[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on draft-ietf-grip-isp-expectations-04.txt
ISSUE 1: Open Mail Relay
Jeffrey I. Schiller wrote:
>Bill Woodcock wrote:
>
>> I'd rather see the definition of "open relay" made less
>> technology-specific, but the injunction left in place.
>
>The real problem is with the definition of "open relay." I agree that we
>need to discourage the scourge that is spam. However many of the anti-spam
>vigilantes use an overly simple definition of "open relay" which precludes
>systems that are more open then their definition. I would rather the IETF
>not preclude such systems.
>
> -Jeff
I don't think it's possible to come up with an acceptable "less
technology-specific" definition of "open relay", and I agree with Jeff's
concerns, and so would like to drop the definition altogether.
To do so I'd like to
1) drop the first sentence of section 5.3, and
2) change the second sentence from "Such open relays" to "Open relays"
________________________________________________________________________
ISSUE 2: Appropriate Use Policy
Jeffrey I. Schiller wrote:
>>3 Appropriate Use Policy
>
>I would remove this entire section. It is completely about policy and
>not technical standards. Furthermore the policy it promulgates is a
>very simple and limited view. It doesn't recognize the notion that an
>AUP may be subject to negotiation between ISP and customer. For
>example how do you publicize a policy if some customers have
>negotiated exemptions or special provisions.
The intent is to state the desirability of an AUP (without getting
into specifics of what should go in it) and proceed then with an
explanation of what an AUP is - this is basically lifted straight from
section 2.1.2 of rfc2196 ("Site Security Handbook"). The example is
changed to make it more relevant to the audience at hand. I think the
section should be retained, and I like that it echoes rfc2196. I'm open
to persuasion.
________________________________________________________________________
ISSUE 3: BGP Authentication
I agree with the IESG suggestion to capitalise SHOULD, thus we get
BGP authentication [RFC2385] SHOULD be used with routing peers.
Tom.