[{"author": "Daniel Gillmor", "text": "

ah ok, just making sure i wasn't stepping on any toes! fwiw, i tihnk most currently e2e message signatures are unwelcome impositions \u263a

", "time": "2025-07-24T12:30:06Z"}, {"author": "Murray Kucherawy", "text": "

Aren't they mostly invisible?

", "time": "2025-07-24T12:30:23Z"}, {"author": "Murray Kucherawy", "text": "

DKIM is, mostly

", "time": "2025-07-24T12:30:28Z"}, {"author": "Daniel Gillmor", "text": "

those aren't end-to-end

", "time": "2025-07-24T12:30:36Z"}, {"author": "Murray Kucherawy", "text": "

ah right

", "time": "2025-07-24T12:31:00Z"}, {"author": "Daniel Gillmor", "text": "

i couldn't hear that remotely

", "time": "2025-07-24T12:34:16Z"}, {"author": "Murray Kucherawy", "text": "

Pete's remark was repeated by John at the mic.

", "time": "2025-07-24T12:35:09Z"}, {"author": "Daniel Gillmor", "text": "

:+1:

", "time": "2025-07-24T12:35:24Z"}, {"author": "Pete Resnick", "text": "

Pete is lazy

", "time": "2025-07-24T12:39:04Z"}, {"author": "Murray Kucherawy", "text": "

Seconded.

", "time": "2025-07-24T12:40:33Z"}, {"author": "Pete Resnick", "text": "

@Murray Kucherawy My laziness or what was said at the mic?

", "time": "2025-07-24T12:41:00Z"}, {"author": "Murray Kucherawy", "text": "

@Pete: Yes.

", "time": "2025-07-24T12:41:08Z"}, {"author": "Barry Leiba", "text": "

MAAWG? What\u2019s that?

", "time": "2025-07-24T12:46:20Z"}, {"author": "Jim Fenton", "text": "

Very timely. I got boarding passes this morning for James and Lorraine Fenton of Sydney, Australia for their flight to Townsville. Footer says to reply if not the intended recipient, but it came from no-reply@ :)

", "time": "2025-07-24T12:46:34Z"}, {"author": "Neil Jenkins", "text": "

@Barry https://www.m3aawg.org/

", "time": "2025-07-24T12:46:59Z"}, {"author": "Barry Leiba", "text": "

Jim, you get a free trip to Sydney!

", "time": "2025-07-24T12:47:09Z"}, {"author": "Barry Leiba", "text": "

Neil, it was a joke\u2026.

", "time": "2025-07-24T12:47:21Z"}, {"author": "Neil Jenkins", "text": "

Sorry, hard to get tone over chat\u2026

", "time": "2025-07-24T12:47:34Z"}, {"author": "Neil Jenkins", "text": "

(Also, it

", "time": "2025-07-24T12:47:36Z"}, {"author": "Jim Fenton", "text": "

I don't think I can get there in time for the flight to Townsville!

", "time": "2025-07-24T12:47:36Z"}, {"author": "Neil Jenkins", "text": "

(Also, it

", "time": "2025-07-24T12:47:43Z"}, {"author": "Neil Jenkins", "text": "

's late)

", "time": "2025-07-24T12:47:48Z"}, {"author": "Barry Leiba", "text": "

Yeh, true. I\u2019ll talk with you off-list\u2026

", "time": "2025-07-24T12:47:53Z"}, {"author": "Daniel Gillmor", "text": "

@meetecho, i can't see the speaker in MAILMAINT

", "time": "2025-07-24T12:48:18Z"}, {"author": "Jim Fenton", "text": "

The 3 is silent, just like Tom Lehrer's friend Hen3ry from that song of his.

", "time": "2025-07-24T12:48:25Z"}, {"author": "Daniel Gillmor", "text": "

whoop, maybe it was Murray

", "time": "2025-07-24T12:48:34Z"}, {"author": "Lorenzo Miniero", "text": "

:grinning_face_with_smiling_eyes:

", "time": "2025-07-24T12:48:46Z"}, {"author": "Daniel Gillmor", "text": "

he was hiding his mouth behind his hands!

