Authentication-Results Registration Update for Sender Policy Framework (SPF) Results
draft-kucherawy-authres-spf-erratum-02

IANA understands that, upon approval of this document, there are three
actions which IANA must complete.

ACTION 1:

In both of the subregistries (Email Authentication Methods and Email
Authentication Result Names) of the Email Authentication Parameters
registry at

http://www.iana.org/assignments/email-auth

the following change will be made:

A new column will be added to each of the subregistries with a title of
"Status"

Legal values for these columns are:

active: The entry is in current use.
deprecated: The entry is no longer in current use.

All existing entries, except as specified in the second IANA Action
below, are to be marked as "active."


ACTION 2

In the Email Authentication Result Names subregistry in the
Email Authentication Parameters registry located at

http://www.iana.org/assignments/email-auth

the entry for "hardfail" will be marked as "deprecated" in the status
column.


ACTION 3:

In the Email Authentication Result Names subregistry in the
Email Authentication Parameters registry located at

http://www.iana.org/assignments/email-auth

the entry for "fail" will be modified as follows:

Code: fail
Defined: [RFC5451]
Auth Method: spf, sender-id
Meaning: [ RFC-to-be ] Section 3
Status: active

IANA understands that these three actions are the only ones required
upon approval of this document.

State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG
To: IETF-Announce
Reply-To: ietf@ietf.org
Subject: Last Call:  (Authentication-Results Registration Update for SPF Results) to Proposed Standard


The IESG has received a request from an individual submitter to consider
the following document:
- 'Authentication-Results Registration Update for SPF Results'
  as a Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2012-02-03. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This memo updates the registry of authentication method results in
  Authentication-Results: message header fields, correcting a
  discontinuity between the original registry creation and the SPF
  specification.

  This memo updates RFC5451.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-kucherawy-authres-spf-erratum/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-kucherawy-authres-spf-erratum/


No IPR declarations have been submitted directly on this I-D.

The Document Shepherd writeup follows...

###

  (1.a) Who is the Document Shepherd for this document? Has the
        Document Shepherd personally reviewed this version of the document
        and, in particular, does he or she believe this version is ready
        for forwarding to the IESG for publication?

I, Peter Saint-Andre, am the Document Shepherd.

I have reviewed version -01 of the document and in my opinion it is
ready for IESG consideration.

  (1.b) Has the document had adequate review both from key members of
        the interested community and others? Does the Document Shepherd
        have any concerns about the depth or breadth of the reviews that
        have been performed?

The document has been reviewed by participants in the Applications Area
(apps-discuss@ietf.org list) and the SPF community (spfbis@ietf.org list).
The proposed changes are relatively minor and mostly clerical in nature.
I am satisfied that the level of review is appropriate for this document.

  (1.c) Does the Document Shepherd have concerns that the document
        needs more review from a particular or broader perspective, e.g.,
        security, operational complexity, someone familiar with AAA,
        internationalization or XML?

The document does need IANA review, but that will occur during the normal
course of events.

  (1.d) Does the Document Shepherd have any specific concerns or
        issues with this document that the Responsible Area Director
        and/or the IESG should be aware of? For example, perhaps he or
        she is uncomfortable with certain parts of the document, or has
        concerns whether there really is a need for it. In any event, if
        the interested community has discussed those issues and has
        indicated that it still wishes to advance the document, detail
        those concerns here.

The document corrects one error in RFC 5451 (the string for an email
authentication result name, from "hardfail" to "fail" for consistency
with existing specifications and current practice in the implementation
community). The change is uncontroversial.

  (1.e) How solid is the consensus of the interested community behind
        this document? Does it represent the strong concurrence of a few
        individuals, with others being silent, or does the interested
        community as a whole understand and agree with it?

There is strong consensus to correct the error in RFC 5451.

  (1.f) Has anyone threatened an appeal or otherwise indicated extreme
        discontent? If so, please summarise the areas of conflict in
        separate email messages to the Responsible Area Director. (It
        should be in a separate email because this questionnaire is
        entered into the ID Tracker.)

