Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF)
Note: This ballot was opened for revision 13 and is now closed.
Barry Leiba Yes
(Pete Resnick) Yes
(Ron Bonica) No Objection
(Stewart Bryant) No Objection
Benoit Claise (was Discuss) No Objection
Thanks for addressing my points
(Ralph Droms) No Objection
(Wesley Eddy) No Objection
(Adrian Farrel) No Objection
Comment (2012-04-25 for -15)
Forgive me, but doesn't section 8.2 say that forged abuse reports constitue a real problem and the two mechanisms available to protect against them may result in genuine abuse reports being discarded? Is the message here "chosse which you think might be the least worse problem" or is it "you should use DKIM and SPF, but be aware that you may lose some genuine reports"? I would have liked some clarification as to which message is being sent.
Stephen Farrell No Objection
Comment (2012-04-23 for -14)
Just a bunch of nitty comments. Feel free to take 'em or leave 'em. 5.1 (1) - this has a MUST but there's no well-defined/standard way to satisfy the MUST, maybe make that an "ought"? 5.1 (2) - I think you mean that "they think will" pass SPF/DKIM checks, since they can't be sure 5.2 (1) - "the receiver" is a bit ambiguous in the 1st sentence, maybe s/the receiver/the report receiver/? (Or if handling is expensive for both, then maybe say that.) 5.3 (1) - what does "SHOULD make" mean? Same comment as above for use of SHOULD when there's no standard way to do it, i.e. maybe s/SHOULD/ought/ 5.5 (1) - is "bulk senders" at the end here ambiguous? I read it as referring to the sender of the message(s) that triggered the report. 6 - what is a "smaller" AS or use-case? Do you mean fewer people will do this or that its simpler? 6 - point (3), is the "MUST be constructed" there right? If everything needed to satisfy this MUST is later in point 3, then you could say "MUST be done as stated below" - as is, this looks like there's something else needed to satisfy the MUST but you don't say what. 8.3 - this is a little terse, maybe point back at those recommendations or say a bit more? 8.4 - might be better to say "larger volumes or higher frequency" 8.5 - I guess this means that report receivers ought not react to missing reports as if something was wrong. Not sure if that's worth noting explicitly or not.
Brian Haberman No Objection
Comment (2012-04-25 for -14)
Thanks for addressing my comments.