", "time": "2025-07-24T12:49:06Z"}, {"author": "Barry Leiba", "text": "

There doesn\u2019t seem to be a camera pointing at the chairs.

", "time": "2025-07-24T12:49:07Z"}, {"author": "Daniel Gillmor", "text": "

there is such a camera, i see them fine

", "time": "2025-07-24T12:49:21Z"}, {"author": "Barry Leiba", "text": "

Looking for it\u2026.l

", "time": "2025-07-24T12:49:35Z"}, {"author": "Daniel Gillmor", "text": "

it's marked \"speaker camera\"

", "time": "2025-07-24T12:49:46Z"}, {"author": "Barry Leiba", "text": "

Ahhhhhh

", "time": "2025-07-24T12:50:05Z"}, {"author": "Jim Fenton", "text": "

(I just realized I'm on the onsite tool so no video)

", "time": "2025-07-24T12:50:29Z"}, {"author": "Daniel Gillmor", "text": "

Neil, your mic is pretty hot

", "time": "2025-07-24T12:55:07Z"}, {"author": "Barry Leiba", "text": "

Sounds perfect in the room.

", "time": "2025-07-24T12:55:42Z"}, {"author": "Pete Resnick", "text": "

These changes to the oauth document make it much easier to hold my nose. :wink:

", "time": "2025-07-24T12:59:28Z"}, {"author": "Daniel Gillmor", "text": "

Jim, that's happening right now and it's terrible.

", "time": "2025-07-24T13:00:05Z"}, {"author": "Daniel Gillmor", "text": "

it's a problem.

", "time": "2025-07-24T13:00:15Z"}, {"author": "Jim Fenton", "text": "

You can see how much I depend on Google and Yahoo! for authentication :)

", "time": "2025-07-24T13:00:59Z"}, {"author": "Daniel Gillmor", "text": "

and outlook

", "time": "2025-07-24T13:01:09Z"}, {"author": "Pete Resnick", "text": "

It's a problem, but I think in the fullness of time you'll see many of them open a web window in their own app context; that's more and more available in OSes..

", "time": "2025-07-24T13:01:15Z"}, {"author": "Pete Resnick", "text": "

Still stinks.

", "time": "2025-07-24T13:01:26Z"}, {"author": "Daniel Gillmor", "text": "

Yes Pete, that's what's happening, and it's a UX disaster.

", "time": "2025-07-24T13:01:39Z"}, {"author": "Daniel Gillmor", "text": "

it also happens randomly, when some authentication token times out. so suddenly a new window opens up that's not a normal browser, and it's not even clear where it's coming from \u2639

", "time": "2025-07-24T13:02:22Z"}, {"author": "Pete Resnick", "text": "

Yep. One of my accounts uses OAuth. It is a disaster. But it is a UI issue, which we in IETF generally avoid (save the occasional rude comment).

", "time": "2025-07-24T13:02:55Z"}, {"author": "Daniel Gillmor", "text": "

we can't afford to ignore the UX implications any more

", "time": "2025-07-24T13:03:12Z"}, {"author": "Pete Resnick", "text": "

Bring back the User Services Area!

", "time": "2025-07-24T13:03:32Z"}, {"author": "Jim Fenton", "text": "

I would prefer to see a native multifactor authentication mechanism in email clients, but some of those mechanisms depend on OS things that only allow browsers to do some things.

", "time": "2025-07-24T13:03:45Z"}, {"author": "John Klensin", "text": "

\"Stinks\" is more polite than what I'd be inclined to say, but it is not clear to me whether this type of work will make a significant difference one way or the other.

", "time": "2025-07-24T13:03:46Z"}, {"author": "John Klensin", "text": "

Pete, yeah but the User Services Area never did this kind of work.

