Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Barry,
At 07:16 17-07-2014, Barry Leiba wrote:
I don't se how that conflict review has anything to do with this at
all.  That conflict review response was about congestion issues that
might be caused by the protocol itself, and had nothing to do with any
protocol parameter assignments.

Ok.

The IANA Considerations section requests assignments into two "Expert
Required" registries and one "Specification Required" registry.  Those
registration policies exist *specifically* to allow registrations from
non-IETF documents, and they've been used many times for that.  The
DMARC base document certainly doesn't have to be sent to the IESG for
*that* reason.

The requests in Section 16.1 and Section 16.2 are for "Expert Required" assignments. The request in Section 16.3 is for a "Specification Required" assignment. Section 16.4 requests the creation of a registry where assignments require "IETF Review".

As to the conflict of interest with respect to the designated experts,
1. I already plan to ask a stand-in reviewer, who does not have a
conflict, to serve as an expert for this document,
2. the IESG has already discussed that point informally, and thinks
that's a fine thing for cases such as this, where all the DEs are
closely involved with the document that's requesting registration, and
3. I've put text into the 5226bis proposal (which should be going into
last call any time now) to deal with this situation.

See <https://datatracker.ietf.org/doc/draft-leiba-cotton-iana-5226bis/>,
the penultimate paragraph of Section 5.2.

Do you really think we're not on top of a situation such as this?

I did a quick verification before writing this and I found that the following domains advertise a DMARC policy:

  bankofamerica.com
  chase.com
  facebook.com
  gmail.com
  linkedin.com
  microsoft.com
  paypal.com
  yahoo.com

There was a DMARC BoF last year ( http://www.ietf.org/mail-archive/web/dmarc/current/msg00307.html ). There was a lot of discussion on ietf@xxxxxxxx in April ( http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html ). I wouldn't describe the situation with respect to DMARC as the IESG being proactive [1] given that there is probably significant deployment of the protocol. Please note that I am not basing my opinion solely on the eight domains mentioned above.

Why would that happen?  If it does, that'd be due to a problem between
IANA and the ISE, and such a problem hasn't happened yet.

Please see Section 16.4 of the base specification. As far as I am aware there hasn't been any problem between the IESG and the ISE regarding the registry assignments. I don't think that the IESG would be okay with the creation of an IETF registry without IETF Review. I don't know whether the IESG has discussed that point. My suggestion (in April) was to discuss about all that with the Application Area Directors.

What appears arbitrary to you?

That was a comment based on my experience [2] in a previous (IETF) working group.

What, exactly has that impact?  And what does this have to do with the IAB?

In my opinion, if the IESG is okay with the creation of protocol parameter registries without IETF Review in this case it would impact on other such cases. I wrote "IAB mailing list" as Dave Crocker and I have commented on that mailing list during the discussion about (IETF) protocol parameters. If I had written "IAB" I would not be identifying the venue where the discussion [3] took place.

What is the way forward?  Seriously, I don't know.

Regards,
S. Moonesamy

1. (Of a person or action) creating or controlling a situation rather than just responding to it after it has happened. 2. http://www.ietf.org/mail-archive/web/yam/current/msg00655.html (I like the humour :-)) 3. The thread starts at http://www.iab.org/mail-archive/web/internetgovtech/current/msg00447.html




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]