Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF)
RFC 6650

Note: This ballot was opened for revision 13 and is now closed.

Barry Leiba Yes

(Pete Resnick) Yes

(Ron Bonica) No Objection

(Stewart Bryant) No Objection

(Benoît Claise) (was Discuss) No Objection

Comment (2012-04-25)
No email
send info
Thanks for addressing my points

(Ralph Droms) No Objection

(Wesley Eddy) No Objection

(Adrian Farrel) No Objection

Comment (2012-04-25 for -15)
No email
send info
Forgive me, but doesn't section 8.2 say that forged abuse reports
constitue a real problem and the two mechanisms available to protect
against them may result in genuine abuse reports being discarded?

Is the message here "chosse which you think might be the least worse
problem" or is it "you should use DKIM and SPF, but be aware that you
may lose some genuine reports"?

I would have liked some clarification as to which message is being sent.

(Stephen Farrell) No Objection

Comment (2012-04-23 for -14)
No email
send info
Just a bunch of nitty comments. Feel free to take 'em or leave

5.1 (1) - this has a MUST but there's no well-defined/standard way to
satisfy the MUST, maybe make that an "ought"? 

5.1 (2) - I think you mean that "they think will" pass SPF/DKIM checks,
since they can't be sure

5.2 (1) - "the receiver" is a bit ambiguous in the 1st sentence, maybe
s/the receiver/the report receiver/? (Or if handling is expensive for
both, then maybe say that.)

5.3 (1) - what does "SHOULD make" mean? Same comment as above for use
of SHOULD when there's no standard way to do it, i.e. maybe

5.5 (1) - is "bulk senders" at the end here ambiguous? I read it as
referring to the sender of the message(s) that triggered the report.

6 - what is a "smaller" AS or use-case? Do you mean fewer people will
do this or that its simpler?

6 - point (3), is the "MUST be constructed" there right? If everything
needed to satisfy this MUST is later in point 3, then you could say
"MUST be done as stated below" - as is, this looks like there's
something else needed to satisfy the MUST but you don't say what.

8.3 - this is a little terse, maybe point back at those recommendations
or say a bit more?

8.4 - might be better to say "larger volumes or higher frequency"

8.5 - I guess this means that report receivers ought not react to
missing reports as if something was wrong. Not sure if that's worth
noting explicitly or not.

(Brian Haberman) No Objection

Comment (2012-04-25 for -14)
No email
send info
Thanks for addressing my comments.

(Russ Housley) No Objection

(Robert Sparks) (was Discuss) No Objection

(Martin Stiemerling) No Objection

(Sean Turner) (was Discuss) No Objection