> -----Original Message----- > From: Martin Thomson [mailto:[email protected]] > Sent: Friday, April 13, 2012 9:14 AM > To: [email protected] > Cc: [email protected] > Subject: Gen-ART review: draft-ietf-marf-as-13
Hi Martin, thanks for the review. > Minor issues: > > Reading through, this doesn't smell very much like an applicability > statement at all. It has the distinct odor of a profile, or a set of > implementation/deployment/operational guidelines. That might just be > me. It is an Applicability Statement in the sense of Section 3.2 of RFC 2026. > Section 4.2 doesn't really contain enough information for me to > determine when I might want to ignore your SHOULD. Some kind of out-of-band knowledge of an override address, or local policy, is what we have in mind here. Of course, such out-of-band knowledge is likely an implicit part of the feedback solicitation agreement anyway, so really local policy is the only thing that might apply. We can mention that explicitly. > Section 6.1, point 1 cannot be an interoperability requirement if there > isn't a mechanism provided. The text is perfectly clear, but I can't > implement anything here to address the "MUST". The problem is that the > reports are unsolicited, and therefore an out-of-band "session" has not > been established between providers. (Is an abuse report the in-band > solution you are looking for? Yes, Section 7, point 2, I know...) Existing implementations generally support this capability, but they all have different ways of doing so. Thus, there's (currently) no standard way to do it. Our ADs thus suggested the text that's there. > Section 6.3, point 1 has the same complaint for the "SHOULD", though in > this case the softness of the "SHOULD" makes this more tolerable. The choice to deviate means the benefits described later in that point's text are lost. That's the tradeoff. > Nits/editorial comments: > > Expand on first use: MUA, SPF, DKIM. OK. > Parentheses around references is excessive ([CITE]). Stylistic preference, I think. :-) > Section 5.2, point 2 is a bit of a truism...MUST support optional > fields being optional. Is it really necessary? Hm, true. I'll have to look at how that text evolved and figure out if it needs rewording or can just be dropped. > Section 6.3, point 3, sentence 2: missing comma after "([RFC3912])" Why? It doesn't parse properly with that change. > Section 6.4, point 3, did not parse: "reports are generated with use by > recipients not using" "with ... in mind" is the construct, but they are kind of far apart. Will reword. > Section 6.5, point 3 could be made MUST NOT by saying "MUST NOT reject > non-ARF messages based solely on the format" or by adding other > qualifications to that effect. Obviously this has to allow for local > policy that rejects messages on other criteria, but you can make a > requirement like this. I think a mix of the two makes sense: Leave it a SHOULD NOT, use your wording otherwise, and then describe valid deviation criteria as you've done. Thanks; LC ends 4/24, will post a revision between that and the telechat. -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