No appeals have been threatened.

  (1.g) Has the Document Shepherd personally verified that the
        document satisfies all ID nits? (See the Internet-Drafts Checklist
        and http://tools.ietf.org/tools/idnits/). Boilerplate checks are not
        enough; this check needs to be thorough. Has the document met all
        formal review criteria it needs to, such as the MIB Doctor, media
        type and URI type reviews?

The document passes ID-nits. No specialized reviews are needed.

  (1.h) Has the document split its references into normative and
        informative? Are there normative references to documents that are
        not ready for advancement or are otherwise in an unclear state?
        If such normative references exist, what is the strategy for their
        completion? Are there normative references that are downward
        references, as described in [RFC3967]? If so, list these downward
        references to support the Area Director in the Last Call procedure
        for them [RFC3967].

The document splits its references into Normative and Informative.

Because the correction is very nearly typographical in nature, the only
normative reference is to the document being corrected (RFC 5451).

The correction from "hardfail" to "fail" ensures consistency with two
Experimental RFCs (RFC 4406 and RFC 4408), but those documents provide
only background or historical information for the correction.

  (1.i) Has the Document Shepherd verified that the document IANA
        consideration section exists and is consistent with the body of
        the document? If the document specifies protocol extensions, are
        reservations requested in appropriate IANA registries? Are the
        IANA registries clearly identified? If the document creates a new
        registry, does it define the proposed initial contents of the
        registry and an allocation procedure for future registrations?
        Does it suggested a reasonable name for the new registry? See
        [I-D.narten-iana-considerations-rfc2434bis]. If the document
        describes an Expert Review process has Shepherd conferred with the
        Responsible Area Director so that the IESG can appoint the needed
        Expert during the IESG Evaluation?

The IANA actions are clearly identified and appropriate for the nature of
the correction (e.g., requesting addition of a new column to the Email
Authentication Result Names registry to indicate the status of each entry,
since this document deprecates the incorrect "hardfail" entry).

No Expert Review is required, since the RFC 5226 policy for that registry
is "IETF Review" and there is no expert reviewer.

  (1.j) Has the Document Shepherd verified that sections of the
        document that are written in a formal language, such as XML code,
        BNF rules, MIB definitions, etc., validate correctly in an
        automated checker?

There are no formal language definitions in this specification.

  (1.k) The IESG approval announcement includes a Document
        Announcement Write-Up. Please provide such a Document
        Announcement Writeup? Recent examples can be found in the
        "Action" announcements for approved documents. The approval
        announcement contains the following sections:

Technical Summary

  This brief document corrects an error in RFC 5451 regarding
  one Email Authentication Result Name (see RFC Editor Erratum
  #2617).  Namely, the name "hardfail" is incorrect, and the name
  "fail" is correct (and is used in all existing implementations).
  As far as can be determined, all implementations of Sender
  Policy Framework (SPF) use "fail" instead of "hardfail", as
  specified in Section 2.5.4 of RFC 4408.  The same is true of
  Sender-ID (see Section 5.3 of RFC 4406).  The error in RFC
  5451 was not caught during review of that specification. 
  Although in practice the error has not yet caused confusion
  among implementers, it is best to correct the error in order to
  forestall possible interoperability problems. 

Working Group Summary

  This document is not the product of a working group.

Document Quality

  Existing implementations use "fail" (RFC 4406, RFC 4408)
  instead of "hardfail" (RFC 5451), so there are implementations
  of the correction described in this specification.  This document
  simply corrects the error in RFC 5451 and does define any new
  protocol.

  This correction was discussed on the apps-discuss@ietf.org
  and spfbis@ietf.org lists.  Some people thought it might be
  appropriate to correct the error if and when the SPFBIS WG,
  whereas others thought it would be better to correct this simple
  error without opening up discussion of RFC 5451 more generally
  (and thus possibly delaying the fix).  There was agreement that
  correcting error sooner rather than later would be preferable.

Personnel

  The Document Shepherd / Responsible Area Director is
  Peter Saint-Andre.

###