Purported Responsible Address in E-Mail Messages
RFC 4407

Note: This ballot was opened for revision 01 and is now closed.

(Ted Hardie; former steering group member) Yes

Yes ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Allison Mankin; former steering group member) No Objection

No Objection (2005-02-03 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
It seems like a good idea to for this work to have documents for experimental
deployment.

Is it worth adding references to some documents about remedies in the 
Security Considerations of senderid-core (specifically to how TCPs decrease
risks of blind insert attacks and to the ingress filtering RFC, and to the DNSSEC
spec)?

(Bert Wijnen; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Brian Carpenter; former steering group member) No Objection

No Objection (2005-05-20)
No email
send info
I have followed Harald's lead = no objection

(Harald Alvestrand; former steering group member) No Objection

No Objection (2005-02-03 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Reviewed by Scott Brim, Gen-ART. I fully agree with his comment that "no objection would be useful now", whether one parses "no objection" as a reference to a type of ballot or not.....

His review:

No objection would be useful now, but one question in case you feel
like bringing it up.  
RFC2821 exchanges are limited to us-ascii.  That limits responsible
submitter etc. in a way that is kind of last-millennium.  There are
schemes for supporting UTF-8, but they are not mentioned in these
drafts (nor are they on standards track afaik).  That might be okay
but the *issue* isn't even mentioned.  If I had my way I would at
least include a statement that 2821 as it stands needs to be extended
to support internationalized names and addresses for schemes that use
it (2821) to be adequately useful.

There are a couple id-nits which will disappear when it goes to RFC.

(Margaret Cullen; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Mark Townsley; former steering group member) No Objection

No Objection ()
No email
send info

(Russ Housley; former steering group member) (was Discuss) No Objection

No Objection (2005-06-20)
No email
send info
  draft-lyon-senderid-core-00 sepcifies SPF version 2.  The title should
  reflect this fact.

  Does draft-lyon-senderid-core-00 obsolete the SPF version 1 document?

(David Kessens; former steering group member) (was Discuss) Abstain

Abstain ()
No email
send info

(Sam Hartman; former steering group member) (was Discuss) Abstain

Abstain (2005-05-25)
No email
send info
I cannot support publication of this ballot because I believe that the
conflicting use of the spf1 records between this proposal and the SPF
proposal is harmful to the Internet.  Particularly given that there
was marid wg consensus on this point I'm unwilling to block
publication over this issue although I understand others may.

(Scott Hollenbeck; former steering group member) (was Discuss, No Objection) Abstain

Abstain (2005-06-15)
No email
send info
(Moving my discuss to a comment to maintain a record of it.)

The Sender ID specifications currently reference draft-lentczner-spf-00.  That draft has been superceded by draft-schlitt-spf-classic-00.  There are some significant differences between the two SPF drafts that might require mods to the Sender ID drafts to preserve older functionality:

1.  When the domain name is malformed or when the DNS query returns "non-existent domain",  the Schlitt draft now requires receivers to perform a second DNS query at the "zone cut" in order to find an SPF record.  When doing the PRA check, the Sender ID drafts specify an immediate "fail."  The second DNS query is not needed and can be addressed via an amendment to draft-lyon-senderid-core-00 in order to preserve the currently specified behavior.

2.  The Schlitt draft makes a second DNS query at the zone cut mandatory whenever an SPF record for the domain is not found on the first DNS query.  The reliability and/or utility of such a check is debatable.  In the case of the PRA check, it would appear to require additional DNS queries in very many cases for questionable benefit.  draft-lyon-senderid-core-00 could be amended to state that a second query at the zone cut is OPTIONAL when performing a PRA check.

References etc. will need to be cleaned up as well.