On Sunday, April 26, 2015 2:25 AM [GMT+1=CET], Stephen J. Turnbull wrote: > J. Gomez writes: > > > > What else do you propose that we do? > > > > Well, if you ask... Mediators could take ownership of the > > Header-From whenever their involvement results in the Originator's > > DKIM signature being invalidated. > > The From header field is not in the public domain, and not available > for appropriation. "Taking ownership" of something that isn't yours > is properly called "theft"
Is the message Subject in the public domain? Is the message Body in the public domain? Why are many mailing lists taking liberties with them? Sorry, but I think your analogy of email vs property does not compute. > and as I understand it is it forbidden by > all of the mail header RFCs since 733, which assign that field to the > originator, and no role in editing it to other participants in the > mail system. I think that point was settled as "it is debatable". That field contains the Author, and if the Author signed with DKIM and the mediated message breaks that signature, it can then be argued that Authorship has suffered and therefore that the From: Header should reflect that fact. > > Everyone (Originators and Receivers) > > And Mediators. I don't understand why you refuse to admit that > Mediators *must* perform the same functions as Receivers and > Originators in order to safely accept and reinject messages. Because the fact that Mediators also do the role of Originators and the role of Receivers is not what makes them special, but the very fact that they are the only ones doing the role of Mediators. So the role of Originator has had to change and adapt. The role of Receiver has had to change and adapt. What changes have happened to the role of Mediator, to improve validation/authentication of the email system as a whole? None that I see, yet. > I don't understand why you insist on attacking the mediators, when (1) > the DMARC Originators who publish p=reject are in conflict with their > own users, (2) the DMARC Originators are not only signing their own > content, but unilaterally asserting that it is the only content > permitted in any version of messages originated in their system, in > violation of the expectations of their own users as originators and of > mailing list subscribers as recipients, and (3) the particular > "p=reject" use case causing issues was pre-deprecated in their own > standard. Well, I don't "attack" anyone, I express my opinion about what I think would be the easiest and lest painful --considering the email system as a whole-- solution to the problem. If your feel that as an "attack", what can I do? Yes, Mediators did not create the problem. It is not their fault. But live systems change, and we have to adapt. The roles of Originator and Receiver already are trying very hard to adapt. What is the role of Mediator doing to adapt to such change? > In any case, your "burden-equalization" approach is purely political, > and does not respect that fact that the technical opportunities to > mitigate the problem are not equally distributed. Mediators have very > little power to improve service unless the Originators participate; > all we can do is watch the services we are allowed to provide be > deprecated. Yes, I see that danger of deprecation to mailing lists too (at least, to mailing lists managed/configured old-style). Email is heavily used in corporate settings; inter-domain mailing lists used as "discussion groups many-to-many", not so much. Market is a powerful force... > Mediators such as mailing lists can adapt, *and already have done so*, > but we also advocate our users' interests. Those interests continue > to be harmed, to the profit of Yahoo! and AOL, and to the detriment of > *everybody else* in the mail system. I think we should get past the Yahoos and the AOLs. They pioneered the misue of DMARC, but that misuse is here to stay and will certainly grow, to the point it will become "common usage". So the problem space is now bigger than just Yahoo and AOL. I also feel I am advocating my users's best interests. I am not mad at you, don't be mad at me. :-) > > Email is changing. We all have to change to accomodate the fact > > that email is changing. Mediators don't seem willing to change at > > all. What I see is that email is about to evolve to the next level, > > and Mediators are at risk of being left behind if they refuse to > > change to accomodate the fact that email is changing. > > Thank you for your concern. We Mediators can and will take care of > our own interests, and ask you to desist with your efforts to help -- > they are not helpful because they do not respect our users' > requirements. Well, I also have users whose interests I humbly try to present and defend here. I don't see why I should desist from doing so. Regards, J.Gomez _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
