A new IETF working group has been proposed in the Applications Area. The IESG has not made any determination as yet. The following draft charter was submitted, and is provided for informational purposes only. Please send your comments to the IESG mailing list (iesg@ietf.org) by Tuesday, December 27, 2011 SPF Update (spfbis) ----------------------------------------- Status: Proposed Working Group Last Updated: 2011-12-09 Chair(s): TBD Applications Area Director(s): Pete Resnick <presnick@qualcomm.com> Peter Saint-Andre <stpeter@stpeter.im> Applications Area Advisor: Pete Resnick <presnick@qualcomm.com> Mailing Lists: General Discussion:spfbis@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/spfbis Archive: http://www.ietf.org/mail-archive/web/spfbis/ Description of Working Group: The Sender Policy Framework (SPF, RFC4408) specifies the publication of a DNS record which states that a listed IP address is authorized to send mail on behalf of the listing domain name's owner. SMTP servers extract the domain name in the SMTP "MAIL FROM" or "HELO" command for confirming this authorization. The protocol has had Experimental status for some years and has become widely deployed. This working group will revise the specification, based on deployment experience and listed errata, and will seek Standards Track status for the protocol. The MARID working group created two specifications for publication of email-sending authorization: Sender-ID (RFFC4405, RFC4406 and RFC4407) and SPF (RFC4408), with both having Experimental status. By using IP addresses, both protocols specify authorization in terms of path, though unlike SPF, Sender-ID uses domain names found in the header of the message rather than the envelope. The two protocols rely on the same policy publication mechanism, namely a specific TXT resource record in the DNS. This creates a basic ambiguity about the interpretation of any specific instance of the TXT record. Because of this, there were concerns about conflicts between the two in concurrent operation. The IESG Note added to each invited an expression of community consensus in the period following these publications. Both enjoyed initially large deployments. Broad SPF use continues, and its linkage to the envelope -- rather than Sender-ID's linkage to identifiers in the message content -- has proven sufficient among operators. This concludes the experiment. Changes to the SPF specification will be limited to the correction of errors, removal of unused features, addition of any enhancements that have already gained widespread support, and addition of clarifying language. The working group will also produce a document describing the course of the SPF/Sender-ID experiment (defined in the IESG note on the RFCs in question), bringing that experiment to a formal conclusion. No other work on Sender-ID will be done. Finally, the working group will develop the proposed "scope" extension found in draft-mehnle-spfbis-scope. Specifically out-of-scope for this working group: * Revisiting past technical arguments that were covered in the MARID working group, except where review is reasonably warranted based on operational experience. * Discussion of the merits of SPF. * Discussion of the merits of Sender-ID in preference to SPF. * Extensions to SPF other than the one specified above. The working group will re-charter to process other specific proposed extensions as they are identified. The initial draft set: draft-kitterman-4408bis draft-mehnle-spfbis-scope Goals and Milestones: MMM YYYY: A standards track document defining SPF, based on RFC4408 and as amended above, to the IESG for publication. MMM YYYY: A document describing the SPF/Sender-ID experiment and its conclusions to the IESG for publication. MMM YYYY: A standards track document creating the "scope" extension to the IESG for publication. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
