(apologies for possibly double post) On Tue 17/Apr/2012 08:03:07 +0200 Martin Thomson wrote: > On 13 April 2012 12:14, Murray S. Kucherawy <[email protected]> wrote: >>> Section 6.1, point 1 cannot be an interoperability requirement if there >>> isn't a mechanism provided. >> Existing implementations generally support this capability, but they all >> have different ways of doing so. Thus, there's (currently) no standard >> way to do it. Our ADs thus suggested the text that's there. > > It's the unsolicited case that bothers me here. Is there some sort of > general advice that can be given on how to implement this for an > unsolicited report? Or are these existing implementations so radically > different that is tricky? (That would be interesting in and of > itself.)
One possibility for an FBL shop is to have the human-readable part of an ARF report point to a web site that allows some auto-authentication, e.g. based on the URL itself but possibly complemented with the IP address of the client, assuming the visit may come from a company network. That way, Mailbox Providers can check that someone looked at the report, and illustrate the capabilities of their FBL shop. For 6.1/1 in particular, the report-sender could check 5XX reply codes and suspend sending for YY time, where the values of XX and YY were acquired at its interactive FBL shop. In general, the relationship between the ESP and the MP will turn into a sort of private agreement, more or less as described in RFC 6449 --except that the ESP gets a prompt to sign up in the form of an unsolicited report. This seems to be a slowly emerging pattern. Other bits related to 6.3/3 are being put in place. See e.g., http://www.ripe.net/ripe/policies/proposals/2011-06 Note that RIRs don't have the same standardizing power as the IETF. This AS thus plays a role in that framework, allowing that reporting pattern to emerge a little bit more. An emerged FBL pattern means experience which, in turn, is needed before complete details can be fully standardized. Hth _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
