On Monday 19 October 2009 12:18:04 John Levine wrote:
> >The point here, I suppose, is that forwarders that are meant to
> >forward ... while forwarders that are meant to fan out to multiple
> >recipients ... should get different advice.
>
> This is the mailing list advice that I strongly suggest
Hey Dave,
On Monday 19 October 2009 12:22:20 Dave CROCKER wrote:
> Barry Leiba wrote:
> > I suggest that ADSP-compliant mailing lists should be
> > advised to reject "discardable" messages whether or not they will be
> > breaking the signature.
>
rejection is really only needed if they break
>> This is the mailing list advice that I strongly suggest we NOT attempt
>> to provide at this point.
> strongly disagree. Filtering early is more likely to pickup signature
> breakage and protect the down stream recipient. Its more likely to
> reject back to the sender if they configured stuff
On Monday 19 October 2009 02:54:47 Barry Leiba wrote:
> Coming back to this: I've still seen very little direct input on the
> charter proposal. JD likes it. Dave made some specific comments,
> which I responded to; there've been no other comments on what Dave's
> said. There've been no other sp
> This is the mailing list advice that I strongly suggest we NOT attempt
> to provide at this point.
...
> there are a lot of other opinions and we won't know what works until
> we have some actual experience.
Geez, and here this is what I've been saying, and I got sucked into
the speculation anyw
Barry Leiba wrote:
> I suggest that ADSP-compliant mailing lists should be
> advised to reject "discardable" messages whether or not they will be
> breaking the signature.
Yes, this is a reasonable idea.
The question is whether it is the /right/ idea.
Another reasonable idea is that the m
>The point here, I suppose, is that forwarders that are meant to
>forward ... while forwarders that are meant to fan out to multiple
>recipients ... should get different advice.
This is the mailing list advice that I strongly suggest we NOT attempt
to provide at this point. All these arguments ab
>> That seems sensible to me. So lists should not forward email that they're
>> about to render 'discardable' by breaking the signature. Instead, they
>> should reject (5xx) or bounce (DSN) the message. Presumably, a bank wants
>> to know if it has a bad email address for a customer.
>
> Yep.
>
>>
Barry Leiba wrote:
>> Namely, codify the existing specification and specifically adding
>> simple text that imply:
>>
>>Forwarders SHOULD|MUST NOT break ADSP domain messages.
>>
>> or
>>
>>Forwarders SHOULD|MUST take into account ADSP Domains
>>before stripping and resigning or signin
> I'm going to re-iterate my point for this perspective. We do not yet have
> a broad experience base with deployment of DKIM by large, heterogeneous
> organizations. This is a hard problem for them because they first have to
> get their outbound mail architecture under control.
>
> My view is th
>> > * Advance the base DKIM protocol (RFC 4871) to Draft Standard.
>
> The base DKIM protocol is updated by RFC 5672. In my opinion RFC
> 4871 cannot be advanced to Draft Standard status without RFC 5672.
As Stephen says, the intent has always been to roll 5671 into 4871.
That was one reason we
> (shaking head)
No need to do that, nor say that.
> Is there a reason why my suggestions are off the table?
>
> Namely, codify the existing specification and specifically adding
> simple text that imply:
>
> Forwarders SHOULD|MUST NOT break ADSP domain messages.
>
> or
>
> Forwarders SHOU
On Oct 18, 2009, at 1:52 PM, Scott Kitterman wrote:
> On Sun, 18 Oct 2009 11:54:47 -0400 Barry Leiba
> wrote:
>> Some have opined that it's even too early to consider taking the base
>> DKIM protocol to Draft Standard; let's make sure we have consensus on
>> that point, one way or the other.
>>
> If receivers are afraid senders will follow the Thomas interpretation,
> and say "dkim=all" despite posting to mailing lists that break their
> signatures, they will not act on "dkim=all".
>
> If senders are afraid receivers will follow the Levine interpretation,
> rejecting broken signatures at
On Sun, 18 Oct 2009 11:54:47 -0400 Barry Leiba
wrote:
>Some have opined that it's even too early to consider taking the base
>DKIM protocol to Draft Standard; let's make sure we have consensus on
>that point, one way or the other.
>
I'm going to re-iterate my point for this perspective. We do no
I concur with the plan to advance DKIM to draft standard. It's not
clear to me as a matter of IETF politics whether we can advance
4871+5672 as a unit to draft standard, or if it's mandatory to make
another pass and turn them into one document. I'd rather avoid that
pass if at all possible since
SM wrote:
> At 08:54 18-10-2009, Barry Leiba wrote:
>
>>> * Collect data on the deployment and interoperability of the
>>>Author Domain Signing Practices protocol (RFC 5617), and
>>>determine if/when it's ready to advance on the standards track.
>>>Update it at Proposed Standard or a
SM wrote:
>>> The working group is now ready to switch its focus to refining and
>>> advancing the DKIM protocols. The current deliverables for the
>>> DKIM working group are these:
>>>
>>> * Advance the base DKIM protocol (RFC 4871) to Draft Standard.
>
> The base DKIM protocol is updated
At 08:54 18-10-2009, Barry Leiba wrote:
>Coming back to this: I've still seen very little direct input on the
[snip]
> > The previously chartered deliverables for the DKIM working group
> > have been completed:
There has been a lot of discussion of these deliverables after the
RFCs were publi
On Sun, 18 Oct 2009, Barry wrote:
> Now we're talking about the "Thomas
> interpretation" and the "Levine interpretation", and I posit that it
> doesn't matter, at this point, whether they have different
> interpretations (actually, I like John's most recent post on that),
> and we won't know who's
Barry Leiba wrote:
> Coming back to this: I've still seen very little direct input on the
> charter proposal. JD likes it. Dave made some specific comments,
> which I responded to; there've been no other comments on what Dave's
> said. There've been no other specific proposals for changes to th
Coming back to this: I've still seen very little direct input on the
charter proposal. JD likes it. Dave made some specific comments,
which I responded to; there've been no other comments on what Dave's
said. There've been no other specific proposals for changes to the
text.
Franck suggested ga
Allow me to give a little summary, if I may.
I see at least the following arguments about ADSP in the conversation
of the last couple of weeks:
- ADSP is of no use at all.
- ADSP will entirely stop spoofing, if it's widely adopted.
- ADSP will partially stop spoofing / make it harder to spoof.
- A
On 10/17/2009 08:36 PM, hector wrote:
> This this mean, if I read you and thomas right, DKIM=ALL means 3rd
> party signers are possible without valid 1st signatures?
Manifestly this is possible. "All" just says what the author's sender
does as a matter of policy/practice. It can't build an electri
On Sat, 17 Oct 2009, hector wrote:
> I don't quite understand your suggestion. Who is creating this
> DKIM=except-mail ADSP++ record? The Author Domain or the Mailing list
> Server?
The header From: domain, as always.
> Who owns, creates, maintains, updates this Global White List you speak
> of?
25 matches
Mail list logo