MARID


MARID was an IETF working group in the applications area tasked to propose standards for E-mail authentication in 2004. The name is an acronym of MTA Authorization Records In DNS.

Background

Lightweight MTA Authentication Protocol (LMAP) was a generic name for a set of 'designated sender' proposals that were discussed in the ASRG in the Fall of 2003, including:

These schemes attempt to list the valid IP addresses that can send mail for a domain. The lightweight in LMAP essentially stands for no crypto as opposed to DomainKeys.

In March 2004, the Internet Engineering Task Force IETF held a BoF on these proposals and as the result of that meeting, chartered the MARID working group.

Microsoft's Caller-ID proposal was a late and highly controversial addition to this mix, with the following features:

For many the use of RFC 2822 mail header fields is already beyond the lightweight LMAP limits, because it operates on the SMTP DATA, or in other words the mail. In this sense Caller-ID started outside of its class.

Proceedings

The working group (WG) co-Chairs decided to postpone the question of RFC 2821 SMTP identities - i.e. MAIL FROM covered by SPF, or HELO covered by CSV and SPF - in favour of RFC 2822 identities covered by Caller-ID's and later Sender-ID's Purported Responsible Address (PRA).

The WG finally arrived at a point, where sender policies could be split into different scopes like the 2821 MAIL FROM or the 2822 PRA. The MARID spf2.0 syntax also allowed to join different scopes into one policy record, if the sets of permitted IPs are identical, as it's often the case.

Less than a week after the publication of a first mfrom or MAIL FROM draft the WG was terminated unilaterally by its leadership. MARID existed only seven months, no RFCs were published.

A podcast with a former co-Chair tries to explain the MARID fiasco. Another view of these events is the observation that the WG did not support a division of the E-mail authentication field into PRA for 2822 and CSV for 2821, squeezing out the MAIL FROM.

The responsible IETF Area Director agreed to sponsor the publication of some MARID fallout as IETF experiments, this happened in 2005. Both classic pre-MARID SPF and Sender ID were approved as experimental RFCs. The latter is to a certain degree a result of MARID.

The ongoing disputes on technical issues and incompatibilities in Sender ID resulted later in appeals to the IESG and the IAB.

External links

This article is issued from Wikipedia - version of the 9/5/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.