On July 16, 2014 12:55:00 AM EDT, Dave Crocker <dhc@xxxxxxxxxxxx> wrote: >On 7/15/2014 8:55 PM, Scott Kitterman wrote: >> I think, despite all your assertion by distant authorities, it may be >that >> something involving U/I requirements (not design, I agree that's out >of scope) >> may be part of the least bad solution we have to the problems the WG >is going >> to be chartered to solve. > > >1. What sort of 'proximity' do you require, before you can be swayed by >authoritative information? > >2. By 'least bad', it appears that you mean it is ok to standardize >something that is known not to work, to the extent that the end user is >expected to be part of the decision process. > DMARC is already fielded and being standardized. Much of the work of this WG is about mitigating the side effects of this. So in this case, least bad solution still wins (which may be write a BCP and declare victory, I don't know). DMARC itself is already known not to work for common standard mail flows. This is an effort that is devoid of solutions that don't have at least some significant downside. The working group is going to have to figure out which downside hurts the least. Scott K