On 6/8/2014 1:00 PM, Stephen J. Turnbull wrote:
Phillip Hallam-Baker writes:
> NNTP was designed 30 years ago. We should consider moving on.
> The modern protocol world is JSON/REST
That's off-topic for this list, IMO, and I don't intend to discuss it
unless the moderator(s) make clear that it is on-topic.
What I believe is on-topic is that several people participating in
development of DMARC-related standards have expressed concern about
the impact on mailing lists.
Stephen, Phillip is spreading synergism.
For example, it wouldn't be off-topic if someone proposed a DMARC
callout mechanism based on JSON/REST (API) wire. It will be viewed as
a technological competitive alternative to using a DNS-based mechanism
directly. It might access a different backend database or just as API
wrapper on top of a DNS API already and serves as a tool for web-based
client development.
The IETF DNS community do consider to things, especially with the
growth of DNS TXT-based applications. There are many network and
system level design considerations. In this vain, Phillip was 100%
on-communications-par.
There's no question that "p=reject" is a
knife at our throats, because much of the value-added of Mailman-style
lists to end users is in the "decoration" added to posts, and I have
yet to see anyone (except Franck Martin) say on the Mailman channels
that From-corruption is completely acceptable.
To express how strong I feel about this....
If there is a charter for a new DMARC WG work, you can bet I will
request that any form of 5322.From-Corruption concept be considered
OFF TOPIC and OUT OF SCOPE in the new WG charter except to be aware of
intentional From-Corruption is to be considered a new security exploit
and threat to be mitigated. And for the record, I will also appeal any
IETF work that begins to suggest From-Corruption concepts as a means
to bypass security protocols. I will appeal it.
If the idea includes getting permission, thats less damaging, but
still bad. Not as a solution to the problem that comes about by not
even doing a lookup. See below.
All mitigations
proposed so far are deeply unpopular with our users (list operators),
as well as with the developers. Nor is it clear that any standard for
third party authentication will be approved at all, let alone adopted
widely by Author Domains in good time.
Thats a different problem and your frustration is well understood. But
the proposals were not the problem. Forget 3rd party concepts for the
moment, you gotta accept the idea that you even want to do a LOOKUP.
Are you ready to do a LOOKUP?
There are two basic ML implementations problems here:
1) Doing a LOOKUP,
2) Honoring the Lookup record protocol semantics.
For the ML, it hasn't even gotten to the idea of a lookup and it
really doesn't have to do it directly, but whatever is receiving our
mail has to do the lookup. We can make it work for our MLS and MDA
because our MLS will create an acceptable list addresses text file.
So we can add a script at the MDA to check this list and do any
restriction checks. Does your setup allow for scripting at the MDA level?
The mention of Usenet suggested a completely "out of the box" way to
sidestep DMARC impact by avoiding SMTP entirely, using NNTP as an
alternative transport.
No, as an existing Client Portal with an offline mail reader or
browser with a web-view of mail conferences. The network transport is
still SMTP.
Again, Synergy!! Our NNTP server allows you to gate a mailing list.
news://publicnews.winserver.com/ietf-drafts
or the mailing list for SPF:
news://publicnews.winserver.com/spf.-.sender.policy.framework.discussion
news://publicnews.winserver.com:119/spf.-.sender.policy.framework.help
I don't remember if the above actually allows anonymous news readers.
Synergy. I could, if wanted to to satisfy Frank's MUA change proposal,
show a NNTP backend generated text change to any of the 5322 display
headers or even the body.
(Development of a new "modern" transport is completely out of the
question for us; we have neither the skills nor the resources.)
Good point, so its only off-topic for GNU Mailman. It doesn't make it
off-topic for others. I am not suggesting NNTP or JSON/REST as part
of the solution. We are still at baby steps here of just doing a
lookup.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
