A Reputation Response Set for Email Identifiers
draft-ietf-repute-email-identifiers-10
Yes
(Pete Resnick)
No Objection
(Adrian Farrel)
(Brian Haberman)
(Gonzalo Camarillo)
(Jari Arkko)
(Joel Jaeggli)
(Martin Stiemerling)
(Sean Turner)
(Spencer Dawkins)
(Stewart Bryant)
Note: This ballot was opened for revision 09 and is now closed.
Pete Resnick Former IESG member
Yes
Yes
(for -09)
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
(for -09)
Unknown
Barry Leiba Former IESG member
(was Discuss)
No Objection
No Objection
(2013-09-11 for -09)
Unknown
This document registers an item in a registry that is not yet created, but that requires expert review (via specification required). Changing my DISCUSS on the creating document to clarify that it's not necessary for IETF consensus RFCs.
Benoît Claise Former IESG member
No Objection
No Objection
(2013-09-09 for -09)
Unknown
See https://datatracker.ietf.org/doc/draft-ietf-repute-model/ballot/#benoit-claise That document also defines a media type to contain a reputon for transport, and also creates a registry for reputation applications and the interesting parameters of each. This should be: for a reputation application. Right? Since the reputons are valid for a single application.
Brian Haberman Former IESG member
No Objection
No Objection
(for -09)
Unknown
Gonzalo Camarillo Former IESG member
No Objection
No Objection
(for -09)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -09)
Unknown
Joel Jaeggli Former IESG member
No Objection
No Objection
(for -09)
Unknown
Martin Stiemerling Former IESG member
No Objection
No Objection
(for -09)
Unknown
Richard Barnes Former IESG member
No Objection
No Objection
(2013-09-11 for -09)
Unknown
There appears to be a stray ">" character in "abusive". There appears to be a stray ")" character in "spf".
Sean Turner Former IESG member
(was Discuss)
No Objection
No Objection
(for -09)
Unknown
Spencer Dawkins Former IESG member
No Objection
No Objection
(for -09)
Unknown
Stephen Farrell Former IESG member
No Objection
No Objection
(2013-09-09 for -09)
Unknown
What's the ">" in 3.1, definition of abusive?
Stewart Bryant Former IESG member
No Objection
No Objection
(for -09)
Unknown
Ted Lemon Former IESG member
No Objection
No Objection
(2013-09-10 for -09)
Unknown
From 3.2:
rfc5321.helo: The RFC5321.Helo value used by the (see [SMTP])
client
rfc5321.mailfrom: The RFC5321.MailFrom value of the envelope of
the message (see [SMTP])
rfc5322.from: The RFC5322.From field of the message (see [MAIL])
Given that these data are not validated except in the case where SPF is used, it seems like a bad idea to maintain statistics on them. The fact that someone is joe-jobbing me does not mean that my email address is meaningfully associated with spam, but it'll sure look like that given the way reputations are calculated.
If you want to retain these, you ought to mention the security problems associated with them in the security considerations section, but I really question the validity of using them at all. They are certainly useful in combination with other information on a per-message basis, but I don't see how that can work with the repute data model.