[10:41:12] aka joins the room [10:43:34] Ellen Siegel joins the room [10:53:22] mtcarrasco joins the room [10:54:57] sam.silberman joins the room [10:58:32] Barry Leiba joins the room [10:58:43] doug.otis joins the room [10:59:54] Hi, Ellen. [11:00:44] hi [11:00:50] volume is very low... [11:01:13] spturner joins the room [11:01:21] fujiwara joins the room [11:01:50] it got better just after I said it... maybe you got closer to the mike [11:02:19] =JeffH joins the room [11:04:10] sm joins the room [11:04:14] fenton joins the room [11:04:18] Alessandro Vesely joins the room [11:04:40] fenton leaves the room [11:06:20] fenton joins the room [11:06:40] zzzzzzzz... [11:06:52] J.D. Falk joins the room [11:07:47] Hi, Jim. [11:07:58] Steffi joins the room [11:08:39] Audio sounds good [11:10:50] Do the rules for progression to Draft require any particular amount of usage for these features? [11:11:23] Or do the interoperability tests prove interoperability? [11:13:28] The problem with z= is that the spec basically says "this is informational, don't act on this" so interoperability is a bit problematic... [11:15:40] "if it isn't properly ignored, then..." [11:20:38] I'm not clear on what sort of data you're looking for, sorry. [11:21:43] I have published some info on failures at http://blogs.cisco.com/security/comments/common_errors_causing_dkim_verification_failures/ [11:22:39] Usage data at http://blogs.cisco.com/news/comments/growth_in_dkim_signing_continues/ [11:23:20] spturner leaves the room [11:24:13] I have a little ADSP data...hang on... [11:25:21] We have seen 205 domains publishing unknown [11:25:30] 135 domains publishing All [11:25:38] 63 domains publishing Discardable [11:25:55] as of May [11:26:09] Sorry, haven't blogged that data [11:26:19] tonyhansen joins the room [11:28:23] lef joins the room [11:28:53] yoav.nir joins the room [11:29:56] Melinda joins the room [11:30:15] Melinda leaves the room [11:32:08] +1 to everything Barry just said, except that he said it as Chair and doesn't need +1s [11:32:38] I keep looking at the acronym MLM and thinking "Multi-level marketing", one of the things that some spam is trying to promote :-) [11:32:53] yeah, me too [11:35:09] Spamassassin does act on All by implying an increment to its evaluation score [11:39:31] Lots of domains are giving their third-party mailers keys for their domain, haven't heard of any problems doing that. [11:39:50] The keys are easy to revoke if the outside party misbehaves [11:40:32] TPA-Label needs no prior arrangement [11:41:09] Not to mailing lists...to ESPs [11:42:00] yeah, just similar to SPF's "include" mechanism... [11:42:24] How would a domain like Cisco be able to publish all of the mailing list domains that our employees subscribe to? [11:42:50] no way, AFAIK [11:43:20] Chris Waigl joins the room [11:44:05] we don't have any idea what domains to list though. [11:44:25] lef_jp joins the room [11:44:45] As you say, this is for informal services...but publishing a list basically changes that by formalizing it. [11:47:16] "Scope Method Breakdown" [11:47:32] Murray is right...we tried a whole bunch of different approaches to subdomain coverage in SSP/ADSP, and none were acceptable. [11:49:11] Melinda joins the room [11:49:18] Melinda leaves the room [11:49:35] Does this draft have a normative dependency on SPF? [11:49:50] nope [11:50:12] I don't think we need to worry about that until/if it gets close to becoming an RFC. [11:50:27] "Cryptographic Path Check" [11:51:12] lef leaves the room [11:51:55] sorry, it actually has a reference to SPF [11:51:59] "DKIM ABNF for list" [11:52:28] "ADSP ABNF for dkim tag" [11:53:12] lef_jp leaves the room [11:53:30] "TPA-Label dkim tag values" [11:55:08] "Label Generation Definition" [11:56:44] yoav.nir leaves the room [11:56:47] [eof] [11:58:04] doug.otis leaves the room [12:08:04] wide awake here in Boston :) [12:08:14] lef_jp joins the room [12:11:22] mtcarrasco leaves the room [12:11:25] (clap, clap) [12:11:39] Please use the microphone for the crap discussion too [12:12:21] TLS sounds like the right solution to me, too. [12:12:27] Why not encrypt as well? [12:14:06] Steffi leaves the room [12:15:11] Does the reputation need to have a scope then...email reputation vs. reputation for something else then? [12:17:00] sftcd joins the room [12:19:39] VBR only does "positive" reputation, while email mostly brings negative feedback... [12:19:47] Barry Leiba leaves the room [12:22:05] I wasn't aware that spamassassin had any visibility into selector names... [12:22:37] will you post the result to the dkim list? [12:22:41] I agree. Domain based rep systems are useful for positive reputation. Less useful for negative rep. If I am a bad guy and get a neg rep, I will just buy a new domain and start again.. [12:22:52] What I meant by a scope was that you need to be able to key the query on your scope [12:23:24] Sam: +1 [12:23:52] Ellen, who was your question directed to? [12:23:52] <=JeffH> i think the notion of "scope" is quite important when talking about "reputation" [12:24:12] lef_jp leaves the room [12:24:52] lef_jp joins the room [12:25:53] I think the CRAP pre-BoF is over [12:26:02] sm leaves the room [12:26:06] :-) [12:27:57] Alessandro Vesely leaves the room [12:28:16] J.D. Falk leaves the room [12:28:31] bye, all [12:28:40] fenton leaves the room [12:28:50] sam.silberman leaves the room [12:31:19] Chris Waigl leaves the room [12:35:42] lef_jp leaves the room [12:36:22] mccreary joins the room [12:36:58] mccreary leaves the room [12:38:22] =JeffH leaves the room [12:43:12] sftcd leaves the room [12:58:50] tonyhansen leaves the room [13:01:51] Ellen Siegel leaves the room [13:08:15] sftcd joins the room [13:16:43] aka leaves the room [13:37:49] john.levine joins the room [13:38:07] john.levine leaves the room [13:39:17] sftcd leaves the room [13:53:54] aka joins the room [13:54:05] aka leaves the room [14:12:45] J.D. Falk joins the room [14:14:30] J.D. Falk has set the subject to: DKIM WG at IETF 78 (concluded) [14:14:36] J.D. Falk leaves the room [16:03:32] fujiwara leaves the room