CircleID

A recent press release from the Internet Society reports that the IETF will shortly publish specifications of SPF and Sender-ID in the RFC series. What does this mean for the future? Not much.

More than 4000 documents have been published in the RFC series since the first RFC in 1969, relatively few of which have evolved into Internet standards. Each RFC is characterized when published as standards-track, best current practice, informational, experimental, or historical. These four RFCs, three describing Sender ID and one describing SPF, are all experimental.

Last year's MARID process conspicuously failed to approach the consensus that the IETF requires for standardization, which is the primary reason that the MARID group shut down. Nobody (except perhaps a few hopeful souls at Microsoft) expects anything MARID-like to move forward in the IETF. Yet there's no question that SPF and Sender ID exist and are each in somewhat wide use, and there's been quite a lot of data collected on their strengths and weaknesses. These RFCs are basically a final detail of MARID, to document what it did, even though it didn't get anywhere close to moving anything toward standardization.

Even though this release comes hard on the heels of Microsoft's new policy that everyone sending mail to Hotmail or MSN will have to identify it with Sender ID, I don't see any connection. These documents have been working their way through the RFC process since February. Before any RFC can be published, it undergoes editorial review and needs editorial approval from members of the IESG (Internet Engineering Steering Group.) The progress of the review and approval process is documented, here for SPF and here for Sender ID, and they were about done in late May, with a few minor tweaks just completed.

By John Levine, Author, Consultant & Speaker. Visit the blog maintained by John Levine here.

Related topics: Spam