Paul, MARID was formed to merge Microsoft Caller-ID with SPF and so far has been successfully used by Microsoft to bully us to submit to their own proposal or else ... There are better ways to implement mail-from (i.e. as from Paul's draft which is basicly still the basis for MARID) which would not require reusing TXT records, nor is it totally clear that Mail-from is what we actually need to protect, it is being done under pretese of anti-spam measures but the reality shows that it will most likely have minimum effect as its far too easy for spammers to adapt to it anyway. There are however good reasons to have MARID as IETF WG anyway and hopefully the worst ideas implementation details can be stopped and new ideas discussed in the future if the group is extended. Yahoo is different proposal which has nothing to do with MARID and is being discussed at the ASRG. It is basicly a header containing a signature added to mail message that signs the content (including headers) with public key encryption and with public key available in DNS to verify the signature at the other end. The idea is not new and its a good idea, but yahoo's implementation is just bad and I think it breaks far too many things (it breaks with almost all maillists) and offers security that is too weak because its based on 348-bit key size. It should have been done different by reusing most likely PGP implementation but with message signed by MTAs and public key available through dns and if necessary being split into multiple dns records to have each at < 512k. On Thu, 27 May 2004, Paul Vixie wrote: > > > ... <HREF="http://sa.vix.com/~vixie/mailfrom.txt";>MAIL-FROM</A>. > > > > I do not see a draft in the ietf process anyplace . Was this > > ever submitted ? I do notice that several of the other > > proposal's make mention of this work , But in none of them do > > they mention it as a draft or other ietf work . > > there was no working group where it was appropriate at the time it was > written. i've sent it to every one of the dozen people who have asked > me to review some similar, and usually ill considered thing. i've also > sent it to several spam-related and dns-related mailing lists, including > this one (ietf@). > > > Any plans to submit it as a draft . Tia , JimL > > MARID is basically a layer 9 exercise, uninterested in engineering as > such. it was formed to merge two ill considered ideas, one from yahoo > and one from microsoft, in a way that would cause either no loss of face, > or equal loss of face, for those two parties. the people who submit > their own ideas to it are wasting their time. > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www1.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf