On 8/26/05, Hallam-Baker, Phillip <[EMAIL PROTECTED]> wrote: > > Let me phrase it this way: the IESG should not sanction conflicting > > experiments by publishing conflicting specifications, > > I agree. > > But I do not believe that SPF and Sender-ID conflict in any way > whatsoever and this was accepted by the WG right up to the point where > people started to complain about IPR licenses. >
Not quite correct. The reason that people did not complain was that supporters of SID were pushing for use of SPF2 records at the time. It was only after the announcement that SID would use (abuse) SPF1 records that it became an issue. > I do not think that the IESG should block a proposal citing a conflict > when the real animus here is entirely due to the IPR issue. > So all of the discussion on the spf-discuss list has nothing to do with technical issues and has only been a cover for unhappiness with IPR issues? I find that a stretch. > All SPF does is provide a mechanism whereby sending parties can describe > their outgoing edge mail servers. The recipient has the absolute right > to interpret that data in any way they see fit. That is the entire point > of a spam filtering scheme. > Let us remind ourselves what SPF stands for SENDER Policy Framework. If the publisher of a record has no reasonable expectation of how that record will be used and every expectation that it may be abused then what incentive do they have to publish the record? SPF does not describe outgoing edge mail servers.... it describes the policies associated with the domain. The issue at hand is not whether an individual recipient chooses to interpret the data a particular way. Interpretation by the recipient is should I reject on softfail or not or should I assign a point value in conjunction with other things. Writing a standard which subverts the intent of individuals publishing to a different and existing standard is simply unethical and wrong. What happened was essentially a political move because people chose not to publish SPF2 records for PRA. So, the response was to force people to opt-out (publish an essentially meaningless SPF2 record) because the SID camp was losing in the real world marketplace. > Nobody has ever demonstrated a conflict as far as I am concerned, all > attempts to allege a conflict begin, "the sender intends" which is > utterly irrelevant. The sender does not have the right to decide what > email client I use, they do not have the right to determine what spam > filter I use either. > An interesting argument. Of what value is publishing a record (of any sort) if the publisher of said record has a reasonable expectation that it will be used in arbitrary ways to the publishers detriment? One argument that was put forth after the announcement that SID would apply PRA to SPF1 records was that it was a conspiracy to get publishers to yank their SPF1 records. People and organizations chose to publish a record according to a standard because they have a reasonable expectation on how that record will be used. While there may be edge cases of abuse, the expectation is that most people will respect the standard. That's why it's called a standard. > Sender-ID simply describes one means of interpreting an SPF record. It > may or may not work, it may or may not be optimal, that is why it is an > experiment. > I can see someone using this "logic" in any number of circumstances.... "Your honor, I have this alternative means of interpreting what a red stoplight indicates.....go go go as fast as you can". > An SPF record may be constructed in such a fashion that Sender-ID > verification is not possible. That is not a conflict, it is simply an > artifact that results from the baroque nature of the SPF spec. > You are implying that individuals published SPF1 records with the intent of subverting SID verification. This is akin to blaming the victim for the actions of the mugger. I would argue that most of those who published SPF1 records did so with no knowledge or anticipation that PRA would be applied to those records. > I do not believe that one group should be able to block a proposal they > do not like by alleging a non-existent conflict. > I don't hear anyone trying to block the SID proposal in its entirety. I only see the blocking of an abusive portion of the proposal. Why weren't the supporters of the SID proposal willing to go out and promote use of SPF2/PRA format/records? I haven't seen any of the core SPF activists oppose the use of SPF2 records by SID for PRA. We again come back to the politics of the issue. SID was losing in the marketplace (numbers of published records). A significant aspect of these types of experiments is whether people buy in to the approach. Applying PRA to SPF1 records was a way of sidestepping this issue regardless of whether the (publisher)marketplace bought into SID. Mike _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
