It appears that Nick Hilliard <nick@xxxxxxxxxx> said: >> It seems like, these days, all people do is promulgate broken mechanisms >> (e.g., DMARC), in the name of blocking resource sharing & collaboration >> - bringing us back to the days of a walled gardens and closer to the >> days of the Tower of Babel, at the same time no less. And they do it, >> largely, by going around IETF processes entirely. > >the issue is not whether this is true, but how it is presented to people >who stumble on the same blocks that we stumbled on when we started. DMARC is an interesting example. As originally designed and implemented, it was a reasonable approach to a real problem, phishing mail that impersonates famous brands, notably Paypal. Unfortunately a few years later it was repurposed by AOL and Yahoo, after they each let crooks steal their users' address books, to outsource the costs of spam they were getting with mail "from" their own users. I suppose it was inevitable in retrospect that someone would do that but I know I was not the only one who was surprised when they did, and particularly that Yahoo did it in full knowledge that it would screw up every discussion list to which their users were subscribed. Many of the people who designed DMARC were and are active in the IETF, but I don't blame them for not doing it here because they'd be overrun with people who have no idea what the issues are in running large mail systems and would just say it's broken, go away. I am certainly not saying that DMARC is wonderful, and the band-aid ARC that is intended to fix some of the mailing list issues is rolling out much too slowly, but doing nothing was and is not an option. R's, John