", "time": "2025-07-24T13:04:31Z"}, {"author": "Pete Resnick", "text": "

John: Yeah, I know. I was being ironical.

", "time": "2025-07-24T13:04:49Z"}, {"author": "Jim Fenton", "text": "

We ignore UI issues at the risk of having our work not used. Also, UI issues should be a key part of \"making the internet work better\"

", "time": "2025-07-24T13:05:20Z"}, {"author": "John Klensin", "text": "

Goes with holding one's nose for self-preservation.

", "time": "2025-07-24T13:05:35Z"}, {"author": "Pete Resnick", "text": "

I don't disagree with dkg or Jim, but we seem to have carefully constructed ourselves in this organization to make talking about UI incredibly hard.

", "time": "2025-07-24T13:06:40Z"}, {"author": "Jim Fenton", "text": "

Indeed.

", "time": "2025-07-24T13:06:54Z"}, {"author": "John Klensin", "text": "

@Pete +1

", "time": "2025-07-24T13:07:01Z"}, {"author": "Daniel Gillmor", "text": "

UX is actually a hard problem, not because of the IETF. But we need to be able to talk about it. our protocols have UX implications.

", "time": "2025-07-24T13:07:34Z"}, {"author": "Pete Resnick", "text": "

Eeeeee! There's URNs on the screen!

", "time": "2025-07-24T13:07:36Z"}, {"author": "Jim Fenton", "text": "

But I think there's a difference between having real UI expertise (which we don't) and implementing things with known UX problems.

", "time": "2025-07-24T13:07:51Z"}, {"author": "John Klensin", "text": "

As should be clear from other discussions, I also remain very concerned that many of these ideas either assume that SMTP-with-relays is an obsolete idea or that the intermediate relay machines cannot possibly be compromised.

", "time": "2025-07-24T13:09:08Z"}, {"author": "Daniel Gillmor", "text": "

we don't need to give fully solved UX answers. we need to have protocols whose surfaces expose mechanisms that it is possible to create good UX from.

", "time": "2025-07-24T13:09:23Z"}, {"author": "Daniel Gillmor", "text": "

and if that means we need to bring in more UX experts, well, we've done that kind of thing in the past. we brought in cryptographers, for example.

", "time": "2025-07-24T13:10:08Z"}, {"author": "Pete Resnick", "text": "

I was not involved with oauth except for the very beginning, but I would love to see an analysis of at what point we could have put the brakes on.

", "time": "2025-07-24T13:10:23Z"}, {"author": "Barry Leiba", "text": "

Imhave always thought OAUTH is bad for many reasons, but (1) it doesn\u2019t matter because it\u2019s in wide use and (2) it\u2019s true that it\u2019s better than sharing reusable credentials.

", "time": "2025-07-24T13:10:26Z"}, {"author": "Daniel Gillmor", "text": "

Barry: compared to who gets to see the reused password, i think OAuth centralizes who gets to break into all the other authorized accounts. But it also enforces that this central party must be able to break into all the other accounts, right? the ID Provider needs to get that access. in the other case, it's actually possible to not share passwords.

", "time": "2025-07-24T13:18:10Z"}, {"author": "Daniel Gillmor", "text": "

(but this is probably a tradeoffs conversation for the another day)

", "time": "2025-07-24T13:18:26Z"}, {"author": "John Klensin", "text": "

@Daniel, the problem with that analogy is that, because of the technical / mathematic component of the issues, it has been moderately easy to tell the difference between a cryptographer and a cyrpto-blowhard. In the UX area, it is harder to draw a good line between those with solid, research-based knowledge and those with a large surplus of hot air.

", "time": "2025-07-24T13:20:35Z"}, {"author": "Jim Fenton", "text": "

And in this application I think there will be a lot of OAuth uses that don't involve federation at all, but are used because that's a way to get multifactor authentication in imap and jmap.

", "time": "2025-07-24T13:20:57Z"}, {"author": "Jim Fenton", "text": "

accents harmful?

