[secdir] [new-work] WG Review: SPF Update (spfbis)
IESG Secretary <iesg-secretary@ietf.org> Tue, 20 December 2011 17:19 UTC
Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E82B21F8ABD; Tue, 20 Dec 2011 09:19:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1324401545; bh=o6Dc0tTttuZ0BoriI7FIefmqTfNU8pAfOMUaLuIeqRQ=; h=From:To:Mime-Version:Message-Id:Date:Subject:Reply-To:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Content-Transfer-Encoding:Sender; b=Je4lkc8u/LMArbBYm66ps5rDfLYNT8syOH7fLyFyNRm9l9sno0jsGMYafmFppvk3g HqG5N22445vnW6DRfSwL6IksABKKzy3wRUp5nWZt6PePHRtVTrXwVzEPAp1BcJcEtS QNNGyPbHiqOJulsNzZrW+tMZhLMhSwNomGiSvvgo=
X-Original-To: new-work@ietf.org
Delivered-To: new-work@ietfa.amsl.com
Received: by ietfa.amsl.com (Postfix, from userid 30) id 705B921F8AC9; Tue, 20 Dec 2011 09:19:04 -0800 (PST)
From: IESG Secretary <iesg-secretary@ietf.org>
To: new-work@ietf.org
Mime-Version: 1.0
Message-Id: <20111220171904.705B921F8AC9@ietfa.amsl.com>
Date: Tue, 20 Dec 2011 09:19:04 -0800
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: new-work-bounces@ietf.org
Errors-To: new-work-bounces@ietf.org
X-Mailman-Approved-At: Wed, 21 Dec 2011 08:53:39 -0800
Subject: [secdir] [new-work] WG Review: SPF Update (spfbis)
X-BeenThere: secdir@ietf.org
Reply-To: iesg@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2011 17:19:05 -0000
A new IETF working group has been proposed in the Applications Area. The IESG has not made any determination as yet. The following draft charter was submitted, and is provided for informational purposes only. Please send your comments to the IESG mailing list (iesg@ietf.org) by Tuesday, December 27, 2011 SPF Update (spfbis) ----------------------------------------- Status: Proposed Working Group Last Updated: 2011-12-09 Chair(s): TBD Applications Area Director(s): Pete Resnick <presnick@qualcomm.com> Peter Saint-Andre <stpeter@stpeter.im> Applications Area Advisor: Pete Resnick <presnick@qualcomm.com> Mailing Lists: General Discussion:spfbis@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/spfbis Archive: http://www.ietf.org/mail-archive/web/spfbis/ Description of Working Group: The Sender Policy Framework (SPF, RFC4408) specifies the publication of a DNS record which states that a listed IP address is authorized to send mail on behalf of the listing domain name's owner. SMTP servers extract the domain name in the SMTP "MAIL FROM" or "HELO" command for confirming this authorization. The protocol has had Experimental status for some years and has become widely deployed. This working group will revise the specification, based on deployment experience and listed errata, and will seek Standards Track status for the protocol. The MARID working group created two specifications for publication of email-sending authorization: Sender-ID (RFFC4405, RFC4406 and RFC4407) and SPF (RFC4408), with both having Experimental status. By using IP addresses, both protocols specify authorization in terms of path, though unlike SPF, Sender-ID uses domain names found in the header of the message rather than the envelope. The two protocols rely on the same policy publication mechanism, namely a specific TXT resource record in the DNS. This creates a basic ambiguity about the interpretation of any specific instance of the TXT record. Because of this, there were concerns about conflicts between the two in concurrent operation. The IESG Note added to each invited an expression of community consensus in the period following these publications. Both enjoyed initially large deployments. Broad SPF use continues, and its linkage to the envelope -- rather than Sender-ID's linkage to identifiers in the message content -- has proven sufficient among operators. This concludes the experiment. Changes to the SPF specification will be limited to the correction of errors, removal of unused features, addition of any enhancements that have already gained widespread support, and addition of clarifying language. The working group will also produce a document describing the course of the SPF/Sender-ID experiment (defined in the IESG note on the RFCs in question), bringing that experiment to a formal conclusion. No other work on Sender-ID will be done. Finally, the working group will develop the proposed "scope" extension found in draft-mehnle-spfbis-scope. Specifically out-of-scope for this working group: * Revisiting past technical arguments that were covered in the MARID working group, except where review is reasonably warranted based on operational experience. * Discussion of the merits of SPF. * Discussion of the merits of Sender-ID in preference to SPF. * Extensions to SPF other than the one specified above. The working group will re-charter to process other specific proposed extensions as they are identified. The initial draft set: draft-kitterman-4408bis draft-mehnle-spfbis-scope Goals and Milestones: MMM YYYY: A standards track document defining SPF, based on RFC4408 and as amended above, to the IESG for publication. MMM YYYY: A document describing the SPF/Sender-ID experiment and its conclusions to the IESG for publication. MMM YYYY: A standards track document creating the "scope" extension to the IESG for publication. _______________________________________________ new-work mailing list new-work@ietf.org https://www.ietf.org/mailman/listinfo/new-work
- [secdir] [new-work] WG Review: SPF Update (spfbis) IESG Secretary