Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Michael Thomas]

On 9/11/13 8:18 PM, MH Michael Hammer (5304) wrote:
>
> I think you need to look more closely. Many people realized very quickly that 
> ADSP had significant flaws that made implementation extremely risky for both 
> senders and mailbox providers. There were a number of private efforts to move 
> email authentication forward. DMARC was only one of them. Some of those 
> private efforts were premised on a pay-to-play model. DMARC was premised on 
> creating an open standard that worked instead of a private club. A number of 
> the participants in DMARC.org were also active participants in the ADSP 
> discussions. We all learned from operational experience interacting through 
> private channels. The problems with ADSP and how to move past them were 
> certainly a point of discussion (in all the groups I participated in - how 
> could it not be?). The initial attempts were one-on-one pairs of senders and 
> receivers and it was very quickly realized that a standard way of 
> communicating and reporting was needed. ADSP never had reporting on the radar 
> screen and al!
 ignment with SPF wasn't a factor either.
>
>

The list of things DMARC does that ADSP doesn't in its appendix, is a trip down 
memory lane
of constraints that were placed on it by the against-it-before-they-were-for it 
set. True
SPF wasn't ever on its radar -- SPF has its own policy language, so nobody 
wanted to touch
that. And ARF was progressing at the time as it's own spec, so we weren't 
completely clueless
about its need. But instead of actually working to make a better spec at the 
time, we had an
author whose goal was to subvert it, and endless idiotic flamewars about what 
the actual name
of the draft should be as the main priorities. The really sad thing about this 
is that they pissed
away 6+ years due to the intrigue.

Mike


___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Barry Leiba]

I'm a bit late here; sorry: IESG telechat day, so things were very busy.

On Wed, Sep 11, 2013 at 9:41 PM, Michael Thomas  wrote:
> It doesn't help that ADSP's author actively wanted to subvert it.
>
> As far as I can tell, DMARC is warmed over ADSP with a different set of
> participants to claim credit for their original ideas.

Note well:

If anyone has technical comments, data collection, or any other stuff
that's relevant to the ADs' judgment of whether moving ADSP to
Historic status is the right thing, those comments are welcome here.

Comments about the people involved are not welcome, and will not be
tolerated.  On the IETF lists, I will be handing out 30-day
suspensions like travel-size toothpaste at a dentist's office in
response to further comments about who's asking for this, including
assertions of their motives, their qualifications, actions they did in
the past, or whatever.

Discussion of ADSP *ONLY*.  No discussion of DMARC.  No discussion of
people.  No snideness.  Just stop all that.

The only thing I will be considering, as this discussion proceeds and
as I analyze it, is what arguments have been made about ADSP, and
whether or not its spec should be classified as Historic.

Barry, Applications AD
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Murray S. Kucherawy]

On Thu, Sep 12, 2013 at 7:57 AM, Michael Thomas  wrote:

> The list of things DMARC does that ADSP doesn't in its appendix, is a trip
> down memory lane
> of constraints that were placed on it by the
> against-it-before-they-were-for it set. True
> SPF wasn't ever on its radar -- SPF has its own policy language, so nobody
> wanted to touch
> that. And ARF was progressing at the time as it's own spec, so we weren't
> completely clueless
> about its need. But instead of actually working to make a better spec at
> the time, we had an
> author whose goal was to subvert it, and endless idiotic flamewars about
> what the actual name
> of the draft should be as the main priorities. The really sad thing about
> this is that they pissed
> away 6+ years due to the intrigue.
>

I'm lost.  What's the purpose of this branch of the original thread, other
than venting old frustration and lobbing invective?

-MSK
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Barry Leiba]

> If anyone has technical comments, data collection, or any other stuff
> that's relevant to the ADs' judgment of whether moving ADSP to
> Historic status is the right thing, those comments are welcome here.
...
> Discussion of ADSP *ONLY*.  No discussion of DMARC.  No discussion of
> people.  No snideness.  Just stop all that.
>
> The only thing I will be considering, as this discussion proceeds and
> as I analyze it, is what arguments have been made about ADSP, and
> whether or not its spec should be classified as Historic.