", "time": "2025-07-24T13:23:51Z"}, {"author": "Pete Resnick", "text": "

@John Klensin Sorta like lawyers and law-blowhards.

", "time": "2025-07-24T13:23:51Z"}, {"author": "Daniel Gillmor", "text": "

Jim: like p\u00e1ypal.com

", "time": "2025-07-24T13:24:14Z"}, {"author": "John Klensin", "text": "

I'm confused. Is this about SLD naming (in which case it really isn't about email and hence out of scope) or email where allowable naming is rarely coupled to naming rules for domains.

", "time": "2025-07-24T13:24:46Z"}, {"author": "Jim Fenton", "text": "

That problem is not specifically an accent thing. Look-alike domain names could also be things like Cyrillic a

", "time": "2025-07-24T13:25:08Z"}, {"author": "John Klensin", "text": "

@Jim. Yep, and calling them \"accents\" is a whole other problem. But the homograph proiblem is old news (although not less of a problem)

", "time": "2025-07-24T13:26:47Z"}, {"author": "Pete Resnick", "text": "

John, your mic is on.

", "time": "2025-07-24T13:26:53Z"}, {"author": "Pete Resnick", "text": "

I'll bring it to the mic if John doesn't, but for localparts I can't get too excited about confusability.

", "time": "2025-07-24T13:28:12Z"}, {"author": "Daniel Gillmor", "text": "

Pete, even for provisioning guidance ?

", "time": "2025-07-24T13:28:39Z"}, {"author": "Jim Fenton", "text": "

@pete agree

", "time": "2025-07-24T13:28:41Z"}, {"author": "Pete Resnick", "text": "

@Daniel Gillmor Yeah, I think it's best left to locales to figure out which keyboard people use.

", "time": "2025-07-24T13:29:45Z"}, {"author": "Vittorio Bertola", "text": "

Having two confusable email addresses because of different but confusable characters in localpart really seems a matter of deployment policy by each email provider. I'm not sure that the IETF can provide significant advice on this.

", "time": "2025-07-24T13:33:11Z"}, {"author": "Daniel Gillmor", "text": "

if we want e-mail to be globally interoperable, it does seem like some sort of guidance might be useful.

", "time": "2025-07-24T13:33:43Z"}, {"author": "John Klensin", "text": "

@Daniel: yes. But we really need to focus on the global there.

", "time": "2025-07-24T13:34:26Z"}, {"author": "Daniel Gillmor", "text": "

i don't see anything in the document that references Unicode normalization forms for localparts either

", "time": "2025-07-24T13:34:38Z"}, {"author": "Daniel Gillmor", "text": "

if we have global guidance that attempt to clean up homoglyph concerns for the domain side, why wouldn't that same guidance apply for localparts?

", "time": "2025-07-24T13:35:54Z"}, {"author": "Barry Leiba", "text": "

Look, \u201cvv\u201d is confusible with \u201cw\u201d; we can\u2019t get rid of all confusion.

", "time": "2025-07-24T13:36:52Z"}, {"author": "Daniel Gillmor", "text": "

sure, and l and I are also indistinguishable in some fonts. does that mean we should just throw up our hands and not offer guidance?

", "time": "2025-07-24T13:37:50Z"}, {"author": "Vittorio Bertola", "text": "

How does the recipient of an email message know which language was used when creating the sender's localpart, so that the appropriate exclusion or normalisation rules can be applied?

", "time": "2025-07-24T13:37:57Z"}, {"author": "Daniel Gillmor", "text": "

Vittorio: perhaps we want guidance for provisioning within a domain, but not for recipients. that is, if you've let someone register the joe@ localpart, you probably shouldn't also let a different person register j\u00f6e@

", "time": "2025-07-24T13:39:37Z"}, {"author": "Barry Leiba", "text": "

I think the issue of confusible identifiers goes beyond email, and such advice needs to have much broader applicability.

