Skip to main content

Authentication-Results Registration for Vouch by Reference Results
RFC 6212

Revision differences

Document history

Date Rev. By Action
2015-10-14
04 (System) Notify list changed from msk@cloudmark.com, draft-kucherawy-authres-vbr@ietf.org, barryleiba@computer.org to barryleiba@computer.org
2011-04-11
04 Cindy Morgan State changed to RFC Published from RFC Ed Queue.
2011-04-11
04 Cindy Morgan [Note]: 'RFC 6212' added by Cindy Morgan
2011-04-11
04 (System) RFC published
2011-01-19
04 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2011-01-19
04 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2011-01-19
04 (System) IANA Action state changed to In Progress from Waiting on Authors
2011-01-19
04 Cindy Morgan State changed to RFC Ed Queue from Approved-announcement sent.
2011-01-18
04 (System) IANA Action state changed to Waiting on Authors from In Progress
2011-01-18
04 (System) IANA Action state changed to In Progress
2011-01-18
04 Cindy Morgan IESG state changed to Approved-announcement sent
2011-01-18
04 Cindy Morgan IESG has approved the document
2011-01-18
04 Cindy Morgan Closed "Approve" ballot
2011-01-18
04 Cindy Morgan Approval announcement text regenerated
2011-01-18
04 Alexey Melnikov [Note]: changed to 'Barry Leiba <barryleiba@computer.org> is the document shepherd.'
2011-01-18
04 Alexey Melnikov Ballot writeup text changed
2011-01-18
04 (System) New version available: draft-kucherawy-authres-vbr-04.txt
2011-01-17
04 Ralph Droms
[Ballot comment]
I was unclear about header.md and header.mv when I first
read the doc.  However, I'm not sure these suggestions
are an improvement...

In …
[Ballot comment]
I was unclear about header.md and header.mv when I first
read the doc.  However, I'm not sure these suggestions
are an improvement...

In this text from section 4:

  If "header.md" is present, its value MUST be the DNS domain name
  about which a VBR query was made.  This is typically taken from the
  "md" tag of the "VBR-Info" header field.  ([VBR] describes alternate
  methods for selecting the domain used as the subject of that query.)

  If "header.mv" is present, its value MUST be the DNS domain that was
  queried as the potential voucher for the "header.md" domain.  This is
  typically one of the values of the "mv" tag in the "VBR-Info" header
  field on the message being evaluated, although a local list of
  vouchers may be used in place of that value as described in [VBR].

  Where the VBR-Info header field was not present on a message but a
  mail server decides to conduct a VBR query anyway, the server MAY
  still generate an Authentication-Results field to relay the results
  of the VBR query.  In this instance, the "header.md" value MUST be
  the domain name that was evaluated as the sending domain using VBR,
  and the "header.mv" value MUST be the domain name that was used as
  the voucher.

...is it true that header.md (if present) always carries the DNS
domain name about which a VBR query was made and header.mv (if
present) always carries the DNS domain that was queried as the
potential voucher for the header.md domain?  If I've got that right,
it might be clearer to simply give those definitions and then describe
that the query is prompted either by the existence of the VBR-Info
field or by policy on the server.  Perhaps:

  If "header.md" is present, its value MUST be the DNS domain name
  about which a VBR query was made.  If "header.mv" is present, its
  value MUST be the DNS domain that was queried as the potential
  voucher for the "header.md" domain.

  If the VBR query was made because of the presence of the "VBR-Info"
  header field, "header.md" is typically taken from the "md" tag of
  the "VBR-Info" header field.  ([VBR] describes alternate methods
  for selecting the domain used as the subject of that query.)
  "header.mv" is typically one of the values of the "mv" tag in the
  "VBR-Info" header field on the message being evaluated, although a
  local list of vouchers may be used in place of that value as
  described in [VBR].

