On Mon, Aug 17, 2020 at 6:52 AM Dotzero <dotz...@gmail.com> wrote: > On Sun, Aug 16, 2020 at 3:09 PM Douglas E. Foster <fosterd= > 40bayviewphysicians....@dmarc.ietf.org> wrote: > >> The reality is that IETF has mostly provided followership, not >> leadership, on matters of security. This forum is replicating history. >> As has been mentioned in the historical review, SPF, DKIM, and DMARC were >> independently successful projects, as was SSL. IETF provided >> after-the-fact blessing. It is time to follow the same model. >> > > Doug, as someone who has been involved in this space for decades, I think > you are sorely mistaken in your understanding of things. Many of the people > involved in the email authentication space interact with each other in > other places, both online and in person and have been doing so for a very > long time. > We don't always agree on the path forward but that is because we come from > different perspectives. IETF did not provide "after-the-fact" blessing. SPF > was experimental for a very long time. DMARC is still informational. One of > the mantras for IETF is "running code and rough consensus". There is > running code for DMARC but what we are lacking so far is rough consensus. >
+1. I would add that SPF and DMARC started outside of the IETF, but DKIM was a synthesis within the IETF of two things (DomainKeys and IIM) that started outside. It underwent significant evolution in the IETF -- not once, but twice. This line of thinking also seems to ignore the troubled path that SPF took to reach the standards track (as RFC 7208). Or you could apply for M3AAWG membership where all of those constituencies > participate already. > I was just going to say that. And, at least the last time I went, most of the same debates happened over there too. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
