George Michaelson
- Re: [Last-Call] Last Call: <draft-billon-expires-… Keith Moore
- Re: [Last-Call] Last Call: <draft-billon-expires-… John Levine
- Re: [Last-Call] Last Call: <draft-billon-expires-… tom petch
- [Last-Call] Last Call: <draft-billon-expires-07.t… John R Levine
- Re: [Last-Call] Last Call: <draft-billon-expires-… George Michaelson
- Re: [Last-Call] Last Call: <draft-billon-expires-… tom petch
- Re: [Last-Call] Last Call: <draft-billon-expires-… S Moonesamy
- Re: [Last-Call] Last Call: <draft-billon-expires-… John R. Levine