Requirements for a DomainKeys Identified Mail (DKIM) Signing Practices Protocol
draft-ietf-dkim-ssp-requirements-05
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
05 | (System) | post-migration administrative database adjustment to the No Objection position for Lars Eggert |
2007-09-07
|
05 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2007-09-07
|
05 | Amy Vezza | IESG state changed to Approved-announcement sent |
2007-09-07
|
05 | Amy Vezza | IESG has approved the document |
2007-09-07
|
05 | Amy Vezza | Closed "Approve" ballot |
2007-09-07
|
05 | Amy Vezza | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Amy Vezza |
2007-09-07
|
05 | (System) | IANA Action state changed to No IC from In Progress |
2007-09-07
|
05 | (System) | IANA Action state changed to In Progress |
2007-08-20
|
05 | Lars Eggert | [Ballot Position Update] Position for Lars Eggert has been changed to No Objection from Discuss by Lars Eggert |
2007-08-15
|
05 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2007-08-15
|
05 | (System) | New version available: draft-ietf-dkim-ssp-requirements-05.txt |
2007-07-20
|
05 | (System) | Removed from agenda for telechat - 2007-07-19 |
2007-07-19
|
05 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
2007-07-19
|
05 | Russ Housley | [Ballot comment] From Gen-ART Review by Vijay K. Gurbani. The introduction does a good job of introducing the problem for which the requirements … [Ballot comment] From Gen-ART Review by Vijay K. Gurbani. The introduction does a good job of introducing the problem for which the requirements are being sought. Having said that, a few nits follow primarily to improve readability of the draft. 1) S1, consider rewriting as follows to impart more clarity: OLD: This ambiguity can be used to mount a bid down attack which is inherent with systems that allow optional authentication like email NEW: This ambiguity can be used to mount a bid-down attack that is inherent with systems like email, which allow optional authentication 2) S3, consider rewriting as follows to impart more clarity: OLD: This section tries to outline some usage scenarios that it is expected that DKIM signing/verifying will take place in, and how a new protocol might be helpful to clarify the relevance of DKIM signed mail. NEW: This section outlines expected usage scenarios where DKIM signaling/verifying will take place, and how a new protocol might help to clarify the relevance of DKIM-signed mail. 3) S3.1, second paragraph: consider rewriting as follows to impart more clarity: OLD: Thus the receiver is at a disadvantage in that it does not know if it should ... NEW: Thus, the receiver is at a disadvantage in not knowing whether it should ... 4) S3.2, list item 3: The first sentence consists of two fragments joined by a "but". It would be more appropriate to join them by the phrase ", and furthermore". The second fragment does not contradict the first, thus the "but" appears anomalous. 5) S5.1, list item 4: Missing closing ']' in "Refs:..." 6) S5.2, list item 3: s/ala/a la/ |
2007-07-19
|
05 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
2007-07-19
|
05 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
2007-07-19
|
05 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2007-07-19
|
05 | Lisa Dusseault | [Ballot comment] The difference between scenario 1 and scenario 2 in section 3 depends on "A" being able to effect a difference in whether or … [Ballot comment] The difference between scenario 1 and scenario 2 in section 3 depends on "A" being able to effect a difference in whether or not its signatures get invalidated on transit. Shouldn't there be a reference to how this is possible for A to influence? Section 5, introduction to this section: I can't understand how "the candidate protocol" for SSP and SSP must both meet the same requirements if they're different things. I think this could be much clearer. Generally there needs to be a better distinction between "SSP" and "the protocol". |
2007-07-19
|
05 | Lisa Dusseault | [Ballot Position Update] Position for Lisa Dusseault has been changed to Abstain from Discuss by Lisa Dusseault |
2007-07-19
|
05 | Lisa Dusseault | [Ballot Position Update] New position, Discuss, has been recorded by Lisa Dusseault |
2007-07-18
|
05 | Ross Callon | [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon |
2007-07-18
|
05 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2007-07-18
|
05 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
2007-07-17
|