I'd like to add that in order to keep the discussion from fragmenting,
I would prefer that all discussion of this happen on
.  I will keep watching this list as well, and
will try to consider comments made here, but it'll be easier on
everyone if there aren't separate discussions in two (or more) places.

Thanks,
Barry, Applications AD
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Michael Thomas]

On 9/12/13 12:10 PM, Murray S. Kucherawy wrote:
> On Thu, Sep 12, 2013 at 7:57 AM, Michael Thomas  > wrote:
>
> The list of things DMARC does that ADSP doesn't in its appendix, is a 
> trip down memory lane
> of constraints that were placed on it by the 
> against-it-before-they-were-for it set. True
> SPF wasn't ever on its radar -- SPF has its own policy language, so 
> nobody wanted to touch
> that. And ARF was progressing at the time as it's own spec, so we weren't 
> completely clueless
> about its need. But instead of actually working to make a better spec at 
> the time, we had an
> author whose goal was to subvert it, and endless idiotic flamewars about 
> what the actual name
> of the draft should be as the main priorities. The really sad thing about 
> this is that they pissed
> away 6+ years due to the intrigue.
>
>
> I'm lost.  What's the purpose of this branch of the original thread, other 
> than venting old frustration and lobbing invective?

That we pissed away 6 years for no good reason.

Mike
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Eliot Lear]

Dave,

On 9/12/13 1:52 AM, Dave Crocker wrote:
> Folks,
>
> Barry has agreed to sponsor the enclosed status change.
>
> He would like to see discussion formal request.
>
> (If you've already responded to my /in/formal query earlier today on
> the dmarc@ietf list, please now lodge any formal comments you wish to
> make on either of the two lists here.

I agree.  To my knowledge there has not been uptake and realistically
DMARC is meant to correct this.

Eliot
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Michael Thomas]

On 9/11/13 9:32 PM, Dave Crocker wrote:
> On 9/11/2013 6:41 PM, Michael Thomas wrote:
>> It doesn't help that ADSP's author actively wanted to subvert it.
>>
>> As far as I can tell, DMARC is warmed over ADSP with a different set of 
>> participants
>> to claim credit for their original ideas.
>
>
> I don't understand how these assertions are at all relevant to this thread, 
> nor the first at all within IETF participation guidelines.

Ho hum, Dave Crocker threatening to get me kicked off working groups again even
if the sentence doesn't actually make any sense.  It still doesn't alter the 
fact that
he was against it until he was for it.

Mike, credit grabbers, feh.
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Dave Crocker]

On 9/11/2013 6:41 PM, Michael Thomas wrote:
> It doesn't help that ADSP's author actively wanted to subvert it.
>
> As far as I can tell, DMARC is warmed over ADSP with a different set of 
> participants
> to claim credit for their original ideas.


I don't understand how these assertions are at all relevant to this 
thread, nor the first at all within IETF participation guidelines.

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[MH Michael Hammer (5304)]

> -Original Message-
> From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
> boun...@mipassoc.org] On Behalf Of Michael Thomas
> Sent: Wednesday, September 11, 2013 9:42 PM
> To: ietf-dkim@mipassoc.org
> Subject: Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617
> (ADSP) to Historic
> 
> On 9/11/13 6:15 PM, Murray S. Kucherawy wrote:
> > I also agree with this proposal.  I don't have much to add over the
> > text in the formal request; it lays out the case based on my
> > experience implementing DKIM and ADSP in open source.  I can also say
> that I have never encountered an operation that actively uses it, including
> current and previous employers.
> 
> It doesn't help that ADSP's author actively wanted to subvert it.
> 

You made that assertion when the working group was working on ADSP. I disagreed 
with John on a number of points at the time but I wouldn't call those 
differences of opinion an attempt on his part to subvert ADSP. Various folks 
compromised to get the spec out the door. I think that was perhaps because what 
happened with the MARID working group was in the back of people's minds. If I 
had a do-over I might not be so willing to compromise. It's water under the 
bridge.