", "time": "2025-07-24T13:39:39Z"}, {"author": "Pete Resnick", "text": "

Unlike domains, I don't know of a lot of data saying people examine e-mail addresses to validate they're talking to the right person. Indeed, they are more likely to see display names and never see email addresses at all.

", "time": "2025-07-24T13:40:01Z"}, {"author": "Daniel Gillmor", "text": "

Pete, that is an entirely different category of attack.

", "time": "2025-07-24T13:40:32Z"}, {"author": "Murray Kucherawy", "text": "

I think Barry's on to something here in terms of scope. I even wonder if this is pushing at the edges of our charter when the discussion goes this deep.

", "time": "2025-07-24T13:40:40Z"}, {"author": "Vittorio Bertola", "text": "

Then we just need a 1-line advice \"please do not create visually confusable email addresses\". Trying to define what that means in practice is imho impossible.

", "time": "2025-07-24T13:41:17Z"}, {"author": "Pete Resnick", "text": "

Daniel Gillmor said:

\n
\n

Pete, that is an entirely different category of attack.

\n
\n

Sorry, I missed the \"that\": Different than what?

", "time": "2025-07-24T13:41:35Z"}, {"author": "Vittorio Bertola", "text": "

Or, at least, overkill - look at the domains mess for that.

", "time": "2025-07-24T13:42:02Z"}, {"author": "Daniel Gillmor", "text": "

an attack by sending a malicious display name is different from an attack by sending a lookalike sender address

", "time": "2025-07-24T13:42:21Z"}, {"author": "Daniel Gillmor", "text": "

That is, From: Pete Resnick <dkg@fifthhorseman.net>

", "time": "2025-07-24T13:42:49Z"}, {"author": "Pete Resnick", "text": "

So can you give me an example of the other sort of attack? When is someone getting this lookalike address and what bad thing happens because of it?

", "time": "2025-07-24T13:43:44Z"}, {"author": "Pete Resnick", "text": "

(I'm not being cheeky; I really don't understand the circumstance.)

", "time": "2025-07-24T13:44:16Z"}, {"author": "Daniel Gillmor", "text": "

i've seen lots of \"cybersecurity\" anti-phishing guidance that tells users \"check who the message is from\". Not saying it's great guidance, but it's out there.

", "time": "2025-07-24T13:44:41Z"}, {"author": "John Klensin", "text": "

@VittorioL yes, but \"visually\" confusable is not the only problem in that family just, given the history of discussions (especially around domain names) the most obvious. And I obvious agree about the \"domain mess\".

", "time": "2025-07-24T13:44:42Z"}, {"author": "Daniel Gillmor", "text": "

Pete, plus, i'm pretty sure i do that kind of checking myself \u2639 I probably shouldn't be.

", "time": "2025-07-24T13:45:45Z"}, {"author": "John Klensin", "text": "

And \"yes\" to Daniel's comment -- if the norm in MUAs is to display just the name phrase (\"display name\") then much of this, from a UI standpoint, is irrelevant.

", "time": "2025-07-24T13:45:56Z"}, {"author": "Barry Leiba", "text": "

Yeh, most users can\u2019t reliably eyeball an address and get it right, confusibles aside.

", "time": "2025-07-24T13:46:14Z"}, {"author": "John Klensin", "text": "

\"Donald Duck\" <evil@example.com>

", "time": "2025-07-24T13:46:36Z"}, {"author": "Pete Resnick", "text": "

@Daniel Gillmor Checking to make sure that the mail is from ceo@mycompany.com and not ceo@mycomp\u00e1ny.com make sense to me. But I'm not sure how the c\u00e9o@mycompany.com is supposed to be a very likely attack.