  Where the VBR-Info header field was not present on a message but a
  mail server decides to conduct a VBR query anyway, the server MAY
  still generate an Authentication-Results field to relay the results
  of the VBR query.
2011-01-13
04 Alexey Melnikov Removed from agenda for telechat
2011-01-13
04 Alexey Melnikov State changed to IESG Evaluation::AD Followup from IESG Evaluation.
2011-01-13
04 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded
2011-01-13
04 Ralph Droms [Ballot comment]
I have a couple of suggestions to improve
Clarit that I will enter when I get back on-line
2011-01-13
04 Ralph Droms [Ballot Position Update] New position, No Objection, has been recorded
2011-01-12
04 David Harrington [Ballot Position Update] New position, No Objection, has been recorded
2011-01-10
04 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: David McGrew.
2011-01-07
03 (System) New version available: draft-kucherawy-authres-vbr-03.txt
2011-01-07
04 Alexey Melnikov
[Note]: changed to 'This document is short of one vote. There were no other changes since the January 6th IESG telechat.<br>Barry Leiba <barryleiba@computer.org> …
[Note]: changed to 'This document is short of one vote. There were no other changes since the January 6th IESG telechat.<br>Barry Leiba <barryleiba@computer.org> is the document shepherd.'
2011-01-06
04 Cindy Morgan Telechat date has been changed to 2011-01-20 from 2011-01-06
2011-01-05
04 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded
2011-01-05
04 Sean Turner [Ballot Position Update] New position, No Objection, has been recorded
2011-01-05
04 Tim Polk [Ballot Position Update] New position, No Objection, has been recorded
2011-01-05
04 Stewart Bryant [Ballot Position Update] New position, No Objection, has been recorded
2011-01-05
04 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded
2011-01-04
04 Robert Sparks [Ballot Position Update] New position, No Objection, has been recorded
2011-01-02
04 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded
2011-01-02
04 Alexey Melnikov State changed to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup.
2011-01-01
04 (System) Sub state has been changed to AD Follow up from New Id Needed
2011-01-01
02 (System) New version available: draft-kucherawy-authres-vbr-02.txt
2010-12-29
04 Alexey Melnikov State changed to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead.
2010-12-29
04 (System) State changed to Waiting for AD Go-Ahead from In Last Call.
2010-12-21
04 Amanda Baber [Note]: 'Barry Leiba <barryleiba@computer.org> is the document shepherd.' added by Amanda Baber
2010-12-21
04 Amanda Baber
IANA understands that, upon approval of this document, there are two
IANA actions that need to be completed.

First, in the Email Authentication Methods subregistry …
IANA understands that, upon approval of this document, there are two
IANA actions that need to be completed.

First, in the Email Authentication Methods subregistry of the Email
Authentication Parameters located at:

http://www.iana.org/assignments/email-auth/email-auth.xhtml

the following registration will be added:

+------------+----------+--------+----------------+-----------------+
|  Method  | Defined  | ptype  | property      | value          |
+------------+----------+--------+----------------+-----------------+
|    vbr    | RFC5518  | header | md            | DNS domain name |
|            |          |        |                | used as the    |
|            |          |        |                | subject of a    |
|            |          |        |                | VBR query      |
|            |          |        +----------------+-----------------+
|            |          |        | mv            | DNS domain name |
|            |          |        |                | of the entity  |
|            |          |        |                | acting as      |
|            |          |        |                | the voucher    |
+------------+----------+--------+----------------+-----------------+

Second, in the Email Authentication Result Names subregistry of the
Email Authentication Parameters located at:

http://www.iana.org/assignments/email-auth/email-auth.xhtml

five auth methods will be added to existing registrations as follows:

added to auth method "none" -->
Defined in: RFC5451
Method: vbr
Meaning: No valid VBR-Info header was found in the message, or a domain
name to be queried could not be determined.

added to auth method "pass" -->
Defined in: RFC5451
Method: vbr
Meaning: A VBR query was completed and the vouching service queried gave
a positive response.

added to auth method "fail" -->
Defined in: RFC5451
Method: vbr
Meaning: A VBR query was completed and the vouching service queried did
not give a positive response, or the message contained multiple VBR-Info
header fields with different "mc" values.

added to auth method "temperror" -->
Defined in: RFC5451
Method: vbr
Meaning: A VBR query was attempted but could not be completed due to
some error that is likely transient in nature such as a temporary DNS
error.  A later attempt may produce a final result.

added to auth method "permerror" -->
Defined in: RFC5451
Method: vbr
Meaning: A VBR query was attempted but could not be completed due to
some error that is likely not transient in nature such as a permanent
DNS error.  A later attempt is unlikely to produce a final result.

IANA understands that these are the only IANA Actions that need to be
completed upon approval of this document.
2010-12-03
04 Samuel Weiler Request for Last Call review by SECDIR is assigned to David McGrew
2010-12-03
04 Samuel Weiler Request for Last Call review by SECDIR is assigned to David McGrew
2010-12-02
04 Peter Saint-Andre [Ballot Position Update] New position, No Objection, has been recorded
2010-12-02
04 Alexey Melnikov [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov
2010-12-02
04 Alexey Melnikov Ballot has been issued
2010-12-02
04 Alexey Melnikov Created "Approve" ballot
2010-12-02
04 Alexey Melnikov
  (1.a) Who is the Document Shepherd for this document? Has the
        Document Shepherd personally reviewed this version of the
  …
  (1.a) Who is the Document Shepherd for this document? Has the
        Document Shepherd personally reviewed this version of the
        document and, in particular, does he or she believe this
        version is ready for forwarding to the IESG for publication?