> As far as I can tell, DMARC is warmed over ADSP with a different set of
> participants to claim credit for their original ideas.
> 

I think you need to look more closely. Many people realized very quickly that 
ADSP had significant flaws that made implementation extremely risky for both 
senders and mailbox providers. There were a number of private efforts to move 
email authentication forward. DMARC was only one of them. Some of those private 
efforts were premised on a pay-to-play model. DMARC was premised on creating an 
open standard that worked instead of a private club. A number of the 
participants in DMARC.org were also active participants in the ADSP 
discussions. We all learned from operational experience interacting through 
private channels. The problems with ADSP and how to move past them were 
certainly a point of discussion (in all the groups I participated in - how 
could it not be?). The initial attempts were one-on-one pairs of senders and 
receivers and it was very quickly realized that a standard way of communicating 
and reporting was needed. ADSP never had reporting on the radar screen and alig!
 nment with SPF wasn't a factor either. 

I haven't seen any of the DMARC participants thumping their chests seeking 
credit. I see folks from various organizations that needed to solve a problem 
and having seen positive results in a closed environment felt that an open 
solution was better than a closed one. As far as credit, J.D. Falk deserves 
mention for DMARC even though he didn't live to see it come to fruition. I'd 
like to think that J.D. is smiling somewhere at how far we have come. And yes, 
he was an active participant in the DKIM/ADSP effort among his many other 
anti-spam efforts..

Just a few thoughts. Apologies to anyone offended by ths trip down memory lane.

Mike

___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Tony Hansen]

This seems like a reasonable step to take.

Tony Hansen

On 9/11/2013 7:52 PM, Dave Crocker wrote:
> Folks,
>
> Barry has agreed to sponsor the enclosed status change.
>
> He would like to see discussion formal request.
>
> (If you've already responded to my /in/formal query earlier today on
> the dmarc@ietf list, please now lodge any formal comments you wish to
> make on either of the two lists here.
>
> d/
>
>
>  Original Message 
> Subject: Request to move RFC 5617 (ADSP) to Historic
> Date: Wed, 11 Sep 2013 16:09:14 -0700
> From: Dave Crocker 
> Organization: Brandenburg InternetWorking
> To: Barry Leiba ,  Pete Resnick
> 
>
> Folks,
>
> This is a formal request, to have DomainKeys Identified Mail (DKIM)
> Author Domain Signing Practices (ADSP) (RFC 5617) moved to Historic
> status.
>
> It has garnered almost no deployment and use, in the 4 years since its
> advancement to IETF Proposed Standard.
>
> In addition, newer work, DMARC, covers the same general email functional
> area and already has garnered quite a bit of deployment and use. Hence
> it will clarify things for the marketplace to remove standards status
> from the apparently-competing, but actually-useless ADSP specification.
>
> Today I sent a query to the MAAWG Technical committee and the IETF DMARC
> mailing lists, to assess support for the status change. Within only a
> few hours, I've already seen quite a few +1s, and no -1s.
>
> Thanks.
>
>
> d/
>

___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[John Levine]

>> This is a formal request, to have DomainKeys Identified Mail (DKIM) Author
>> Domain Signing Practices (ADSP) (RFC 5617) moved to Historic status.

I'm one of the authors, and I think it's a dandy idea.

Other than a few experiments and one or two impressive misfires, such
as one that bounced innocent bystanders off an IETF mailing list,
nobody's ever used it.

R's,
John
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Michael Thomas]

On 9/11/13 6:15 PM, Murray S. Kucherawy wrote:
> I also agree with this proposal.  I don't have much to add over the text in 
> the formal request; it lays out the case based on my experience 
> implementing DKIM and ADSP in open source.  I can also say that I have never 
> encountered an operation that actively uses it, including current and 
> previous employers.

It doesn't help that ADSP's author actively wanted to subvert it.

As far as I can tell, DMARC is warmed over ADSP with a different set of 
participants
to claim credit for their original ideas.