05 | Chris Newman | [Ballot comment] A couple things that could be improved: 1. In some places it says "the [RFC2822].From domain", in another place it says … [Ballot comment] A couple things that could be improved: 1. In some places it says "the [RFC2822].From domain", in another place it says "The domain part of the first address of the RFC2822.From". The latter is more precise as the "From" header in an RFC2822 message may contain more than one address (if there is more than one author). The best way to get consistency would be to add a definition for "From domain" (or similar term) as "The domain portion of the first address listed in an RFC 2822 From header" and then use "From domain" in the document. 2. Under "Security Requirements" item 2: "In particular the work and message exchanges involved MUST be order of a constant." I don't know what this means or is trying to say. |
2007-07-17
|
05 | Chris Newman | [Ballot Position Update] New position, No Objection, has been recorded by Chris Newman |
2007-07-17
|
05 | David Ward | [Ballot Position Update] New position, No Objection, has been recorded by David Ward |
2007-07-17
|
05 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
2007-07-17
|
05 | Magnus Westerlund | [Ballot comment] Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this … [Ballot comment] Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Based on that RFC2119 definitions are not suitable for describing requirements and the abstract already consist of contradicting definitions. Why not write the definitions that actually are included in the document. |
2007-07-16
|
05 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: David Harrington. |
2007-07-16
|
05 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
2007-07-13
|
05 | Lars Eggert | [Ballot comment] Section 2., paragraph 0: > 2. In order to limit the cost of its use, any query service > … [Ballot comment] Section 2., paragraph 0: > 2. In order to limit the cost of its use, any query service > supplying SSP's information MUST provide a definitive responsive > within a small, deterministic number of query exchanges. Given that the Internet is best-effort, this is impossible to guarantee in general. I'd suggest to soften the language or at least add a "during normal operation" qualifier. |
2007-07-13
|
05 | Lars Eggert | [Ballot discuss] Section 2., paragraph 0: > 2. The query/response in terms of latency time and the number of > packets … [Ballot discuss] Section 2., paragraph 0: > 2. The query/response in terms of latency time and the number of > packets involved MUST be low (order of 1 or 2 exchanges). > [Refs: Deployment Consideration 5] DISCUSS: This is a "please explain this in more detail" DISCUSS. This requirement is very terse, and I hence don't understand what it will mean in terms of what transport protocol is envisioned for SSP. Would this requirement for example rule out a TCP-based transport, because that requires a 3-way handshake at the TCP layer? Or is this saying "an SSP exchange should not take more than 1 or 2 SSP messages going back and forth"? I also don't quite understand how scenario 5 motivates this requirement. The scenario is all about the ability to cache, which should be independent of what transport protocol is used. |
2007-07-13
|
05 | Lars Eggert | [Ballot Position Update] New position, Discuss, has been recorded by Lars Eggert |
2007-07-13
|
05 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
2007-07-13
|
05 | Tim Polk | Ballot has been issued by Tim Polk |
2007-07-13
|
05 | Tim Polk | Created "Approve" ballot |
2007-07-13
|
05 | Tim Polk | Placed on agenda for telechat - 2007-07-19 by Tim Polk |
2007-07-13
|
05 | Tim Polk | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Tim Polk |
2007-07-06
|
05 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2007-07-02
|
05 | Yoshiko Fong | IANA Last Call Comments: As described in the IANA Considerations section, we understand this document to have NO IANA Actions. |
2007-06-29
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to David Harrington |
2007-06-29
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to David Harrington |
2007-06-22
|
05 | Amy Vezza | Last call sent |
2007-06-22
|
05 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2007-06-22
|
05 | Tim Polk | Last Call was requested by Tim Polk |
2007-06-22
|
05 | Tim Polk | State Changes to Last Call Requested from Publication Requested by Tim Polk |
2007-06-22
|
05 | (System) | Ballot writeup text was added |
2007-06-22
|
05 | (System) | Last call text was added |
2007-06-22
|
05 | (System) | Ballot approval text was added |
2007-06-22
|
05 | Tim Polk | Draft Added by Tim Polk in state Publication Requested |
2007-04-23
|
04 | (System) | New version available: draft-ietf-dkim-ssp-requirements-04.txt |
2007-03-08
|
03 | (System) | New version available: draft-ietf-dkim-ssp-requirements-03.txt |
2006-10-20
|
02 | (System) | New version available: draft-ietf-dkim-ssp-requirements-02.txt |
2006-09-19
|
01 | (System) | New version available: draft-ietf-dkim-ssp-requirements-01.txt |
2006-08-10
|
00 | (System) | New version available: draft-ietf-dkim-ssp-requirements-00.txt |