Re: [spfbis] Review of draft-ietf-spfbis-experiment-05

[John Leslie <john@jlc.net>]

Barry Leiba <barryleiba@computer.org> wrote:
>...
> 
> OLD
>    Due to the absence of consensus behind one or the other, and because
>    Sender-ID supported use of the same policy statement defined by SPF,
>    the IESG at the time was concerned that an implementation of
>    Sender-ID might erroneously apply that statement to a message and,
>    depending on selected recipient actions, could improperly interfere
>    with message delivery.
> 
> This seems to have a significant SPF bias.  May I suggest this?:
> 
> NEW
>    Due to the absence of consensus behind one or the other and because
>    SPF and Sender-ID supported use of the same policy statement with
>    different semantics, the IESG at the time was concerned that
>    implementations of SPF or Sender-ID might erroneously apply a
>    statement that had been published with the semantics of the other,
>    and, depending on selected recipient actions, could improperly
>    interfere with message delivery.

   Both of these try to put words in the mouth of an IESG of many years
ago (before either Barry or I was scribing). I advise against doing so.
Please, consider the actual IESG statement:

--------------------------------cut here--------------------------------
Date: Wed, 22 Sep 2004 15:52:55 -0400
From: The IESG <iesg-secretary@ietf.org>
Subject: WG Action: Conclusion of MTA Authorization Records in DNS (marid)
To: IETF-Announce@ietf.org
Cc: ietf-mxcomp@imc.org,
        "Marshall T. Rose" <mrose+mtr.mxcomp@dbc.mtview.ca.us>,
        Andrew Newton <andy@hxr.us>
   
   
The MTA Authorization Records in DNS (MARID) working group in the
Applications Area has concluded.
   
The IESG contact persons are Ted Hardie and Scott Hollenbeck.
   
The mailing list will remain active.
   
After an assessment of the current state of the MARID working group,
its charter, and its milestones, the working group chairs and Area
Advisor concluded that the MARID working group should be terminated.
   
The group was originally chartered with a very tight time frame, with
the expectation that a focused group of engineers would be able to
produce in relatively short order a standard in the area of
DNS-stored policies related to and accessible by MTAs. The group has
had no lack of energy. From the outset, however, the working group
participants have had fundamental disagreements on the nature of the
record to be provided and the mechanism by which it would be checked.
Technical discussion of the merits of these mechanisms has not swayed
their proponents, and what data is available on existing deployments
has not made one choice obviously superior. Each represents
trade-offs, and the working group has not succeeded in establishing
which trade-offs are the most appropriate for this purpose. These
assessments have been difficult in part because they have been moved
out of the realm of pure engineering by the need to evaluate IPR and
licensing related to at least one proposal in the light of a variety
of licenses associated with the deployed base of MTAs.
   
Efforts to reach consensus by compromise and by inclusion have been
attempted on multiple occasions. Despite early hopes of success
after each such attempt, post-facto recycling of technical issues
which these efforts should have closed has shown that the group
remains divided on very basic issues. The working group chairs and
Area Advisor are agreed that the working group has no immediate
prospect of achieving its primary milestone:

Aug 04 Submit working group document on MTA Authorization Record in DNS to PS
--------------------------------cut here--------------------------------

   Fundamentally, IMHO, the IESG of 2004 considered MARID a failed WG.

--------------------------------cut here--------------------------------
Rather than spin in place, the working group chairs and Area Advisor believe
that the best way forward is experimentation with multiple proposals
and a subsequent review of deployment experience. The working group
chairs and Area Advisor intend to ask that the editors of existing
working group drafts put forward their documents as non-working group
submissions for Experimental RFC status. Given the importance of the
world-wide email and DNS systems, it is critical that IETF-sponsored
experimental proposals likely to see broad deployment contain no
mechanisms that would have deleterious effects on the overall system.
The Area Directors intend, therefore, to request that the
experimental proposals be reviewed by a focused technology
directorate. This review group has not yet been formed but, as with
all directorates, its membership will be publicly listed at
http://www.ietf.org/u/ietfchair/directorates.html once it has been
constituted.

Concluding a group without it having achieved its goals is never a
pleasant prospect, and it is always tempting to believe that just a
small amount of additional time and energy will cause consensus to
emerge. After careful consideration, however, the working group
chairs and area advisor have concluded that such energy would be
better spent on gathering deployment experience.
--------------------------------cut here--------------------------------

   The WG list remained quite active for a while, among other things
speaking unkindly of the "directorate" mentioned above. In due course
Individual I-Ds were submitted which became RFCs 4405-4408.

   We should be careful in saying anything in spfbis-experiment which
puts words beyond the above into the mouth of the 2004 IESG. I believe
at the time the above message was sent, the IESG believed that a limited
group of reviewers (the "directorate") would be able to enforce sanity
on a discussion which seemed to the 2004 IESG to be religious posturing.
(That did not happen, of course.)

   But I don't believe my interpretation belongs in spfbis-experiment,
either. I don't believe either "OLD" or "NEW" from Barry's email is
appropriate. I could suggest:
" 
" Since the MARID WG was closed without reaching consensus on either,
" the 2004 IESG left it to each sub-group to describe the usage they
" proposed in Experimental RFCs, with evaluation to be done by some
" other body after a period of experimentation.
"
" This document will discuss the effects of applying different semantics
" to the same DNS record but makes no claim to tell the whole story.

   I'm not at all attached to that particular wording: I just believe
that we need to be careful in attributing intent to the 2004 IESG.
If, OTOH, you get Ted Hardie's approval to either of those statments,
it'd be OK with me.

--
John Leslie <john@jlc.net>