On 4/10/2014 10:47 AM, Jim Fenton wrote:
On 04/10/2014 06:16 AM, Pierre-Alain Dupont wrote:
After reading a few articles like
http://thehackernews.com/2014/04/yahoos-new-dmarc-policy-destroys-every.html,
I came to wonder as to why a soon-to-be standardized project came to
on purpose break a huge part of the reality of today's emails.
This highlights one of the issues with the IETF publication process:
many people assume that anything with an RFC number is an IETF standard.
It was my understanding from Murray's message of March 26 that DMARC was
being considered as an informational RFC, which of course is not a standard.
Over the months there has been a variety of paths considered for the
DMARC base spec. Someone thinking that it's intended for standards
status isn't necessarily "misunderstanding"; they might merely not be
current.
More broadly: I'm not an expert on IETF publication criteria, but I
hope that, especially given this confusion, controls are in place to
protect against the publication of informational RFCs that might be
harmful in some respect.
1. The confusion some people have about the meaning of RFC vs. IETF
'standard' is irrelevant to the current discussion. Yes, some people
are confused. But as often as it gets cited over the years, it has
never been demonstrated to cause real problems of any significance.
2. Publication of Informational RFCs submitted through the "Independent
" stream -- which is independent of the IETF-managed stream -- is not
based on the sorts of content control you postulate. Nor should it be.
The kinds of control in place are roughly the same as they've been
forever and, again, while some such documents cause some people
discomfort, it, too, has not been demonstrated to cause serious problems.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
