IETF Logo Mail Archive

Re: [spfbis] Meaning of SPF and domain authentication in general, was #12

Hector Santos <hsantos@isdg.net> Sun, 22 April 2012 19:13 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0234821F8658 for <spfbis@ietfa.amsl.com>; Sun, 22 Apr 2012 12:13:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.659
X-Spam-Level:
X-Spam-Status: No, score=-1.659 tagged_above=-999 required=5 tests=[AWL=-0.239, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1sPQ+lSfYtx4 for <spfbis@ietfa.amsl.com>; Sun, 22 Apr 2012 12:13:13 -0700 (PDT)
Received: from ntbbs.santronics.com (catinthebox.net [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 46F4B21F8652 for <spfbis@ietf.org>; Sun, 22 Apr 2012 12:13:12 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=4174; t=1335121990; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:Subject:To: List-ID; bh=2g8bLrtSsaGqWxbd7iS0goEfowA=; b=YPYJxhp9oXAjVC6CBZ+m 2m83WmurqSK65J0HZyirLPjUJzhYKD5QI+Eg5EsPQi0dJB0ZS5yvFD90PQa1iXt2 iBze79BMEOHZZRG5Mn9+o7gIhkwtdcISZ/bp3ByG7PdV3TvDEDUpstAMHk0cuGw8 Pv72IZZE2fcaHAa+AjSJH5c=
Received: by winserver.com (Wildcat! SMTP Router v6.4.454.1) for spfbis@ietf.org; Sun, 22 Apr 2012 15:13:10 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from hector.wildcatblog.com ([208.247.131.23]) by winserver.com (Wildcat! SMTP v6.4.454.1) with ESMTP id 4028808645.34182.4460; Sun, 22 Apr 2012 15:13:09 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=4174; t=1335121654; h=Received:Received: Message-ID:Date:From:Organization:Subject:To:List-ID; bh=GUEjY3A 8bXHuYqYt120LLasC79EVJCvUC3k6UoCwo7g=; b=qblWGu+/LCcQAgBARVwXZq5 Tbiqrc12mP3RFmtdscPLFViKnuMQ5V6TlBfWp9+NvY2ceiTClGS0yDH0cOV12Nc+ CHN+aY1MDXJKLcUo/LwJQs4jWIsn0pIQ6x/DWPNdxkia5BqZ7SmgS+bFiX2D+2gH FkAjk0Zt8Mct2Snw7j5w=
Received: by beta.winserver.com (Wildcat! SMTP Router v6.4.454.1) for spfbis@ietf.org; Sun, 22 Apr 2012 15:07:34 -0400
Received: from [192.168.1.101] ([99.3.147.93]) by beta.winserver.com (Wildcat! SMTP v6.4.454.1) with ESMTP id 332742503.2859.5136; Sun, 22 Apr 2012 15:07:33 -0400
Message-ID: <4F94662A.6070909@isdg.net>
Date: Sun, 22 Apr 2012 16:12:26 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
CC: "spfbis@ietf.org" <spfbis@ietf.org>
References: <20120416230031.12409.qmail@joyce.lan> <4F8CABE8.10007@isdg.net> <CAC4RtVDoJt2WRAvWZt_CwaqnQGDnaK_Y1gggsAGem1mQxZmUXA@mail.gmail.com>
In-Reply-To: <CAC4RtVDoJt2WRAvWZt_CwaqnQGDnaK_Y1gggsAGem1mQxZmUXA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Comment: Missing recipient address appended by wcSMTP router.
To: spfbis@ietf.org
Subject: Re: [spfbis] Meaning of SPF and domain authentication in general, was #12
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spfbis>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Apr 2012 19:13:15 -0000

(offlist)

Hi Barry,

What bothers me that statements were written with a principle focus to 
replace SIDF with DKIM and there obvious issues that I believed where 
simply wrong from many angles I don't wish to repeat, but it took me 
to highlight issues because no else was.  Why did it even have get to 
this level is vexing to me.

a) Murray, an militant SPF opponent, had one purpose to use the 
experiment status of
    SPF/SIDF as a way to take strategic consolidation control of it, 
related to all his
    work, like with DMARC.  Never mind the questionable justification 
the IETF
    may allow one to take control of a RFC they were not the prime 
author, but do so
    without seeking permission or views from they original editors. 
So right here
    it got off the wrong foot.

b) The charter does state no more work is recommended and I don't know 
where that
    come from because there were clear interest in SPF/SIDF conflict 
corrections.
    The known concerns and any suggestion to seek corrections was not 
open and there
    interests in the practical reality spf/sidf integration existed. 
I understand
    in SPFBIS only focus, but not at the expense of ending SIDF with 
no real
    engineering review to justify it.

c) The charter does reference a draft 4408bis, where it states:

    The success or failure of the Sender ID portion of this IESG 
experiment
    should be evaluated relative to DKIM.

d) Murray did have in a prior report draft a section 2.0 or 3.0 that 
pretty
    much repeated (c) and the need to consider DKIM over SIDF and I 
asked that
    this section be removed.  It was.  Reassure it was no due to my 
input but
    most likely John Leslie to remove the section. I only guessing it 
was Leslie
    because of a side bet with him the "replace SIDF with DKIM" will 
continue to
    be pushed by Murray despite all repeated "Out of Scope" comments 
the report
    had no business to inject.

e) and whenever I wasted more time to provide more reasonable 
arguments and
    empirical information that I guess he could not ignore, he 
repeated in
    in three messages that new input, including new results from new 
scanning of
    data related to SIDF/SUBMIT he stated he was doing, that it 
wouldn't matter
    anyway because it won't change his initial recommendation to 
recommend SIDF
    be made obsolete.

    So why even bother doing a new scan on "millions of domains".

See ya Barry.


Barry Leiba wrote:
>> If the SPFBIS is going recommend to end the  SIDF protocol
> 
> Let's be clear about one thing here: while "ending the SIDF protocol" might
> be something some participants in this WG want to do, it is not a goal of
> the WG, and as far as I can tell, no one is trying to put that in any of
> the WG's documents.  The working group is chartered to describe its
> consensus of the result of a number of years of experimentation with SPF
> and SIDF, and to move SPF to Proposed Standard.  If that consensus says
> that SPF is in wide use and SIDF is not, and there's data to support that,
> it's fine.
> 
> As an AD, I will say that if any document comes out of this working group
> making any normative statement (or even a strong recommendation) telling
> people NOT to use SIDF, saying that SIDF is deprecated or obsolete,
> obsoleting any SIDF RFC, or moving any SIDF RF to Historic, I will surely
> put a DISCUSS position on that document for exceeding the WG's charter.
>  I'm guessing that Pete, who's the responsible AD here, will cut it off
> before it ever gets to me anyway, should a document do that.
> 
> So, please, everyone stop accusing the WG of trying to "kill" SIDF.  It
> will not.  If someone should want to create an SIDFbis WG to do something
> one way or the other with that protocol, that'd be a fine thing to pursue
> as a separate effort.  But later, after this one is done.
> 
> Barry
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> spfbis mailing list
> spfbis@ietf.org
> https://www.ietf.org/mailman/listinfo/spfbis

-- 
Hector Santos, CTO
http://www.santronics.com
http://hector.wildcatblog.com

v2.23.0 | Report a Bug | By Email