Barry Leiba is the document shepherd.  I have reviewed this version, and am satisfied that it's ready, but for the following:

The registration procedure in RFC 5451 is "IETF Review", so this document does not need to be standards track.  The IESG should decide whether Informational is suitable.

section 4, paragraph 1 does not use the same terminology for describing the things you're registering as RFC 5451 does.

OLD
  This memo adds to the "Email Authentication Method Name Registry",
  created by IANA upon publication of [AUTHRES], the "header.md" and
  "header.mv" reporting items.

NEW
  This memo adds to the "Email Authentication Method Name Registry",
  created by IANA upon publication of [AUTHRES], the following:
  * The method "vbr".
  * Associated with that method, the properties (reporting items)
    "header.md" and "header.mv".

In paragraphs 2 and 3, you need to make it clear whether each of header.md and header.mv is REQUIRED or OPTIONAL in a vbr method statement.  Possibly RFC 5451 says that all properties are optional, but I'd still say it this way, for example:

OLD
  The value associated with "header.md" in the header field MUST be the
  DNS domain name about which a VBR query was made.  This is typically
  taken from the "md" tag of the "VBR-Info" header filed.  ([VBR]
  describes the methods for selecting the construction and execution of
  that query.)

NEW, IF OPTIONAL
  If "header.md" is present, its value MUST be the
  DNS domain name about which a VBR query was made.  This is typically
  taken from the "md" tag of the "VBR-Info" header field.  ([VBR]
  describes the methods for selecting the construction and execution of
  that query.)

NEW, IF REQUIRED
  The "header.md" property MUST be present, and its value MUST be the
  DNS domain name about which a VBR query was made.  This is typically
  taken from the "md" tag of the "VBR-Info" header field.  ([VBR]
  describes the methods for selecting the construction and execution of
  that query.)

(Note also that I've corrected the spelling of "field" in paragraph 2, there, after "VBR-Info".)


  (1.b) Has the document had adequate review both from key WG members
        and from key non-WG members? Does the Document Shepherd have
        any concerns about the depth or breadth of the reviews that
        have been performed? 

The document is an individual submission, but has had adequate review, and I have no concerns.

  (1.c) Does the Document Shepherd have concerns that the document
        needs more review from a particular or broader perspective,
        e.g., security, operational complexity, someone familiar with
        AAA, internationalization or XML?

I have no concerns.

  (1.d) Does the Document Shepherd have any specific concerns or
        issues with this document that the Responsible Area Director
        and/or the IESG should be aware of? For example, perhaps he
        or she is uncomfortable with certain parts of the document, or
        has concerns whether there really is a need for it. In any
        event, if the WG has discussed those issues and has indicated
        that it still wishes to advance the document, detail those
        concerns here. Has an IPR disclosure related to this document
        been filed? If so, please include a reference to the
        disclosure and summarize the WG discussion and conclusion on
        this issue.

I have no concerns.  There is no IPR involved.

  (1.e) How solid is the WG consensus behind this document? Does it
        represent the strong concurrence of a few individuals, with
        others being silent, or does the WG as a whole understand and
        agree with it? 

There is consensus of the interested community behind it.

  (1.f) Has anyone threatened an appeal or otherwise indicated extreme
        discontent? If so, please summarise the areas of conflict in
        separate email messages to the Responsible Area Director. (It
        should be in a separate email because this questionnaire is
        entered into the ID Tracker.)

No.

  (1.g) Has the Document Shepherd personally verified that the
        document satisfies all ID nits? (See the Internet-Drafts Checklist
        and http://tools.ietf.org/tools/idnits/). Boilerplate checks are
        not enough; this check needs to be thorough. Has the document
        met all formal review criteria it needs to, such as the MIB
        Doctor, media type and URI type reviews?

The document passes idnits 2.12.05, as well as my own review.  There are no further formal reviews required.

  (1.h) Has the document split its references into normative and
        informative? Are there normative references to documents that
        are not ready for advancement or are otherwise in an unclear
        state? If such normative references exist, what is the
        strategy for their completion? Are there normative references
        that are downward references, as described in [RFC3967]? If
        so, list these downward references to support the Area
        Director in the Last Call procedure for them [RFC3967].