", "time": "2025-07-24T13:47:15Z"}, {"author": "Barry Leiba", "text": "

Well, or chasebank-security@example.com, or security@chase.com\u2014-.example.com

", "time": "2025-07-24T13:47:44Z"}, {"author": "Daniel Gillmor", "text": "

sigh, secure, human-readable, global naming :melting_face:

", "time": "2025-07-24T13:48:36Z"}, {"author": "Murray Kucherawy", "text": "

(Gimli \"What are we waiting for?\" meme here)

", "time": "2025-07-24T13:48:57Z"}, {"author": "Daniel Gillmor", "text": "

\"IMAP: the good bits\"

", "time": "2025-07-24T13:49:22Z"}, {"author": "Murray Kucherawy", "text": "

What do we want to call this?

", "time": "2025-07-24T13:49:32Z"}, {"author": "Murray Kucherawy", "text": "

The IMAP4.2 Awesomeness Profile

", "time": "2025-07-24T13:49:46Z"}, {"author": "John Klensin", "text": "

Following the prior presentation, \"nice-IMAP\" ?? :-(

", "time": "2025-07-24T13:50:06Z"}, {"author": "Mauro De Gennaro", "text": "

Have you seen this list before? https://implementations.modernemail.org/#desktop=

", "time": "2025-07-24T13:50:12Z"}, {"author": "Daniel Gillmor", "text": "

@Mauro, thanks, i hadn't seen that.

", "time": "2025-07-24T13:50:59Z"}, {"author": "John Klensin", "text": "

@Mauro. Sadly, yes.

", "time": "2025-07-24T13:51:51Z"}, {"author": "John Klensin", "text": "

@Barry +1. Forking from Rev1 will just introduce more confusion

", "time": "2025-07-24T13:56:17Z"}, {"author": "Daniel Gillmor", "text": "

+1 Bron

", "time": "2025-07-24T13:56:24Z"}, {"author": "Murray Kucherawy", "text": "

Could something like this be an applicability statement over I4v2?

", "time": "2025-07-24T13:58:35Z"}, {"author": "Murray Kucherawy", "text": "

doh!

", "time": "2025-07-24T13:58:41Z"}, {"author": "John Klensin", "text": "

If one needs to say \"rev2 didn't get this quite right\", I have no problem with that, but the references and departure point should, formally, but rev2

", "time": "2025-07-24T13:59:02Z"}, {"author": "Ricardo Signes", "text": "

I don't think it's about rev2 not getting it right, it's about \"if you're gonna do more\u2026\"

", "time": "2025-07-24T13:59:21Z"}, {"author": "John Klensin", "text": "

Either way.

", "time": "2025-07-24T13:59:41Z"}, {"author": "Alexey Melnikov", "text": "

+1 to Ricardo

", "time": "2025-07-24T13:59:54Z"}, {"author": "John Klensin", "text": "

For me, \"no opinion\" in this case translates to \"would like to see one more iteration before deciding/ adopting\"

", "time": "2025-07-24T14:03:24Z"}, {"author": "Kenneth Murchison", "text": "

@John what would you like to see in another rev?

", "time": "2025-07-24T14:03:58Z"}, {"author": "John Klensin", "text": "

Feels to me like there has been a lot of discussion today that, while useful. could point in different directions. The I4v1 versus I4v2 discussion is just one example. While, for most of those issues, I think one could build reasonable documents, I've like to have a starting point that takes a clear position on them rather than having ambiguity. That does not mean the WG could not change those decision after review, jsut that I don't think we have a clear starting point in the current draft + today's discussion

", "time": "2025-07-24T14:07:03Z"}, {"author": "John Klensin", "text": "

If I'm sufficiently in the rough about that, no problem.

", "time": "2025-07-24T14:07:41Z"}, {"author": "Pete Resnick", "text": "

Re: MTA Hooks: \"The MAILMAINT (\u201cMail Maintenance\u201d) working group will consider projects in the email space that are too small to warrant construction of a dedicated working group.\"

", "time": "2025-07-24T14:09:25Z"}, {"author": "Kenneth Murchison", "text": "

@Pete so I assume you think this is too big for this WG

", "time": "2025-07-24T14:10:05Z"}, {"author": "Murray Kucherawy", "text": "

I was thinking about this too.

