Re: [marf] WGLC starting for draft-ietf-marf-base-01
"Murray S. Kucherawy" <msk@cloudmark.com> Tue, 13 April 2010 17:19 UTC
Return-Path: <msk@cloudmark.com>
X-Original-To: marf@core3.amsl.com
Delivered-To: marf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A80A3A6A4A for <marf@core3.amsl.com>; Tue, 13 Apr 2010 10:19:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.392
X-Spam-Level:
X-Spam-Status: No, score=-1.392 tagged_above=-999 required=5 tests=[AWL=1.208, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vF+g4iWpULJj for <marf@core3.amsl.com>; Tue, 13 Apr 2010 10:19:51 -0700 (PDT)
Received: from ht2-outbound.cloudmark.com (ht2-outbound.cloudmark.com [72.5.239.36]) by core3.amsl.com (Postfix) with ESMTP id 8D7833A67FF for <marf@ietf.org>; Tue, 13 Apr 2010 10:19:46 -0700 (PDT)
Received: from EXCH-C2.corp.cloudmark.com ([172.22.1.74]) by spite.corp.cloudmark.com ([172.22.1.72]) with mapi; Tue, 13 Apr 2010 10:19:30 -0700
From: "Murray S. Kucherawy" <msk@cloudmark.com>
To: Alessandro Vesely <vesely@tana.it>, "marf@ietf.org" <marf@ietf.org>
Date: Tue, 13 Apr 2010 10:19:29 -0700
Thread-Topic: [marf] WGLC starting for draft-ietf-marf-base-01
Thread-Index: AcrYDsK9cwut91S2TrOy21OY7u2tHADHWI/w
Message-ID: <BB012BD379D7B046ABE1472D8093C61C01CFEA493E@EXCH-C2.corp.cloudmark.com>
References: <BB012BD379D7B046ABE1472D8093C61C01CF9478A6@EXCH-C2.corp.cloudmark.com> <4BBF6B8D.1030901@tana.it>
In-Reply-To: <4BBF6B8D.1030901@tana.it>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [marf] WGLC starting for draft-ietf-marf-base-01
X-BeenThere: marf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Message Abuse Report Format working group discussion list <marf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/marf>
List-Post: <mailto:marf@ietf.org>
List-Help: <mailto:marf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Apr 2010 17:19:54 -0000
[as participant] > -----Original Message----- > From: marf-bounces@ietf.org [mailto:marf-bounces@ietf.org] On Behalf Of > Alessandro Vesely > Sent: Friday, April 09, 2010 11:02 AM > To: marf@ietf.org > Subject: Re: [marf] WGLC starting for draft-ietf-marf-base-01 > > "Reported-Domain" is unspecified by design. Fine :-( However, it is > not clear whether it may appear multiple times even if the report > covers a single incident. I disagree. It's clearly in the "Optional Fields Appearing Multiple Times" section. > As for using "Reported-URI" for the spamvertized mailbox, I just note > that IODEF's draft-cain-post-inch-phishingextns (now in LC) calls that > "Collection Site". The phrase "a URI to which the report recipient can > go for further details", instead, suggests something like > > http://example.com/arf-generators/XYZ-v1.04b/meaning-of-fields.html I think I agree that this is somewhat ambiguous. To those who are using ARF now: How do you use this field? Is it a URI found in the offending message, or is it a reference URI for further action by the ARF recipient? If the latter, it is probably mis-named. If it could be either, I suspect the text should indicate that the provided URI might and might not be taken from the message. > I propose to replace that phrase with just "See next Section 3.4". > (Will there be an applicability statement to clarify how meanings may > be negotiated, eventually?) Do you have text to propose? :-) > Section 7.3 still says "MAIL FROM:<>". See the end of > http://www.ietf.org/mail-archive/web/marf/current/msg00641.html Ah right. I'll remove 7.3. > Should the security section mention that automatically forwarding an > abuse report to the wrong party may leak sensible information, > especially if the report had been inadvertently generated by a user? > (The intro says something about supporting mail clients.) Isn't that true of any email? > Should "http://www.mipassoc.org/arf/" in the examples be replaced with > something with like the first http link above? (Should the spec > RECOMMEND that the meaning of fields is stated that way?) As it's just an example, I don't think this is a critical change. What might be useful would be something in an earlier section RECOMMENDing the leading text/plain section include a reference to a document decoding ARF messages, at least during a rollout period. > In appendix B2, the Authentication-Results looks bogus. In addition, > the caption says "Example 3" rather than 2. Fixed.
- [marf] WGLC starting for draft-ietf-marf-base-01 Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… Alessandro Vesely
- Re: [marf] WGLC starting for draft-ietf-marf-base… J.D. Falk
- Re: [marf] WGLC starting for draft-ietf-marf-base… Yakov Shafranovich
- Re: [marf] WGLC starting for draft-ietf-marf-base… SM
- Re: [marf] WGLC starting for draft-ietf-marf-base… Alessandro Vesely
- Re: [marf] WGLC starting for draft-ietf-marf-base… Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… SM
- Re: [marf] WGLC starting for draft-ietf-marf-base… SM
- Re: [marf] WGLC starting for draft-ietf-marf-base… SM
- Re: [marf] WGLC starting for draft-ietf-marf-base… Murray S. Kucherawy
- Re: [marf] WGLC starting for draft-ietf-marf-base… J.D. Falk
- Re: [marf] WGLC starting for draft-ietf-marf-base… Shmuel Metz (Seymour J.)