Mike

>
> -MSK
>
>
> On Wed, Sep 11, 2013 at 5:46 PM, Terry Zink  > wrote:
>
> I agree with this proposal.
>
> -- Terry
>
> -Original Message-
> From: apps-discuss-boun...@ietf.org 
>  [mailto:apps-discuss-boun...@ietf.org
> ] On Behalf Of Dave Crocker
> Sent: Wednesday, September 11, 2013 4:52 PM
> To: DKIM IETF WG; Apps Discuss
> Subject: [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic
>
> Folks,
>
> Barry has agreed to sponsor the enclosed status change.
>
> He would like to see discussion formal request.
>
> (If you've already responded to my /in/formal query earlier today on the 
> dmarc@ietf list, please now lodge any formal comments you wish to make
> on either of the two lists here.
>
> d/
>
>
>  Original Message 
> Subject: Request to move RFC 5617 (ADSP) to Historic
> Date: Wed, 11 Sep 2013 16:09:14 -0700
> From: Dave Crocker mailto:dcroc...@bbiw.net>>
> Organization: Brandenburg InternetWorking
> To: Barry Leiba  >,  Pete Resnick 
>  >
>
> Folks,
>
> This is a formal request, to have DomainKeys Identified Mail (DKIM) 
> Author Domain Signing Practices (ADSP) (RFC 5617) moved to Historic status.
>
> It has garnered almost no deployment and use, in the 4 years since its 
> advancement to IETF Proposed Standard.
>
> In addition, newer work, DMARC, covers the same general email functional 
> area and already has garnered quite a bit of deployment and use. Hence
> it will clarify things for the marketplace to remove standards status 
> from the apparently-competing, but actually-useless ADSP specification.
>
> Today I sent a query to the MAAWG Technical committee and the IETF DMARC 
> mailing lists, to assess support for the status change. Within only a
> few hours, I've already seen quite a few +1s, and no -1s.
>
> Thanks.
>
>
> d/
>
> --
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net 
> ___
> apps-discuss mailing list
> apps-disc...@ietf.org 
> https://www.ietf.org/mailman/listinfo/apps-discuss
> ___
> apps-discuss mailing list
> apps-disc...@ietf.org 
> https://www.ietf.org/mailman/listinfo/apps-discuss
>
>
>
>
> ___
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html

___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic

[Murray S. Kucherawy]

I also agree with this proposal.  I don't have much to add over the text in
the formal request; it lays out the case based on my experience
implementing DKIM and ADSP in open source.  I can also say that I have
never encountered an operation that actively uses it, including current and
previous employers.

-MSK


On Wed, Sep 11, 2013 at 5:46 PM, Terry Zink wrote:

> I agree with this proposal.
>
> -- Terry
>
> -Original Message-
> From: apps-discuss-boun...@ietf.org [mailto:apps-discuss-boun...@ietf.org]
> On Behalf Of Dave Crocker
> Sent: Wednesday, September 11, 2013 4:52 PM
> To: DKIM IETF WG; Apps Discuss
> Subject: [apps-discuss] Fwd: Request to move RFC 5617 (ADSP) to Historic
>
> Folks,
>
> Barry has agreed to sponsor the enclosed status change.
>
> He would like to see discussion formal request.
>
> (If you've already responded to my /in/formal query earlier today on the
> dmarc@ietf list, please now lodge any formal comments you wish to make on
> either of the two lists here.
>
> d/
>
>
>  Original Message 
> Subject: Request to move RFC 5617 (ADSP) to Historic
> Date: Wed, 11 Sep 2013 16:09:14 -0700
> From: Dave Crocker 
> Organization: Brandenburg InternetWorking
> To: Barry Leiba ,  Pete Resnick <
> resn...@episteme-software.com>
>
> Folks,
>
> This is a formal request, to have DomainKeys Identified Mail (DKIM) Author
> Domain Signing Practices (ADSP) (RFC 5617) moved to Historic status.
>
> It has garnered almost no deployment and use, in the 4 years since its
> advancement to IETF Proposed Standard.
>
> In addition, newer work, DMARC, covers the same general email functional
> area and already has garnered quite a bit of deployment and use. Hence it
> will clarify things for the marketplace to remove standards status from the
> apparently-competing, but actually-useless ADSP specification.
>
> Today I sent a query to the MAAWG Technical committee and the IETF DMARC
> mailing lists, to assess support for the status change. Within only a few
> hours, I've already seen quite a few +1s, and no -1s.
>
> Thanks.
>
>
> d/
>
> --
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net
> ___
> apps-discuss mailing list
> apps-disc...@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
> ___
> apps-discuss mailing list
> apps-disc...@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
>
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html