", "time": "2025-07-24T14:10:07Z"}, {"author": "John Klensin", "text": "

Maybe I don't understand, but wouldn't having SMTP MTAs running over both TCP (for the actually SMTP transactions) and HTTP (for these hooks), vastly increase the attack surface for those MTAs?

", "time": "2025-07-24T14:10:40Z"}, {"author": "Pete Resnick", "text": "

Yeah. Even having a look at the website now, it's going to be pretty big to review, let alone actually do work on.

", "time": "2025-07-24T14:10:42Z"}, {"author": "Murray Kucherawy", "text": "

Pity DISPATCH already happened.

", "time": "2025-07-24T14:11:02Z"}, {"author": "Pete Resnick", "text": "

This list looks long.

", "time": "2025-07-24T14:11:30Z"}, {"author": "Ricardo Signes", "text": "

. o O ( Accepts header )

", "time": "2025-07-24T14:11:36Z"}, {"author": "Murray Kucherawy", "text": "

Original milter was indeed C-centric, but there is at least one python library now.

", "time": "2025-07-24T14:11:40Z"}, {"author": "Ricardo Signes", "text": "

Yeah, I think this is interesting work, and very much something like we're thinking about a lot at Fastmail\u2026 but seems big for mailmaint.

", "time": "2025-07-24T14:11:57Z"}, {"author": "John Klensin", "text": "

dispatch back to DISPATCH ??

", "time": "2025-07-24T14:12:35Z"}, {"author": "Kenneth Murchison", "text": "

I think yes

", "time": "2025-07-24T14:13:04Z"}, {"author": "Pete Resnick", "text": "

No need to go to DISPATCH. Bring it to an AD (Hi Andy!) and BOF it.

", "time": "2025-07-24T14:13:32Z"}, {"author": "Pete Resnick", "text": "

DISPATCH ain't required.

", "time": "2025-07-24T14:13:45Z"}, {"author": "Murray Kucherawy", "text": "

I'd like to hear why more MTAs don't implement milter.

", "time": "2025-07-24T14:13:53Z"}, {"author": "John Klensin", "text": "

@Pete: that, of course, would work too.

", "time": "2025-07-24T14:14:00Z"}, {"author": "Andrew Newton", "text": "

@pete with friends like you... :)

", "time": "2025-07-24T14:14:09Z"}, {"author": "Murray Kucherawy", "text": "

The two main open source ones did; why wouldn't the commercial ones?

", "time": "2025-07-24T14:14:19Z"}, {"author": "Jim Fenton", "text": "

There's nothing magic about DISPATCH. The people in the room here have all the expertise needed to decide what to do.

", "time": "2025-07-24T14:14:53Z"}, {"author": "Andrew Newton", "text": "

I suppose we could mini-dispatch here.

", "time": "2025-07-24T14:14:55Z"}, {"author": "Murray Kucherawy", "text": "

Also milter has years of production experience.

", "time": "2025-07-24T14:15:13Z"}, {"author": "Arnt Gulbrandsen", "text": "

What's the name of the protocol that was like milter and this?

", "time": "2025-07-24T14:16:05Z"}, {"author": "Murray Kucherawy", "text": "

Didn't know there was one.

", "time": "2025-07-24T14:16:25Z"}, {"author": "Daniel Gillmor", "text": "

OPES?

", "time": "2025-07-24T14:16:28Z"}, {"author": "Daniel Gillmor", "text": "

https://datatracker.ietf.org/wg/opes/history/

", "time": "2025-07-24T14:16:51Z"}, {"author": "Daniel Gillmor", "text": "

before my time as well

", "time": "2025-07-24T14:17:08Z"}, {"author": "Andrew Newton", "text": "

I do have the requirement that an I-D must be submitted before considering a BoF.

", "time": "2025-07-24T14:17:32Z"}, {"author": "Murray Kucherawy", "text": "

I thought sendmail implemented output milters too, but I've lost track of whether that ever got into the released code.

