Re: Last Call: Change the status of ADSP (RFC 5617) to Historic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/3/2013 11:11 AM, Scott Kitterman wrote:


Alessandro Vesely <vesely@xxxxxxx> wrote:
On Wed 02/Oct/2013 16:52:38 +0200 John Levine wrote:
The IESG has received a request from an individual participant to
make
the following status changes:

- RFC5617 from Proposed Standard to Historic

The supporting document for this request can be found here:

http://datatracker.ietf.org/doc/status-change-adsp-rfc5617-to-historic/

I'm one of the authors of this RFC and support the change.

ADSP was basically an experiment that failed.  It has no significant
deployment, and the problem it was supposed to solve is now being
addressed in other ways.

I oppose to the change as proposed, and support the explanation called
for by John Klensin instead.  Two arguments:

1)  The harm Barry exemplifies in the request --incompatibility with
    mailing list posting-- is going to be a feature of at least one
    of the other ways addressing that problem.  Indeed, "those who
    don't know history are destined to repeat it", and the explanation
    is needed to make history known.

2)  A possible fix for ADSP is explained by John Levine himself:
    http://www.mail-archive.com/ietf-dkim@xxxxxxxxxxxx/msg16969.html
    I'm not proposing to mention it along with the explanation, but
    fixing is not the same as moving to historic.  It seems that it
    is just a part of RFC 5617, DNS records, that we want to move.

That's not a fix for ADSP. It's an alternative to it.

ADSP failed. It's time to move on.

Scott K

For DKIM/ADSP investors (folks who put the $$$ into it and got on board with the IETF for this DKIM support effort), thats really not an acceptable answer. What are we moving on to, DMARC? Its the same issue, or is the suggestion that Mailing List Services or middleware will support DMARC to help protect DKIM signatures from 3rd party abuses?

ADSP did not fail if the same proof of concepts is going to be repeated with DMARC. As Alessandro stated, we are merely switching _ADSP to _DMARC zone records with new but similar SOFT (relaxed) vs HARD (restrictive) rejection policies and handling rules. The same ones that MLS (Mailing List Services) will have to support as well. Its no different than ADSP.

Now, what it does say is that DKIM itself is a weaker protocol. There will no longer be any marketing value for protecting DKIM signatures, even if its only in IETF theory. No value to compare what a DOMAIN wanted with its signatures and no protection from abuse whatsoever.

I would say this, if this ADSP historic request was done before the DKIM request to change to Internet Standard a few months ago, I would of not supported the IS change for DKIM.


--
HLS






[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]