All references are properly separated and labelled.  There are no downward references.

  (1.i) Has the Document Shepherd verified that the document IANA
        consideration section exists and is consistent with the body
        of the document? If the document specifies protocol
        extensions, are reservations requested in appropriate IANA
        registries? Are the IANA registries clearly identified? If
        the document creates a new registry, does it define the
        proposed initial contents of the registry and an allocation
        procedure for future registrations? Does it suggest a
        reasonable name for the new registry? See [RFC5226]. If the
        document describes an Expert Review process has Shepherd
        conferred with the Responsible Area Director so that the IESG
        can appoint the needed Expert during the IESG Evaluation?

The IANA Considerations section is correct and adequate.

  (1.j) Has the Document Shepherd verified that sections of the
        document that are written in a formal language, such as XML
        code, BNF rules, MIB definitions, etc., validate correctly in
        an automated checker?

There is no formal language in this document.

  (1.k) The IESG approval announcement includes a Document
        Announcement Write-Up. Please provide such a Document
        Announcement Write-Up? Recent examples can be found in the
        "Action" announcements for approved documents. The approval
        announcement contains the following sections:

    Technical Summary
        Relevant content can frequently be found in the abstract
        and/or introduction of the document. If not, this may be
        an indication that there are deficiencies in the abstract
        or introduction.

  RFC 5451 defined a new header field for electronic mail messages
  that presents the results of a message authentication effort in a
  machine-readable format.  In the interim, a proposal for rudimentary
  domain-level reputation called Vouch By Reference [RFC 5518] was
  published and is now beginning to see popular use.

  This memo updates the registry of properties in Authentication-
  Results: message header fields to allow relaying of the results of a
  Vouch By Reference query.

    Working Group Summary
        Was there anything in WG process that is worth noting? For
        example, was there controversy about particular points or
        were there decisions where the consensus was particularly
        rough?

Nothing to note.

    Document Quality
        Are there existing implementations of the protocol? Have a
        significant number of vendors indicated their plan to
        implement the specification? Are there any reviewers that
        merit special mention as having done a thorough review,
        e.g., one that resulted in important changes or a
        conclusion that the document had no substantive issues? If
        there was a MIB Doctor, Media Type or other expert review,
        what was its course (briefly)? In the case of a Media Type
        review, on what date was the request posted?
       
This has been implemented for some time in opendkim, an open-source package supported by the document author.  The Spamhaus domain whitelist is providing market pressure for more implementations, as the authentication-results header field itself receives wider deployment.
2010-12-01
04 Alexey Melnikov [Note]: 'Barry Leiba <barryleiba@computer.org> is the document shepherd.' added
2010-12-01
04 Alexey Melnikov State Change Notice email list has been changed to msk@cloudmark.com, draft-kucherawy-authres-vbr@tools.ietf.org, barryleiba@computer.org from msk@cloudmark.com, draft-kucherawy-authres-vbr@tools.ietf.org
2010-12-01
04 Amy Vezza Last call sent
2010-12-01
04 Amy Vezza
State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG <iesg-secretary@ietf.org>
To: …
State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Reply-To: ietf@ietf.org
Subject: Last Call: <draft-kucherawy-authres-vbr-01.txt> (Authentication-Results Registration For Vouch By Reference Results) to Proposed Standard


The IESG has received a request from an individual submitter to consider
the following document:
- 'Authentication-Results Registration For Vouch By Reference Results'
  <draft-kucherawy-authres-vbr-01.txt> as a Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2010-12-29. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

The file can be obtained via
http://datatracker.ietf.org/doc/draft-kucherawy-authres-vbr/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-kucherawy-authres-vbr/
2010-12-01
04 Alexey Melnikov Placed on agenda for telechat - 2011-01-06
2010-12-01
04 Alexey Melnikov Last Call was requested
2010-12-01
04 Alexey Melnikov State changed to Last Call Requested from AD Evaluation.
2010-12-01
04 (System) Ballot writeup text was added
2010-12-01
04 (System) Last call text was added
2010-12-01
04 (System) Ballot approval text was added
2010-12-01
04 Alexey Melnikov State changed to AD Evaluation from Publication Requested.
2010-11-29
04 Alexey Melnikov Draft added in state Publication Requested
2010-11-29
01 (System) New version available: draft-kucherawy-authres-vbr-01.txt
2010-11-08
00 (System) New version available: draft-kucherawy-authres-vbr-00.txt