", "time": "2025-07-24T14:17:35Z"}, {"author": "Murray Kucherawy", "text": "

@Andy: ack

", "time": "2025-07-24T14:17:47Z"}, {"author": "Pete Resnick", "text": "

I'd completely forgotten about OPES. Don't know that they want to start over that far, but interesting.

", "time": "2025-07-24T14:18:37Z"}, {"author": "Murray Kucherawy", "text": "

I can try to help people who are stuck with milter. Been using it for a long time.

", "time": "2025-07-24T14:18:44Z"}, {"author": "Jim Fenton", "text": "

@Andy DISPATCH has that requirement before dispatching too

", "time": "2025-07-24T14:19:07Z"}, {"author": "Andrew Newton", "text": "

sounds like we have dispatched to wg-forming BoF

", "time": "2025-07-24T14:20:13Z"}, {"author": "Andrew Newton", "text": "

but would appreciate if the chairs could judge that

", "time": "2025-07-24T14:20:28Z"}, {"author": "Murray Kucherawy", "text": "

@Andy: I think we've concluded that we're not doing it here. This group can't dispatch things, so I think that's where we leave it.

", "time": "2025-07-24T14:21:28Z"}, {"author": "Pete Resnick", "text": "

But I think you've come to the correct conclusion Andy.

", "time": "2025-07-24T14:22:28Z"}, {"author": "Andrew Newton", "text": "

@murray I would think the chairs can judge consensus on discussions in their wg. :)

", "time": "2025-07-24T14:22:32Z"}, {"author": "Pete Resnick", "text": "

(Andy doesn't want to be judgy.)

", "time": "2025-07-24T14:22:53Z"}, {"author": "Alexey Melnikov", "text": "

And Andy has at least 3 candidates to co-chair the BOF

", "time": "2025-07-24T14:24:22Z"}, {"author": "Murray Kucherawy", "text": "

We'd have to confirm it on the list, right?

", "time": "2025-07-24T14:24:31Z"}, {"author": "Murray Kucherawy", "text": "

So if you want to wait, then sure. :)

", "time": "2025-07-24T14:24:41Z"}, {"author": "Alexey Melnikov", "text": "

It would be hard to un-BOF this on the mailing list, but yes!

", "time": "2025-07-24T14:25:36Z"}, {"author": "Ricardo Signes", "text": "

We have links to the docs on this?

", "time": "2025-07-24T14:27:25Z"}, {"author": "Ricardo Signes", "text": "

https://datatracker.ietf.org/doc/html/draft-gallagher-email-unobtrusive-signatures-01 maybe

", "time": "2025-07-24T14:27:44Z"}, {"author": "Kenneth Murchison", "text": "

@rik I added it to the WG document list

", "time": "2025-07-24T14:27:50Z"}, {"author": "Daniel Gillmor", "text": "

thx

", "time": "2025-07-24T14:27:56Z"}, {"author": "Murray Kucherawy", "text": "

Actually (still on hooks), the minutes will reflect the room's temperature on that question, so we can just confirm that on the list and then Andy has his answer.

", "time": "2025-07-24T14:28:21Z"}, {"author": "Andrew Newton", "text": "

@murray let's talk after

", "time": "2025-07-24T14:28:23Z"}, {"author": "John Klensin", "text": "

@Pete: +1

", "time": "2025-07-24T14:29:52Z"}, {"author": "Ricardo Signes", "text": "

@murch thanks

", "time": "2025-07-24T14:30:08Z"}, {"author": "Alexey Melnikov", "text": "

Ossification of MIME\u2026

", "time": "2025-07-24T14:30:19Z"}, {"author": "Daniel Gillmor", "text": "

thanks all!

", "time": "2025-07-24T14:31:37Z"}, {"author": "Ricardo Signes", "text": "

:wave:

", "time": "2025-07-24T14:31:38Z"}]