[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-grip-isp-expectations-04.txt

To: "Jeffrey I. Schiller" <jis@MIT.EDU>, Randy Bush <randy@psg.com>
Subject: Re: Comments on draft-ietf-grip-isp-expectations-04.txt
From: Tom Killalea <tomk@neart.org>
Date: Tue, 15 Aug 2000 10:40:06 -0700
Cc: Bill Woodcock <woody@zocalo.net>, grip-wg@uu.net
Comment: grip-wg mailing list add/drop requests to Majordomo@TransSys.COM
In-reply-to: <398B21D7.5309F90A@mit.edu>
References: <Pine.SOL.3.96.1000804090425.157F-100000@secure> <398B21D7.5309F90A@mit.edu>

ISSUE 1: Open Mail Relay

Jeffrey I. Schiller wrote:

>Bill Woodcock wrote:
>
>> I'd rather see the definition of "open relay" made less
>> technology-specific, but the injunction left in place.
>
>The real problem is with the definition of "open relay." I agree that we 
>need to discourage the scourge that is spam. However many of the anti-spam 
>vigilantes use an overly simple definition of "open relay" which precludes 
>systems that are more open then their definition. I would rather the IETF 
>not preclude such systems.
>
>                -Jeff

I don't think it's possible to come up with an acceptable "less
technology-specific" definition of "open relay", and I agree with Jeff's
concerns, and so would like to drop the definition altogether.  

To do so I'd like to 

  1) drop the first sentence of section 5.3, and 
  2) change the second sentence from "Such open relays" to "Open relays"
________________________________________________________________________
ISSUE 2: Appropriate Use Policy

Jeffrey I. Schiller wrote:

>>3 Appropriate Use Policy
>
>I would remove this entire section. It is completely about policy and
>not technical standards. Furthermore the policy it promulgates is a
>very simple and limited view. It doesn't recognize the notion that an
>AUP may be subject to negotiation between ISP and customer. For
>example how do you publicize a policy if some customers have
>negotiated exemptions or special provisions.

The intent is to state the desirability of an AUP (without getting 
into specifics of what should go in it) and proceed then with an
explanation of what an AUP is - this is basically lifted straight from 
section 2.1.2 of rfc2196 ("Site Security Handbook").  The example is 
changed to make it more relevant to the audience at hand.  I think the
section should be retained, and I like that it echoes rfc2196.  I'm open
to persuasion.
________________________________________________________________________
ISSUE 3: BGP Authentication

I agree with the IESG suggestion to capitalise SHOULD, thus we get

 BGP authentication [RFC2385] SHOULD be used with routing peers.

Tom.

Follow-Ups:
- Re: Comments on draft-ietf-grip-isp-expectations-04.txt
  - From: Barbara Fraser <byfraser@cisco.com>

References:
- Re: Comments on draft-ietf-grip-isp-expectations-04.txt
  - From: Bill Woodcock <woody@zocalo.net>
- Re: Comments on draft-ietf-grip-isp-expectations-04.txt
  - From: "Jeffrey I. Schiller" <jis@MIT.EDU>

Prev by Date: iesg comments on draft-ietf-grip-isp-expectations-04.txt
Next by Date: Re: Comments on draft-ietf-grip-isp-expectations-04.txt
Previous by thread: Re: Comments on draft-ietf-grip-isp-expectations-04.txt
Next by thread: Re: Comments on draft-ietf-grip-isp-expectations-04.txt
Index(es):
- Date
- Thread